|
43b592ac
|
2018-10-25T08:49:01
|
|
tls: introduce a wrap function
Introduce `git_tls_stream_wrap` which will take an existing `stream`
with an already connected socket and begin speaking TLS on top of it.
This is useful if you've built a connection to a proxy server and you
wish to begin CONNECT over it to tunnel a TLS connection.
Also update the pluggable TLS stream layer so that it can accept a
registration structure that provides an `init` and `wrap` function,
instead of a single initialization function.
|
|
21142c5a
|
2018-10-29T10:04:48
|
|
http: remove cURL
We previously used cURL to support HTTP proxies. Now that we've added
this support natively, we can remove the curl dependency.
|
|
2878ad08
|
2018-10-29T08:59:33
|
|
streams: remove unused tls functions
The implementations of git_openssl_stream_new and
git_mbedtls_stream_new have callers protected by #ifdefs and
are never called unless compiled in. There's no need for a
dummy implementation. Remove them.
|
|
d4198d4d
|
2018-07-26T12:11:34
|
|
mbedtls: remove unused variable "cacert"
In commit 382ed1e87 (mbedtls: load default CA certificates, 2018-03-29),
the function `git_mbedtls_stream_global_init` was refactored to call out
to `git_mbedtls__set_cert_location` instead of setting up the
certificates itself. The conversion forgot to remove the now-unused
"cacert" variable, which is now only getting declared to be free'd at
the end of the function. Remove it.
|
|
2fabb622
|
2018-07-21T01:36:46
|
|
mbedtls: free stream on shutdown
|
|
9e002cd5
|
2018-07-21T01:11:58
|
|
mbedtls: make ciphers_list a static array
Instead of allocating the ciphers_list, make it a static array. This
prevents us from leaking it or having to manage its memory.
|
|
4e62d26f
|
2018-07-21T00:45:24
|
|
mbedtls: free ciphers_list
|
|
defa9709
|
2018-07-21T00:41:38
|
|
mbedtls: check allocations
|
|
d19381e2
|
2018-06-25T14:57:07
|
|
mbedtls: fix `inline` being used in mbedtls headers
The mbedtls headers make direct use of the `inline` attribute to
instruct the compiler to inline functions. As this function is not C90
compliant, this can cause the compiler to error as soon as any of these
files is included and the `-std=c90` flag is being added.
The mbedtls headers declaring functions as inline always have a prelude
which define `inline` as a macro in case it is not yet defined. Thus, we
can easily replace their define with our own define, which simply copies
the logic of our own `GIT_INLINE` macro.
|
|
b3e0280d
|
2018-03-29T22:14:11
|
|
mbedtls: display error codes as hex for consistency with mbedTLS docs
Remaining parts of https://github.com/JuliaLang/julia/blob/8d47a314537779c8fb86642c54925613628a91b0/deps/patches/libgit2-mbedtls-fixup.patch
|
|
382ed1e8
|
2018-03-29T22:14:09
|
|
mbedtls: load default CA certificates
|
|
1edde0bc
|
2018-03-29T22:14:08
|
|
mbedtls: use mbedTLS certificate verification
Taken from https://github.com/JuliaLang/julia/blob/8d47a314537779c8fb86642c54925613628a91b0/deps/patches/libgit2-mbedtls-verify.patch, with some modifications.
|
|
4165bb7f
|
2018-03-29T22:14:06
|
|
mbedtls: use our own certificate validation
Otherwise REQUIRED means that `git_stream_certificate` will always error.
We're doing the mbedtls check in verify_server_cert though.
|
|
ec79b0fd
|
2018-03-29T22:14:04
|
|
mbedtls: fix libgit2 hanging due to incomplete writes
|
|
2419cccd
|
2018-03-29T22:14:02
|
|
mbedtls: default cipher list support
|
|
60e1ad92
|
2018-03-29T22:14:01
|
|
mbedtls: add global initialization
|
|
1a1875f3
|
2018-03-29T22:13:58
|
|
mbedtls: proper certificate verification
|
|
ca3b2234
|
2018-03-29T22:13:56
|
|
mbedtls: initial support
|