src


Log

Author Commit Date CI Message
Patrick Steinhardt 9865cd16 2018-03-20T14:23:49 alloc: make memory allocators use function pointers Currently, our memory allocators are being redirected to the correct implementation at compile time by simply using macros. In order to make them swappable at runtime, this commit reshuffles that by instead making use of a global "git_allocator" structure, whose pointers are set up to reference the allocator functions. Like this, it becomes easy to swap out allocators by simply setting these function pointers. In order to initialize a "git_allocator", our provided allocators "stdalloc" and "crtdbg" both provide an init function. This is being called to initialize a passed in allocator struct and set up its members correctly. No support is yet included to enable users of libgit2 to switch out the memory allocator at a global level.
Patrick Steinhardt 08b318c0 2018-03-14T10:43:00 stdalloc: extend allocators by file and line Our desired architecture would make allocators completely pluggable, such that users of libgit2 can swap out memory allocators at runtime. While making e.g. debugging easier by not having to do a separate build, this feature can also help maintainers of bindings for libgit2 by tying the memory allocations into the other language's memory system. In order to do so, though, we first need to make our two different pre-existing allocators "stdalloc" and "crtdbg" have the same function signatures, as the "crtdbg" allocators all have an additional file and line argument. This is required to build correct stack traces for debugging memory allocations. As that feature may also be interesting to authors of other applications for debugging libgit2, we now simply add these arguments to our standard allocators. Obviously, this may come with a performance penalty. During some simple benchmarks no real impact could be measured though in contrast to a simple pluggable allocator. The following table summarizes the benchmarks. There were three different builds with our current standard allocator ("standard"), with pluggable authenticators accessed via function pointers ("pluggable") and for pluggable authenticators with file and line being added ("fileline"). Furthermore, there were three scenarios for 100.000.000 allocations of 100B ("small alloc"), 100.000.000 allocations of 100KB ("medium alloc"), and 1.000.000 allocations of 100MB. All results are best of 10 runs. |------------|-------------------|-------------------|-------------------| | build/test | small alloc | medium alloc | big alloc | |------------|-------------------|-------------------|-------------------| | standard | 4539779566, +0.0% | 5912927186, +0.0% | 5166935308, +0.0% | |------------|-------------------|-------------------|-------------------| | pluggable | 4611074505, +1.5% | 5979185308, +1.1% | 5388776352, +4.2% | |------------|-------------------|-------------------|-------------------| | fileline | 4588338192, +1.1% | 6004951910, +1.5% | 4942528135, -4.4% | |------------|-------------------|-------------------|-------------------| As can be seen, there is a performance overhead for pluggable allocators. Furthermore, it can also be seen that there is some big variance between runs, especially in the "big alloc" scenario. This is probably being caused by nondeterministic behaviour in the kernel for dynamic allocations. Still, it can be observed that there should be no real difference between the "pluggable" and "fileline" allocators.
Patrick Steinhardt c47f7155 2018-03-14T10:34:59 util: extract `stdalloc` allocator into its own module Right now, the standard allocator is being declared as part of the "util.h" header as a set of inline functions. As with the crtdbg allocator functions, these inline functions make it hard to convert to function pointers for our allocators. Create a new "stdalloc" module containing our standard allocations functions to split these out. Convert the existing allocators to macros which make use of the stdalloc functions.
Patrick Steinhardt 496b0df2 2018-03-14T10:28:50 win32: crtdbg: provide independent `free` function Currently, the `git__free` function is being defined in a single place, only, disregarding whether we use our standard allocators or the crtdbg allocators. This makes it a bit harder to convert our code base to use pluggable allocators, and furthermore makes the border between our two allocators a bit more blurry. Implement a separate `git__crtdbg__free` function for the crtdbg allocator in order to completely separate both allocator implementations.
Patrick Steinhardt d2e996fa 2018-03-14T10:36:14 util: extract allocators into its own "alloc.h" header Our "util.h" header is a grabbag of various different functions, where many don't have a clear group they belong to. Our set of allocator functions though can be clearly singled out as a single group of functions that always belongs together. Furthermore, we will need to implement additional functions relating to our allocators subsystem when moving to pluggable allocators. Thus, we should just move these functions into their own "alloc" module.
Patrick Steinhardt aab8f87b 2018-03-14T10:27:13 win32: crtdbg: internalize implementation of allocators The crtdbg allocators are currently being implemented as inline functions as part of the "w32_crtdbg_stacktrace.h" header. As we are moving towards pluggable allocators with the help of function pointers, though, we cannot make use of inlining anymore. Instead, we can only have a single implementation of these allocating functions. Move all implementations of the crtdbg allocators into "w32_crtdbg_stacktrace.c".
Patrick Steinhardt 422cd59b 2018-06-07T12:49:55 Merge pull request #4655 from glaubitz/alignment index: Fix alignment issues in write_disk_entry()
Patrick Steinhardt 20306d36 2018-06-06T14:31:28 Merge pull request #4665 from neithernut/fix-refdb-glob refdb_fs: fix regression: failure when globbing for non-existant references
Patrick Steinhardt 54990d75 2018-06-06T08:36:43 Merge pull request #4641 from pks-t/pks/submodule-names-memleak Detect duplicated submodules for the same path
Julian Ganz 05e891f1 2018-06-01T08:44:30 refdb_fs: test whether the base directory exists when globbing This commit fixes a regression introduced by 20a2b02d9a1bcb4825ec49605146223c565dcacf The commit introduced an optimization for finding references using a glob: rather than iterating over all references and matching each one against the glob, we would iterate only over references within the directory common to all possible references which may match against the glob. However, contrary to the `ref/` directory, which was the previous entry point for the iteration, this directory may not exist. In this case, the optimization causes an error (`ENOENT`) rather than the iterator simply yielding no references. This patch fixes the regression by checkign for this specific case.
John Paul Adrian Glaubitz 93271f59 2018-05-25T01:41:33 index: Fix alignment issues in write_disk_entry() In order to avoid alignment issues on certain target architectures, it is necessary to use memcpy() when modifying elements of a struct inside a buffer returned by git_filebuf_reserve().
Patrick Steinhardt 8a14846b 2018-05-30T10:51:10 Merge pull request #4661 from laomaiweng/patch-1 streams: openssl: add missing check on OPENSSL_LEGACY_API
Patrick Steinhardt 9c698a25 2018-05-30T10:34:58 submodule: remove useless mask computations Previous to dfda2f68e (submodule: remove the per-repo cache, 2015-04-27), we tried to cache our submodules per repository to avoid having to reload it too frequently. As it created some headaches with regards to multithreading, we removed that cache. Previous to that removal, we had to compute what submodule status to refresh. The mask computation was not removed, though, resulting in confusing and actually dead code. While it seems like the mask is currently in use in a conditional, it is not, as we unconditionally assign to the mask previous to that condition. Remove all mask computations to clean up stale code.
Patrick Steinhardt b2a389c8 2018-05-30T08:35:06 submodule: detect duplicated submodule paths When loading submodule names, we build a map of submodule paths and their respective names. While looping over the configuration keys, we do not check though whether a submodule path was seen already. This leads to a memory leak in case we have multiple submodules with the same path, as we just overwrite the old value in the map in that case. Fix the error by verifying that the path to be added is not yet part of the string map. Git does not allow to have multiple submodules for a path anyway, so we now do the same and detect this duplication, reporting it to the user.
Patrick Steinhardt cf5030a3 2018-05-30T08:38:28 submodule: refactor loading submodule names The function `load_submodule_names` was always being called with a newly allocated string map, which was then getting filled by the function. Move the string map allocation into `load_submodule_names`, instead, and pass the whole map back to the caller in case no error occurs. This change helps to avoid misuse by handing in pre-populated maps.
Patrick Steinhardt 36ae5c93 2018-05-30T08:25:19 Merge pull request #4656 from tiennou/fix/mbedtls-no-pkgconfig mbedtls: don't require mbedtls from our pkgconfig file
Quentin Minster b1cab70b 2018-05-30T02:15:09 streams: openssl: add missing check on OPENSSL_LEGACY_API The `CRYPTO_THREADID` type is no longer available in OpenSSL ≥ 1.1.0 with deprecated features disabled, and causes build failures. Since the `threadid_cb()` function is only ever called by `git_openssl_set_locking()` when `defined(OPENSSL_LEGACY_API)`, only define it then.
Carlos Martín Nieto 7f6c1ce9 2018-05-29T21:04:39 Merge pull request #4660 from libgit2/cmn/submodule-traversal Fixes for CVE 2018-11235
Etienne Samson 64a78a80 2018-05-25T09:28:52 mbedtls: don't require mbedtls from our pkgconfig file mbedTLS has no pkgconfig file, hence we can't require it. For now, pass its link flags as our own.
Carlos Martín Nieto 9e723db8 2018-05-24T20:28:36 submodule: plug leaks from the escape detection
Carlos Martín Nieto c16ebaa6 2018-05-24T19:05:59 submodule: replace index with strchr which exists on Windows
Carlos Martín Nieto 91a4849d 2018-05-24T19:00:13 submodule: the repostiory for _name_is_valid should not be const We might modify caches due to us trying to load the configuration to figure out what kinds of filesystem protections we should have.
Carlos Martín Nieto 1f570a29 2018-05-23T08:40:17 path: check for a symlinked .gitmodules in fs-agnostic code We still compare case-insensitively to protect more thoroughly as we don't know what specifics we'll see on the system and it's the behaviour from git.
Carlos Martín Nieto a7168b47 2018-05-22T16:13:47 path: reject .gitmodules as a symlink Any part of the library which asks the question can pass in the mode to have it checked against `.gitmodules` being a symlink. This is particularly relevant for adding entries to the index from the worktree and for checking out files.
Carlos Martín Nieto 58ff913a 2018-05-22T15:48:38 index: stat before creating the entry This is so we have it available for the path validity checking. In a later commit we will start rejecting `.gitmodules` files as symlinks.
Carlos Martín Nieto 02c80ad7 2018-05-22T15:21:08 path: accept the name length as a parameter We may take in names from the middle of a string so we want the caller to let us know how long the path component is that we should be checking.
Carlos Martín Nieto 490cbaa9 2018-05-22T13:58:24 path: expose dotgit detection functions per filesystem These will be used by the checkout code to detect them for the particular filesystem they're on.
Carlos Martín Nieto 177dcfc7 2018-05-18T15:16:53 path: hide the dotgit file functions These can't go into the public API yet as we don't want to introduce API or ABI changes in a security release.
Carlos Martín Nieto 0aa65f8d 2018-05-16T15:56:04 path: add functions to detect .gitconfig and .gitattributes
Carlos Martín Nieto 9de97ae7 2018-05-16T15:42:08 path: add a function to detect an .gitmodules file Given a path component it knows what to pass to the filesystem-specific functions so we're protected even from trees which try to use the 8.3 naming rules to get around us matching on the filename exactly. The logic and test strings come from the equivalent git change.
Carlos Martín Nieto 22973e09 2018-05-16T14:47:04 path: provide a generic function for checking dogit files on NTFS It checks against the 8.3 shortname variants, including the one which includes the checksum as part of its name.
Carlos Martín Nieto 0283fc46 2018-05-16T11:56:04 path: provide a generic dogit checking function for HFS This lets us check for other kinds of reserved files.
Carlos Martín Nieto 397abe98 2018-05-14T16:03:15 submodule: also validate Windows-separated paths for validity Otherwise we would also admit `..\..\foo\bar` as a valid path and fail to protect Windows users. Ideally we would check for both separators without the need for the copied string, but this'll get us over the RCE.
Carlos Martín Nieto 6b15ceac 2018-04-30T13:47:15 submodule: ignore submodules which include path traversal in their name If the we decide that the "name" of the submodule (i.e. its path inside `.git/modules/`) is trying to escape that directory or otherwise trick us, we ignore the configuration for that submodule. This leaves us with a half-configured submodule when looking it up by path, but it's the same result as if the configuration really were missing. The name check is potentially more strict than it needs to be, but it lets us re-use the check we're doing for the checkout. The function that encapsulates this logic is ready to be exported but we don't want to do that in a security release so it remains internal for now.
Patrick Steinhardt f9cf9a04 2018-05-09T14:51:57 Merge pull request #4642 from pks-t/pks/cmake-resolve-pkgconfig cmake: resolve libraries found by pkg-config
Patrick Steinhardt 0a19c151 2018-05-09T14:14:06 Merge pull request #4629 from neithernut/enhance-glob-perf refdb_fs: enhance performance of globbing
Patrick Steinhardt 81c9894f 2018-05-09T14:06:57 Merge pull request #4645 from pks-t/pks/racy-init-deinit global: adjust init count under lock
Patrick Steinhardt 6c2939d6 2018-05-09T13:57:17 Merge pull request #4646 from pks-t/pks/gcc-8.1-warnings Fix GCC 8.1 warnings
Patrick Steinhardt 8ab470f5 2018-04-27T15:31:43 cmake: remove now-useless LIBGIT2_LIBDIRS handling With the recent change of always resolving pkg-config libraries to their full path, we do not have to manage the LIBGIT2_LIBDIRS variable anymore. The only other remaining user of LIBGIT2_LIBDIRS is winhttp, which is a CMake-style library target and can thus be resolved by CMake automatically. Remove the variable to simplify our build system a bit.
Patrick Steinhardt 0f62e4c7 2018-04-27T10:38:49 cmake: resolve libraries found by pkg-config Libraries found by CMake modules are usually handled with their full path. This makes linking against those libraries a lot more robust when it comes to libraries in non-standard locations, as otherwise we might mix up libraries from different locations when link directories are given. One excemption are libraries found by PKG_CHECK_MODULES. Instead of returning libraries with their complete path, it will return the variable names as well as a set of link directories. In case where multiple sets of the same library are installed in different locations, this can lead the compiler to link against the wrong libraries in the end, when link directories of other dependencies are added. To fix this shortcoming, we need to manually resolve library paths returned by CMake against their respective library directories. This is an easy task to do with `FIND_LIBRARY`.
Etienne Samson a82082d0 2018-04-20T08:38:50 worktree: a worktree can be made from a bare repository
Etienne Samson c7964c22 2018-04-18T22:40:46 repository: being a worktree means we're not really bare We were previously conflating any error into GIT_ENOTFOUND, which might or might not be correct. This fixes the code so a config error is bubbled up, as well as preserving the semantics in the face of worktree-repositories
Patrick Steinhardt bb468ada 2018-05-07T13:44:15 Merge pull request #4542 from stanhu/sh-sanitize-utf8-hunk-header Sanitize the hunk header to ensure it contains UTF-8 valid data
Stan Hu 9d83a2b0 2018-02-22T22:55:50 Sanitize the hunk header to ensure it contains UTF-8 valid data The diff driver truncates the hunk header text to 80 bytes, which can truncate 4-byte Unicode characters and introduce garbage characters in the diff output. This change sanitizes the hunk header before it is displayed. This mirrors the test in git: https://github.com/git/git/blob/master/t/t4025-hunk-header.sh Closes https://github.com/libgit2/rugged/issues/716
Patrick Steinhardt ba5e39ac 2018-05-04T15:25:11 streams: openssl: fix bogus warning on unused parameter Our provided callback function `threadid_cb(CRYPTO_THREADID *threadid)` sets up a unique thread ID by asking pthread for the current thread ID. Since openssl version 1.1, `CRYPTO_THREADID_set_numeric` is simply a no-op macro, leaving the `threadid` argument unused after the preprocessor has processed the macro. GCC does not account for that situation and will thus complain about `threadid` being unused. Silence this warning by using `GIT_UNUSED(threadid)`.
Patrick Steinhardt 0933fdc5 2018-05-04T13:40:54 global: adjust init count under lock Our global initialization functions `git_libgit2_init()` and `git_libgit2_shutdown()` both adjust a global init counter to determine whether we are the first respectively last user of libgit2. On Unix-systems do not do so under lock, though, which opens the possibility of a race between these two functions: Thread 1 Thread 2 git__n_inits = 0; git_libgit2_init(); git_atomic_inc(&git__n_inits); /* git__n_inits == 1 */ git_libgit2_shutdown(); if (git_atomic_dec(&git__n_inits) != 0) /* git__n_inits == 0, no early exit here */ pthread_mutex_lock(&_init_mutex); shutdown_common(); pthread_mutex_unlock(&_init_mutex); pthread_mutex_lock(&_init_mutex); init_once(); pthread_mutex_unlock(&_init_mutex); So we can end up in a situation where we try to shutdown shared data structures before they have been initialized. Fix the race by always locking `_init_mutex` before incrementing or decrementing `git__n_inits`.
Carlos Martín Nieto 26a09a93 2018-04-30T21:34:36 Merge pull request #4608 from pks-t/pks/openssl-api-cleanup OpenSSL legacy API cleanups
Etienne Samson 173a0375 2018-02-08T23:50:14 openssl: remove leftover #ifdef This is the "OpenSSL available" global init function after all
Patrick Steinhardt b33b6d33 2018-04-30T09:27:47 Merge pull request #4640 from mkeeler/worktree-convenience2 worktree: add functions to get name and path
Julian Ganz 20a2b02d 2018-04-18T19:23:40 refdb_fs: enable root arbitration for fixed portion of globs A glob used for iteration may start with an entire path containing no special characters. If we start scanning for references within that path rather than in `refs/`, we may end up scanning only a small fraction of all references.
Julian Ganz 27e98cf7 2018-04-18T19:21:22 refdb_fs: prepare arbitration of the root used for ref iteration Instead of a hardcoded "refs", we may choose a different directory within the git directory as the root from which we look for references.
Patrick Steinhardt 5ace1494 2018-04-26T11:45:38 Merge pull request #4633 from csware/worktree-delereref Fix deletion of unrelated branch on worktree
Matt Keeler 3da1ad20 2018-04-24T17:09:34 worktree: add functions to get name and path
Edward Thomson 86353a72 2018-04-22T14:57:02 Merge pull request #4173 from tiennou/mbedtls mbedTLS support
Edward Thomson 5d346c11 2018-04-22T14:51:00 Merge pull request #4525 from pks-t/pks/config-iterate-in-order Configuration entry iteration in order
Edward Thomson 2b967226 2018-04-22T14:43:18 Merge pull request #4580 from pks-t/pks/diff-like-git-coalesce blame_git: fix coalescing step never being executed
Patrick Steinhardt 0ad2372b 2018-04-20T21:25:01 Merge pull request #4636 from tiennou/fix/leaks Fix leaks in master
Patrick Steinhardt 232dd4de 2018-04-20T20:36:31 Merge pull request #4635 from tiennou/fix/leaks-v0.27.1 Leak fixes for v0.27.1
Patrick Steinhardt 8d138f89 2018-04-20T20:28:48 Merge pull request #4577 from csware/reflog-worktree-head worktree: Read worktree specific reflog for HEAD
Etienne Samson 592b200c 2018-04-18T21:41:44 refspec: check for valid parameters in git_refspec__dwim_one CID:1383993, "In git_refspec__dwim_one: All paths that lead to this null pointer comparison already dereference the pointer earlier (CWE-476)"
Etienne Samson df4937b8 2018-04-18T20:57:16 remote: repo is optional here As per CID:1378747, we might be called with a NULL repo, which would be deferenced in write_add_refspec
Etienne Samson 8122ef98 2018-04-19T01:08:18 worktree: fix calloc of the wrong object type
Etienne Samson 836ec316 2018-04-19T01:05:05 local: fix a leaking reference when iterating over a symref Valgrind log : ==17702== 18 bytes in 1 blocks are indirectly lost in loss record 69 of 1,123 ==17702== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==17702== by 0x5FDBB49: strdup (strdup.c:42) ==17702== by 0x632B3E: git__strdup (util.h:106) ==17702== by 0x632D2C: git_reference__alloc_symbolic (refs.c:64) ==17702== by 0x62E0AF: loose_lookup (refdb_fs.c:408) ==17702== by 0x62E636: refdb_fs_backend__iterator_next (refdb_fs.c:565) ==17702== by 0x62CD8E: git_refdb_iterator_next (refdb.c:147) ==17702== by 0x6347F2: git_reference_next (refs.c:838) ==17702== by 0x6345CB: git_reference_foreach (refs.c:748) ==17702== by 0x66BE62: local_download_pack (local.c:579) ==17702== by 0x5DB48F: git_fetch_download_pack (fetch.c:148) ==17702== by 0x639028: git_remote_download (remote.c:932) ==17702== by 0x63919A: git_remote_fetch (remote.c:969) ==17702== by 0x4ABEDD: test_fetchhead_nonetwork__fetch_into_repo_with_symrefs (nonetwork.c:362) ==17702== by 0x4125D9: clar_run_test (clar.c:222) ==17702== by 0x41287C: clar_run_suite (clar.c:286) ==17702== by 0x412DDE: clar_test_run (clar.c:433) ==17702== by 0x4105E1: main (main.c:24)
Sven Strickroth fd7b5bc3 2018-04-20T12:54:41 Fix deletion of unrelated branch on worktree Signed-off-by: Sven Strickroth <email@cs-ware.de>
Edward Thomson 8529ac9b 2018-04-17T23:38:46 Merge pull request #4524 from pks-t/pks/worktree-refs worktree: add ability to create worktree with pre-existing branch
Edward Thomson 1fd26760 2018-04-17T23:33:06 Merge pull request #4618 from tiennou/fix/pwned-references refs: preserve the owning refdb when duping reference
Edward Thomson 99ec4fdb 2018-04-17T20:06:30 crlf: wrap line
Sven Strickroth a5115842 2017-01-28T18:31:11 crlf: update checkout logic to reflect Git 2.9+ behaviour Signed-off-by: Sven Strickroth <email@cs-ware.de>
Edward Thomson 286a6765 2018-04-17T14:32:56 Merge pull request #4522 from csware/submodules-should-report-parse-errors Submodules-API should report .gitmodules parse errors instead of ignoring them
Edward Thomson e5f32e81 2018-04-17T00:08:20 Merge pull request #4514 from tiennou/fix/pkt-type-enum Typedef git_pkt_type and clarify recv_pkt return type
Edward Thomson 17339cb3 2018-04-16T15:35:56 Merge pull request #4596 from pks-t/pks/ssh-disconnect transports: ssh: disconnect session before freeing it
Edward Thomson 1926163a 2018-04-16T15:33:43 Merge pull request #4622 from pks-t/pks/revwalk-hide-newer-parents revwalk: fix uninteresting revs sometimes not limiting graphwalk
Edward Thomson 69870a67 2018-04-16T15:19:37 Merge pull request #4614 from pks-t/pks/gitignore-trailing-spaces attr_file: fix handling of directory patterns with trailing spaces
Patrick Steinhardt 54fd80e3 2018-04-12T13:32:27 revwalk: fix uninteresting revs sometimes not limiting graphwalk When we want to limit our graphwalk, we use the heuristic of checking whether the newest limiting (uninteresting) revision is newer than the oldest interesting revision. We do so by inspecting whether the first item's commit time of the user-supplied list of revisions is newer than the last added interesting revision. This is wrong though, as the user supplied list is in no way guaranteed to be sorted by increasing commit dates. This could lead us to abort the revwalk early before applying all relevant limiting revisions, outputting revisions which should in fact have been hidden. Fix the heuristic by instead checking whether _any_ of the limiting commits was made earlier than the last interesting commit. Add a test.
Patrick Steinhardt 251d8771 2018-04-06T12:24:10 attr_file: fix handling of directory patterns with trailing spaces When comparing whether a path matches a directory rule, we pass the both the path and directory name to `fnmatch` with `GIT_ATTR_FNMATCH_DIRECTORY` being set. `fnmatch` expects the pattern to contain no trailing directory '/', which is why we try to always strip patterns of trailing slashes. We do not handle that case correctly though when the pattern itself has trailing spaces, causing the match to fail. Fix the issue by stripping trailing spaces and tabs for a rule previous to checking whether the pattern is a directory pattern with a trailing '/'. This replaces the whitespace-stripping in our ignore file parsing code, which was stripping whitespaces too late. Add a test to catch future breakage.
Etienne Samson 13a77274 2018-02-26T21:33:55 smart: typo
Etienne Samson 2cf9b84c 2018-04-11T19:13:42 smart: free the pkt when we fail to store it
Etienne Samson 32586d5e 2018-04-11T19:03:57 smart: separate error handling from pkt handling
Etienne Samson 01381149 2018-02-26T21:27:10 smart: make out arguments explicit on recv_pkt
Etienne Samson 08961c9d 2017-08-22T16:29:07 smart: typedef git_pkt_type and clarify recv_pkt return type
Etienne Samson 54554757 2018-03-29T22:14:14 cmake: make our preferred backend ordering consistent
Etienne Samson b3e0280d 2018-03-29T22:14:11 mbedtls: display error codes as hex for consistency with mbedTLS docs Remaining parts of https://github.com/JuliaLang/julia/blob/8d47a314537779c8fb86642c54925613628a91b0/deps/patches/libgit2-mbedtls-fixup.patch
Etienne Samson 382ed1e8 2018-03-29T22:14:09 mbedtls: load default CA certificates
Etienne Samson 1edde0bc 2018-03-29T22:14:08 mbedtls: use mbedTLS certificate verification Taken from https://github.com/JuliaLang/julia/blob/8d47a314537779c8fb86642c54925613628a91b0/deps/patches/libgit2-mbedtls-verify.patch, with some modifications.
Etienne Samson 4165bb7f 2018-03-29T22:14:06 mbedtls: use our own certificate validation Otherwise REQUIRED means that `git_stream_certificate` will always error. We're doing the mbedtls check in verify_server_cert though.
Etienne Samson ec79b0fd 2018-03-29T22:14:04 mbedtls: fix libgit2 hanging due to incomplete writes
Etienne Samson 2419cccd 2018-03-29T22:14:02 mbedtls: default cipher list support
Etienne Samson 60e1ad92 2018-03-29T22:14:01 mbedtls: add global initialization
Etienne Samson 6c6be3ce 2018-03-29T22:13:59 mbedtls: use libmbedcrypto for hashing
Etienne Samson 1a1875f3 2018-03-29T22:13:58 mbedtls: proper certificate verification
Etienne Samson ca3b2234 2018-03-29T22:13:56 mbedtls: initial support
Etienne Samson 5e19a7f9 2018-04-10T21:16:43 refs: preserve the owning refdb when duping reference This fixes a segfault in git_reference_owner on references returned from git_reference__read_head and git_reference_dup ones.
Patrick Steinhardt 6c55fbf3 2018-04-06T10:39:16 transports: local: fix assert when fetching into repo with symrefs When fetching into a repository which has symbolic references via the "local" transport we run into an assert. The assert is being triggered while we negotiate the packfile between the two repositories. When hiding known revisions from the packbuilder revwalk, we unconditionally hide all references of the local refdb. In case one of these references is a symbolic reference, though, this means we're trying to hide a `NULL` OID, which triggers the assert. Fix the issue by only hiding OID references from the revwalk. Add a test to catch this issue in the future.
Erik van Zijst bc5ced66 2018-04-04T21:28:31 diff: Add missing GIT_DELTA_TYPECHANGE -> 'T' mapping. This adds the 'T' status character to git_diff_status_char() for diff entries that change type.
Patrick Steinhardt dd9de88a 2018-04-03T11:57:45 streams: openssl: provide `OPENSSL_init_ssl` for legacy API In order to further avoid using ifdef's in our code flow, provide the function `OPENSSL_init_ssl` in case we are using the legacy OpenSSL API.
Patrick Steinhardt ede63b99 2018-04-03T11:45:00 streams: openssl: unify version checks into single define By now, we have several locations where we are checking the version of OpenSSL to determine whether we can use the new "modern" API or need to use the pre-1.1 legacy API. As we have multiple implementations of OpenSSL with the rather recent libressl implementation, these checks need to honor versions of both implementations, which is rather tedious. Instead, we can just check once for the correct versions and define `OPENSSL_LEGACY_API` in case we cannot use the modern API.
Patrick Steinhardt 2505cbfc 2018-04-03T11:40:39 streams: openssl: move OpenSSL compat layer into implementation OpenSSL version 1.1 has broken its API in quite a few ways. To avoid having to use ifdef's everywhere, we have implemented the BIO functions added in version 1.1 ourselves in case we are using the legacy API. We were implementing them in the header file, though, which doesn't make a lot of sense, since these functions are only ever being used the the openssl stream implementation. Move these functions to the implementation file and mark them static.
Patrick Steinhardt d9007dc8 2018-04-03T11:36:27 Merge pull request #4607 from Sp1l/private/fix-libressl-2.7 Fix build with LibreSSL 2.7
Patrick Steinhardt c42261a3 2018-04-03T09:38:38 Merge pull request #4603 from pks-t/pks/appveyor-winhttp-workaround appveyor: workaround for intermittent test failures
Patrick Steinhardt b5e0cfa7 2018-04-03T09:32:33 Merge pull request #4601 from bgermann/master sha1dc: update to fix errors with endianess