|
1910a04a
|
2016-12-30T12:42:42
|
|
winhttp: set proper cert failure error messages
Set up a WinHTTP status callback; inspect the WinHTTP status for
WINHTTP_CALLBACK_STATUS_SECURE_FAILURE, and convert the status code
to a useful message for callers.
|
|
4e4a1460
|
2016-12-30T12:13:34
|
|
WinHTTP: support best auth mechanism
For username/password credentials, support NTLM or Basic (in that order
of priority). Use the WinHTTP built-in authentication support for both,
and maintain a bitfield of the supported mechanisms from the response.
|
|
a6d833a2
|
2017-01-13T17:05:58
|
|
Merge pull request #4049 from libgit2/ethomson/error_msgs
giterr_set: consistent error messages
|
|
6850b516
|
2017-01-06T17:12:16
|
|
Merge branch '25_smartpktparse' into maint/v0.25
|
|
2fdef641
|
2016-11-15T11:44:51
|
|
smart_pkt: treat empty packet lines as error
The Git protocol does not specify what should happen in the case
of an empty packet line (that is a packet line "0004"). We
currently indicate success, but do not return a packet in the
case where we hit an empty line. The smart protocol was not
prepared to handle such packets in all cases, though, resulting
in a `NULL` pointer dereference.
Fix the issue by returning an error instead. As such kind of
packets is not even specified by upstream, this is the right
thing to do.
|
|
66e3774d
|
2016-11-15T11:36:27
|
|
smart_pkt: verify packet length exceeds PKT_LEN_SIZE
Each packet line in the Git protocol is prefixed by a four-byte
length of how much data will follow, which we parse in
`git_pkt_parse_line`. The transmitted length can either be equal
to zero in case of a flush packet or has to be at least of length
four, as it also includes the encoded length itself. Not
checking this may result in a buffer overflow as we directly pass
the length to functions which accept a `size_t` length as
parameter.
Fix the issue by verifying that non-flush packets have at least a
length of `PKT_LEN_SIZE`.
|
|
9a64e62f
|
2016-12-21T21:24:33
|
|
http: check certificate validity before clobbering the error variable
|
|
909d5494
|
2016-12-29T12:25:15
|
|
giterr_set: consistent error messages
Error messages should be sentence fragments, and therefore:
1. Should not begin with a capital letter,
2. Should not conclude with punctuation, and
3. Should not end a sentence and begin a new one
|
|
fafafb1f
|
2016-12-20T16:19:30
|
|
http: bump the pretend git version in the User-Agent
We want to keep the git UA in order for services to recognise that we're
a Git client and not a browser. But in order to stop dumb HTTP some
services have blocked UAs that claim to be pre-1.6.6 git.
Thread these needles by using the "git/2.0" prefix which is still close
enough to git's yet distinct enough that you can tell it's us.
|
|
34b32053
|
2016-11-25T15:02:34
|
|
Fix potential use of uninitialized values
|
|
482d1748
|
2016-11-25T15:01:35
|
|
transports: smart: do not redeclare loop counters
|
|
62494bf2
|
2016-11-02T09:38:40
|
|
transports: smart: abort receiving packets on end of stream
When trying to receive packets from the remote, we loop until
either an error distinct to `GIT_EBUFS` occurs or until we
successfully parsed the packet. This does not honor the case
where we are looping over an already closed socket which has no
more data, leaving us in an infinite loop if we got a bogus
packet size or if the remote hang up.
Fix the issue by returning `GIT_EEOF` when we cannot read data
from the socket anymore.
|
|
61530c49
|
2016-11-01T16:56:07
|
|
transports: smart: abort ref announcement on early end of stream
When reading a server's reference announcements via the smart
protocol, we expect the server to send multiple flushes before
the protocol is finished. If we fail to receive new data from the
socket, we will only return an end of stream error if we have not
seen any flush yet.
This logic is flawed in that we may run into an infinite loop
when receiving a server's reference announcement with a bogus
flush packet. E.g. assume the last flushing package is changed to
not be '0000' but instead any other value. In this case, we will
still await one more flush package and ignore the fact that we
are not receiving any data from the socket, causing an infinite
loop.
Fix the issue by always returning `GIT_EEOF` if the socket
indicates an end of stream.
|
|
b1453601
|
2016-08-17T11:38:26
|
|
transports: http: reset `connected` flag when closing transport
|
|
c4cba4e9
|
2016-08-17T11:00:05
|
|
transports: http: reset `connected` flag when re-connecting transport
When calling `http_connect` on a subtransport whose stream is already
connected, we first close the stream in case no keep-alive is in use.
When doing so, we do not reset the transport's connection state,
though. Usually, this will do no harm in case the subsequent connect
will succeed. But when the connection fails we are left with a
substransport which is tagged as connected but which has no valid
stream attached.
Fix the issue by resetting the subtransport's connected-state when
closing its stream in `http_connect`.
|
|
bdec62dc
|
2016-07-06T13:06:25
|
|
remove conditions that prevent use of custom TLS stream
|
|
6c9eb86f
|
2016-06-19T11:46:43
|
|
HTTP authentication scheme name is case insensitive.
|
|
2a09de91
|
2016-06-14T04:33:55
|
|
Merge pull request #3816 from pks-t/pks/memory-leaks
Memory leak fixes
|
|
43c55111
|
2016-06-07T14:14:07
|
|
winhttp: plug several memory leaks
|
|
7d02019a
|
2016-06-06T12:59:17
|
|
transports: smart: fix potential invalid memory dereferences
When we receive a packet of exactly four bytes encoding its
length as those four bytes it can be treated as an empty line.
While it is not really specified how those empty lines should be
treated, we currently ignore them and do not return an error when
trying to parse it but simply advance the data pointer.
Callers invoking `git_pkt_parse_line` are currently not prepared
to handle this case as they do not explicitly check this case.
While they could always reset the passed out-pointer to `NULL`
before calling `git_pkt_parse_line` and determine if the pointer
has been set afterwards, it makes more sense to update
`git_pkt_parse_line` to set the out-pointer to `NULL` itself when
it encounters such an empty packet. Like this it is guaranteed
that there will be no invalid memory references to free'd
pointers.
As such, the issue has been fixed such that `git_pkt_parse_line`
always sets the packet out pointer to `NULL` when an empty packet
has been received and callers check for this condition, skipping
such packets.
|
|
375bb2fe
|
2016-04-21T11:02:31
|
|
transport: cast away constness for free
|
|
0d72f67f
|
2016-03-14T17:36:04
|
|
proxy: don't specify the protocol in the type
We leave this up to the scheme in the url field. The type should only
tell us about whether we want a proxy and whether we want to auto-detect
it.
|
|
bf6f7ad2
|
2015-09-30T17:42:53
|
|
winhttp: correctly detect HTTPS usage
|
|
b373e9a6
|
2015-09-21T22:38:50
|
|
net: use proxy options struct in the stream config
|
|
22e6aa0d
|
2015-09-23T04:39:05
|
|
proxy: don't require the trailing slash on WinHTTP
The path is not something that you use for proxies, so make use of the
new optionality of the path when extracting URL parts.
|
|
b117721d
|
2015-07-29T21:23:56
|
|
proxy: use poxy to test our Windows proxy support
|
|
07bd3e57
|
2015-05-07T12:57:56
|
|
proxy: ask the user for credentials if necessary
|
|
d4763c98
|
2016-03-24T06:56:25
|
|
Merge pull request #3574 from chescock/buffer-sideband-pack-data
Buffer sideband packet data
|
|
9028a8a2
|
2016-03-08T10:16:37
|
|
Only buffer if necessary.
|
|
b7809b84
|
2016-03-08T13:38:55
|
|
Merge pull request #3555 from cbargren/ssh-git-protocols
Support for ssh+git and git+ssh protocols
|
|
22f3d3aa
|
2016-03-03T22:26:31
|
|
ssh: initialize libssh2
We should have been doing this, but it initializes itself upon first
use, which works as long as nobody's doing concurrent network
operations. Initialize it on our init to make sure it's not getting
initialized concurrently.
|
|
a4cba9d4
|
2016-03-03T10:48:24
|
|
winhttp: retry authentication
If the caller has provided bad authentication, give them another
apportunity to get it right until they give up. This brings WinHTTP in
line with the other transports.
|
|
003c5e46
|
2016-02-22T15:52:49
|
|
transports: smart_pkt: fix memory leaks on error paths
|
|
6e2a3755
|
2016-02-23T11:45:43
|
|
smart_pkt: check buffer with GITERR_CHECK_ALLOC_BUF
|
|
b0f7512f
|
2016-02-15T11:46:10
|
|
transports: smart_pkt: fix memory leaks
|
|
704554cd
|
2016-02-15T11:37:48
|
|
transports: smart: fix memory leak on OOM path
|
|
9ce0399c
|
2016-02-12T10:27:05
|
|
winhttp: use an unsigned iterator
|
|
5c7f2f01
|
2016-01-19T11:13:23
|
|
winhttp: name mangle class / iid on mingw
Standard Windows type systems define CLSID_InternetSecurityManager
and IID_IInternetSecurityManager, but MinGW lacks these definitions.
As a result, we must hardcode these definitions ourselves. However,
we should not use a public struct with those names, lest another
library do the same thing and consumers cannot link to both.
|
|
a7d9d93d
|
2016-01-11T17:09:32
|
|
Buffer sideband packet data
The inner packet may be split across multiple sideband packets.
|
|
4df17045
|
2015-12-28T07:43:24
|
|
Removing #define for SSH_PREFIX_COUNT and using ARRAY_SIZE instead
Also moving var declarations to top of blocks to support bad old compilers
|
|
02fdc2db
|
2015-12-26T17:17:05
|
|
ssh_stream_read(): fix possible *bytes_read < 0 branch
Fix the possibility of returning successfully from ssh_stream_read()
with *bytes_read < 0. This would occur if stdout channel read resulted
in 0, and stderr channel read failed afterwards.
|
|
ed21fd74
|
2015-12-22T10:38:31
|
|
Handle git+ssh:// and ssh+git:// protocols support
|
|
efd9ab56
|
2015-11-20T11:26:26
|
|
Treat GIT_PASSTHROUGH as though git_cred_acquire_cb isn't set.
|
|
1411cb9e
|
2015-10-02T03:57:14
|
|
winhttp: use a custom user-agent if the user has set it
We also keep the "git/1.0" prefix in order to maintain compatibility
with hosters.
|
|
94bac76c
|
2015-10-02T03:46:34
|
|
http: use a custom user-agent if the user has set it
We still prefix it with "git/1.0" since that's required in many
situations, but we replace the area which mentions libgit2.
|
|
e0be1d60
|
2015-10-30T18:23:17
|
|
git: put NULL check at the top
|
|
45d295e0
|
2015-10-30T17:51:50
|
|
git: accept NULL as argument to its stream free
|
|
72b7c570
|
2015-09-30T09:17:18
|
|
Merge pull request #3411 from spraints/custom-push-headers
Include custom HTTP headers
|
|
d7375662
|
2015-09-25T10:16:16
|
|
Copy custom_headers insteach of referencing the caller's copy
|
|
d16c1b97
|
2015-09-24T10:30:37
|
|
These can be static
|
|
e60db3c7
|
2015-09-24T09:24:10
|
|
Revise custom header error messages
If the header doesn't look like a header (e.g. if it doesn't have a ":"
or if it has newlines), report "custom HTTP header '%s' is malformed".
If the header has the same name as a header already set by libgit2 (e.g.
"Host"), report "HTTP header '%s' is already set by libgit2".
|
|
63cc5723
|
2015-09-24T09:13:05
|
|
Don't null-check
|
|
098f1e6e
|
2015-09-24T09:09:48
|
|
Use an array of forbidden custom headers
|
|
3245896b
|
2015-09-10T13:18:26
|
|
Add a test for custom header validation
Also, *some* custom headers actually are valid.
|
|
66d90e70
|
2015-09-10T09:14:20
|
|
More specific names
|
|
8c876fa9
|
2015-09-10T09:11:16
|
|
Validate custom http headers
|
|
35969c68
|
2015-09-10T08:58:23
|
|
Ignore NULL headers
|
|
6c21211c
|
2015-09-09T13:59:38
|
|
Merge pull request #3379 from theseion/additional_libssh2_error_reporting
report libssh2 error if list of authentication methods can't be retrieved
|
|
c82c2ba6
|
2015-09-08T14:17:59
|
|
o i
|
|
80ee2543
|
2015-09-08T13:38:22
|
|
Teach winhttp about the extra headers
|
|
276f6aa0
|
2015-09-08T14:00:37
|
|
Hook up the custom_headers to the http transport
|
|
24f5b4e1
|
2015-09-08T13:34:42
|
|
Drop extra_http_headers from git_remote
|
|
59d6128e
|
2015-09-04T09:36:50
|
|
Allow the world to set HTTP headers for remotes
|
|
ac9b5127
|
2015-09-04T09:20:45
|
|
Pull extra_http_headers from the git_remote
|
|
6af6e690
|
2015-09-04T09:18:32
|
|
Put the extra headers on the connection_data instead
|
|
c3733e56
|
2015-09-04T08:56:26
|
|
Add more headers to HTTP requests
|
|
19475924
|
2015-08-25T00:39:58
|
|
Merge pull request #3355 from palmin/palmin/fix-2830
Include the 4 characters not recognised as hex-number in parse_len
|
|
57af0b92
|
2015-08-19T00:46:28
|
|
cred: add a free function wrapper
|
|
47ed7e5a
|
2015-08-18T20:55:59
|
|
transport: provide a way to get the callbacks
libgit2 implementations of smart subtransports can simply reach through
the structure, but external implementors cannot.
Add these two functions as a way for the smart subtransports to get the
callbacks as set by the user.
|
|
2d1d2bb5
|
2015-08-05T18:50:25
|
|
Include the 4 characters not recognised as hex-number when setting error in parse_len
|
|
252f86e1
|
2015-08-15T13:46:32
|
|
Merge pull request #3377 from dleehr/fix-push-cb
Fix bug in git_smart__push: push_transfer_progress cb is only called at end
|
|
11bca2d2
|
2015-08-15T18:15:23
|
|
http: propagate the credentials callback's error code
When we ask for credentials, the user may choose to return EUSER to
indicate that an error has happened on its end and it wants to be given
back control.
We must therefore pass that back to the user instead of mentioning that
it was on_headers_complete() that returned an error code. Since we can,
we return the exact error code from the user (other than PASSTHROUGH)
since it doesn't cost anything, though using other error codes aren't
recommended.
|
|
241414ee
|
2015-08-14T15:42:59
|
|
added a single line of additional error reporting from libssh2 when failing to retrieve the list of authentication methods
|
|
b0b2c722
|
2015-08-13T22:52:52
|
|
Fix bug in git_smart__push: push_transfer_progress cb is never called
The conditional checked cbs->transfer_progress then used the value in cbs->push_transfer_progress. In both cases it should be push_transfer_progress
|
|
ac728c24
|
2015-08-03T07:38:07
|
|
Handle ssh:// and git:// urls containing a '~' character.
For such a path '/~/...' the leading '/' is stripped so the server will
get a path starting with '~' and correctly handle it.
|
|
31a76374
|
2015-07-29T22:23:00
|
|
case-insensitive check for WWW-Authenticate header
Fixes issue #3338
|
|
f861abad
|
2015-07-12T19:56:19
|
|
Merge branch 'portable-zu'
|
|
768f8be3
|
2015-06-30T19:00:41
|
|
Fix #3094 - improve use of portable size_t/ssize_t format specifiers.
The header src/cc-compat.h defines portable format specifiers PRIuZ, PRIdZ, and PRIxZ. The original report highlighted the need to use these specifiers in examples/network/fetch.c. For this commit, I checked all C source and header files not in deps/ and transitioned to the appropriate format specifier where appropriate.
|
|
79698030
|
2015-06-29T22:51:18
|
|
git_cert: child types use proper base type
|
|
2f60073d
|
2015-06-30T21:40:20
|
|
Merge pull request #3273 from ethomson/warnings3
More warnings
|
|
1630981e
|
2015-06-30T09:03:23
|
|
http: fixed leak when asking for credentials again
t->cred might have been allocated the previous time and needs to be
freed before asking caller for credentials again.
|
|
0305721c
|
2015-06-30T14:23:41
|
|
winhttp: remove unused var
|
|
8b380060
|
2015-06-29T21:12:44
|
|
http: don't give up on auth on the first try
When the server rejects an authentication request, ask the caller for
the credentials again, instead of giving up on the first try.
|
|
8443f492
|
2015-06-11T16:57:04
|
|
curl: remove the encrypted param to the constructor
We do not want libcurl to perform the TLS negotiation for us, so we
don't need to pass this option.
|
|
f97d5d09
|
2015-06-11T16:54:48
|
|
http: ask for the curl stream for non-encrypted connections
The TLS streams talk over the curl stream themselves, so we don't need
to ask for it explicitly. Do so in the case of the non-encrypted one so
we can still make use proxies in that case.
|
|
8762d721
|
2015-06-07T14:51:10
|
|
http: set the proxy if the stream supports it
Of the built-in ones, only cURL support it, but there's no reason a
user-provided stream wouldn't support it.
|
|
8dea1c21
|
2015-06-05T11:02:11
|
|
Implement a curl stream
cURL has a mode in which it acts a lot like our streams, providing send
and recv functions and taking care of the TLS and proxy setup for us.
Implement a new stream which uses libcurl instead of raw sockets or the
TLS libraries directly. This version does not support reporting
certificates or proxies yet.
|
|
a166466c
|
2015-06-09T17:06:28
|
|
Merge pull request #3198 from libgit2/cmn/coverity
A few fixes from Coverity
|
|
81be2f46
|
2015-06-09T16:01:29
|
|
ssh: move NULL check to the free function
Let `ssh_stream_free()` take a NULL stream, as free functions should,
and remove the check from the connection setup.
The connection setup would not need the check anyhow, as we always have
a stream by the time we reach this code.
|
|
fdb82dcd
|
2015-06-07T15:10:13
|
|
Merge pull request #3175 from git-up/build_warnings
Fixed build warnings on Xcode 6.1
|
|
9f3c18e2
|
2015-06-02T08:36:15
|
|
Fixed build warnings on Xcode 6.1
|
|
d71e3b25
|
2015-06-02T10:23:54
|
|
Change error when running out of ssh agent keys
|
|
2629fc87
|
2015-05-24T22:33:55
|
|
cred: Check for null values when getting key from memory
The public key field is optional and as such can take NULL. Account for
that and do not call strlen() on NULL values. Also assert() for non-NULL
values of username & private key.
|
|
f7142b5e
|
2015-05-24T18:38:47
|
|
cred: Declare GIT_CREDTYPE_SSH_MEMORY unconditionally
Declare GIT_CREDTYPE_SSH_MEMORY to have consistent API independently of
whether libgit2 was built with or without in-memory key passing support.
Or rather, to have it at all since build-time definitions are not stored
in headers.
|
|
08e6b875
|
2015-03-19T14:57:15
|
|
Return an error when ssh memory credentials are not supported.
To not modify the external api.
|
|
7a8b8503
|
2015-03-17T09:19:15
|
|
Add support to read ssh keys from memory.
|
|
1396c381
|
2015-05-18T16:04:55
|
|
errors: add GIT_EEOF to indicate early EOF
This can be used by tools to show mesages about failing to communicate
with the server. The error message in this case will often contain the
server's error message, as far as it managed to send anything.
|
|
e3435673
|
2015-05-18T15:51:55
|
|
ssh: read from stderr if stdout is empty
When we fail to read from stdout, it's typically because the URL was
wrong and the server process has sent some output over its stderr
output.
Read that output and set the error message to whatever we read from it.
|
|
7e9a240e
|
2015-05-14T21:33:55
|
|
Make "Early EOF" message start with lowercase
|
|
542a7de0
|
2015-05-14T17:26:09
|
|
local: plug a leak in the progress reporting
|