|
ecf4f33a
|
2018-02-08T11:14:48
|
|
Convert usage of `git_buf_free` to new `git_buf_dispose`
|
|
fd634019
|
2018-04-16T15:42:35
|
|
Merge pull request #4556 from libgit2/ethomson/proxy_pass_in_env
online::clone: validate user:pass in HTTP_PROXY
|
|
54bf4d14
|
2018-03-20T07:47:27
|
|
online tests: update auth for bitbucket test
Update the settings to use a specific read-only token for accessing our
test repositories in Bitbucket.
|
|
03c58778
|
2018-03-19T09:20:35
|
|
online::clone: skip creds fallback test
At present, we have three online tests against bitbucket: one which
specifies the credentials in the payload, one which specifies the
correct credentials in the URL and a final one that specifies the
incorrect credentials in the URL. Bitbucket has begun responding to the
latter test with a 403, which causes us to fail.
Break these three tests into separate tests so that we can skip the
latter until this is resolved on Bitbucket's end or until we can change
the test to a different provider.
|
|
e380eae0
|
2018-02-28T16:10:53
|
|
online::clone: validate user:pass in HTTP_PROXY
Validate using the http://user:pass@host/ format in HTTP_PROXY and
HTTPS_PROXY environment variables.
|
|
820fb712
|
2018-01-18T07:48:28
|
|
tests: online::clone: fix memory leak due to not freeing URL
|
|
54a1bf05
|
2017-06-07T13:06:53
|
|
tests: online::clone: inline creds-test with nonexistent URL
Right now, we test our credential callback code twice, once via SSH on
localhost and once via a non-existent GitHub repository. While the first
URL makes sense to be configurable, it does not make sense to hard-code
the non-existing repository, which requires us to call tests multiple
times. Instead, we can just inline the URL into another set of tests.
|
|
fea60920
|
2017-06-07T12:48:48
|
|
tests: online::clone: construct credential-URL from environment
We support two types of passing credentials to the proxy, either via the
URL or explicitly by specifying user and password. We test these types
by modifying the proxy URL and executing the tests twice, which is
in fact unnecessary and requires us to maintain the list of environment
variables and test executions across multiple CI infrastructures.
To fix the situation, we can just always pass the host, port, user and
password to the tests. The tests can then assemble the complete URL
either with or without included credentials, allowing us to test both
cases in-process.
|
|
fb585d01
|
2017-07-31T00:58:58
|
|
Merge branch '4233'
|
|
c2c95ad0
|
2017-04-26T13:16:18
|
|
tests: online::clone: use URL of test server
All our tests running against a local SSH server usually read the
server's URL from environment variables. But online::clone::ssh_cert
test fails to do so and instead always connects to
"ssh://localhost/foo". This assumption breaks whenever the SSH server is
not running on the standard port, e.g. when it is running as a user.
Fix the issue by using the URL provided by the environment.
|
|
9364f274
|
2017-05-05T09:40:38
|
|
remote: test creating and fetching detached remotes
|
|
34b79391
|
2017-05-05T09:14:20
|
|
tests: online::remotes: add defines for URL and refspec
The repository URL is duplicated several times and can be de-duplicated
like this. Furthermore, exchange the static refspec variable with a
define to reduce BSS size.
|
|
8897f8fe
|
2017-05-05T09:47:54
|
|
remote: reject various actions for detached remotes
There are only few actions which actually make sense for a detached
remote, like e.g. `git_remote_ls`, `git_remote_prune`. For all the other
actions, we have to report an error when the remote has no repository
attached to it. This commit does so and implements some tests.
|
|
a4de1ae3
|
2017-04-25T10:14:19
|
|
cmake: define GIT_HTTPS when HTTPS is supported
|
|
2ac57aa8
|
2017-01-09T17:53:21
|
|
https: don't test that RC4 is invalid
None of our crypto backends actually reject RC4 as a cipher so don't
test for it and instead keep it as something we'd like to do.
|
|
3829ba2e
|
2017-01-09T17:50:17
|
|
http: correct the expected error for RC4
We must make sure that we're getting a certificate error from the
library so we know that we're testing the right thing.
|
|
98d66240
|
2017-01-06T10:51:31
|
|
http: perform 'badssl' check also via certificate callback
Make sure that the callbacks do also get a 'valid' value of zero when
the certificate we're looking at is in valid and assert that within the
test.
|
|
30a876cd
|
2016-10-27T11:29:15
|
|
tests: fetchhead: fix memory leak
|
|
1eee631d
|
2016-08-04T13:45:28
|
|
refspec: do not set empty rhs for fetch refspecs
According to git-fetch(1), "[t]he colon can be omitted when <dst>
is empty." So according to git, the refspec "refs/heads/master"
is the same as the refspec "refs/heads/master:" when fetching
changes. When trying to fetch from a remote with a trailing
colon with libgit2, though, the fetch actually fails while it
works when the trailing colon is left out. So obviously, libgit2
does _not_ treat these two refspec formats the same for fetches.
The problem results from parsing refspecs, where the resulting
refspec has its destination set to an empty string in the case of
a trailing colon and to a `NULL` pointer in the case of no
trailing colon. When passing this to our DWIM machinery, the
empty string gets translated to "refs/heads/", which is simply
wrong.
Fix the problem by having the parsing machinery treat both cases
the same for fetch refspecs.
|
|
0bd77401
|
2016-04-21T11:05:21
|
|
clone test: annotate unused vars
|
|
0d72f67f
|
2016-03-14T17:36:04
|
|
proxy: don't specify the protocol in the type
We leave this up to the scheme in the url field. The type should only
tell us about whether we want a proxy and whether we want to auto-detect
it.
|
|
b117721d
|
2015-07-29T21:23:56
|
|
proxy: use poxy to test our Windows proxy support
|
|
07bd3e57
|
2015-05-07T12:57:56
|
|
proxy: ask the user for credentials if necessary
|
|
c577efbb
|
2016-03-14T12:41:41
|
|
Use general cl_git_fail because the error is generic
|
|
fa72d6da
|
2016-03-14T12:02:00
|
|
Setup better defaults for OpenSSL ciphers
This ensures that when using OpenSSL a safe default set of ciphers
is selected. This is done so that the client communicates securely
and we don't accidentally enable unsafe ciphers like RC4, or even
worse some old export ciphers.
Implements the first part of https://github.com/libgit2/libgit2/issues/3682
|
|
505e4531
|
2015-10-30T13:53:53
|
|
Fix build for unit test
If none of GIT_OPENSSL, GIT_WINHTTP or GIT_SECURE_TRANSPORT
is defined we should also be able to build the unit test.
|
|
72b7c570
|
2015-09-30T09:17:18
|
|
Merge pull request #3411 from spraints/custom-push-headers
Include custom HTTP headers
|
|
53a28705
|
2015-09-27T22:48:39
|
|
net: add tests against badssl.com
These provide bad X.509 certificates, which we should refuse to connect
to by default.
|
|
dfe2856d
|
2015-09-18T12:06:55
|
|
Fix a couple of warnings
|
|
1af5aecb
|
2015-09-13T05:38:29
|
|
push: put the git_oid inline in the test structure
These are small pieces of data, so there is no advantage to allocating
them separately. Include the two ids inline in the struct we use to
check that the expected and actual ids match.
|
|
3245896b
|
2015-09-10T13:18:26
|
|
Add a test for custom header validation
Also, *some* custom headers actually are valid.
|
|
4f2b6093
|
2015-09-08T13:53:41
|
|
Tell the git_transport about the custom_headers
|
|
e069c621
|
2015-07-02T09:25:48
|
|
git__getenv: utf-8 aware env reader
Introduce `git__getenv` which is a UTF-8 aware `getenv` everywhere.
Make `cl_getenv` use this to keep consistent memory handling around
return values (free everywhere, as opposed to only some platforms).
|
|
352ee171
|
2015-06-12T12:45:49
|
|
clone: set the credentials callback during testing
|
|
0f69b41d
|
2015-06-12T12:25:25
|
|
push: pass the callbacks during setup as well
We need to pass these options in order to have the credentials callback
set.
|
|
2c8550f0
|
2015-05-29T19:38:11
|
|
Merge pull request #3157 from mgorny/ssh_memory_auth
Support getting SSH keys from memory, pt. 2
|
|
8085adf8
|
2015-05-27T18:44:40
|
|
test: Add a test for in-memory SSH private key cred_cb
|
|
7b5ce2e5
|
2015-05-14T09:33:54
|
|
clone: don't rely on auto-saving for single-branch
The code used to rely on the clone code calling the remote's save, which
does not happen anymore, meaning that the configuration settings the
remote expected were not being written to disk.
The run-time configuration was still being affected, so the right branch
was being cloned. The tests continued to pass as we did not check for
the configuration entires. Fix this by creating the remote with the
single-branch refspec we want and checking for its existence in the
configuration.
|
|
77254990
|
2015-04-23T06:51:34
|
|
remote: remove live changing of refspecs
The base refspecs changing can be a cause of confusion as to what is the
current base refspec set and complicate saving the remote's
configuration.
Change `git_remote_add_{fetch,push}()` to update the configuration
instead of an instance.
This finally makes `git_remote_save()` a no-op, it will be removed in a
later commit.
|
|
35a8a8c5
|
2015-04-22T17:29:20
|
|
remote: move the tagopt setting to the fetch options
This is another option which we should not be keeping in the remote, but
is specific to each particular operation.
|
|
3eff2a57
|
2015-04-22T16:11:10
|
|
remote: move the update_fetchhead setting to the options
While this will rarely be different from the default, having it in the
remote adds yet another setting it has to keep around and can affect its
behaviour. Move it to the options.
|
|
058b753c
|
2015-04-22T15:45:21
|
|
remote: move the transport ctor to the callbacks
Instead of having it set in a different place from every other callback,
put it the main structure. This removes some state from the remote and
makes it behave more like clone, where the constructors are passed via
the options.
|
|
8f0104ec
|
2015-04-21T22:10:36
|
|
Remove the callbacks struct from the remote
Having the setting be different from calling its actions was not a great
idea and made for the sake of the wrong convenience.
Instead of that, accept either fetch options, push options or the
callbacks when dealing with the remote. The fetch options are currently
only the callbacks, but more options will be moved from setters and
getters on the remote to the options.
This does mean passing the same struct along the different functions but
the typical use-case will only call git_remote_fetch() or
git_remote_push() and so won't notice much difference.
|
|
cbe8a61d
|
2015-05-01T11:28:54
|
|
Merge pull request #3059 from libgit2/cmn/negotiation-notify
[WIP/RFC] push: report the update plan to the caller
|
|
fc6f044e
|
2015-04-21T20:02:24
|
|
Fix for Issue #3023 tests fail with no network
Moved offending tests from network to online so they will get skipped
when there is a lack of network connectivity:
-test_online_remotes__single_branch
-test_online_remotes__restricted_refspecs
|
|
efc2fec5
|
2015-04-19T00:55:00
|
|
push: report the update plan to the caller
It can be useful for the caller to know which update commands will be
sent to the server before the packfile is pushed up. git does this via
the pre-push hook.
We don't have hooks, but as it adds introspection into what is
happening, we can add a callback which performs the same function.
|
|
29e7ae5d
|
2015-03-16T19:39:05
|
|
Add failing test for cert callback with non-ecrypted stream
When we have an HTTP stream and have set the certificatre check
callback, we currently fail as we ask the unencrypted stream for its
certificate.
|
|
e5e2c11d
|
2015-03-13T17:52:07
|
|
Put back the number of expected references to 6 from the test repo
This was but down to 5 when GitHub made a change to their server which
made them stop honouring the include-tag request.
This has recently been corrected, so we can bring it back up to six.
|
|
412a3808
|
2015-01-15T15:31:23
|
|
push: remove reflog message override
We always use "update by push".
|
|
659cf202
|
2015-01-07T12:23:05
|
|
Remove the signature from ref-modifying functions
The signature for the reflog is not something which changes
dynamically. Almost all uses will be NULL, since we want for the
repository's default identity to be used, making it noise.
In order to allow for changing the identity, we instead provide
git_repository_set_ident() and git_repository_ident() which allow a user
to override the choice of signature.
|
|
6c9e86ad
|
2015-02-14T10:46:41
|
|
clone: drop now unnecessary SAFE_CREATE
|
|
fe794b2e
|
2014-12-16T08:57:05
|
|
remote: remove git_push from the public API
Instead we provide git_remote_upload() and git_remote_update_tips() in
order to have a parallel API for fetching and pushing.
|
|
21083a71
|
2014-12-06T03:12:04
|
|
notes: move the notes name argument
Make it consistent between git_note_create() and git_note_remote() by
putting it after the repository.
|
|
1ca61bdc
|
2014-11-19T20:53:25
|
|
fetch: clear the connection data on close
When we fetch twice with the same remote object, we did not properly
clear the connection flags, so we would leak state from the last
connection.
This can cause the second fetch with the same remote object to fail if
using a HTTP URL where the server redirects to HTTPS, as the second
fetch would see `use_ssl` set and think the initial connection wanted to
downgrade the connection.
|
|
45301cca
|
2014-11-18T11:44:59
|
|
Merge pull request #2608 from libgit2/cmn/remote-push
Provide a convenience function `git_remote_push()`
|
|
7f1b73b7
|
2014-11-17T17:03:55
|
|
Merge pull request #2693 from libgit2/cmn/push-refspec-refactor
push: use the common refspec parser
|
|
aad638f3
|
2014-11-07T15:00:11
|
|
push: use the common refspec parser
There is one well-known and well-tested parser which we should use,
instead of implementing parsing a second time.
The common parser is also augmented to copy the LHS into the RHS if the
latter is empty.
The expressions test had to change a bit, as we now catch a bad RHS of a
refspec locally.
|
|
64e3e6d4
|
2014-10-11T12:25:50
|
|
remote: use configured push refspecs if none are given
If the user does not pass any refspecs to push, try to use those
configured via the configuration or via add_push().
|
|
6eb9e39c
|
2014-10-10T13:35:57
|
|
push: move main test function to git_remote_push()
We have the step-by-step method in the initialization function as we
want to remove references based on the list of references which are
already there, and we can use the convenience function for testing the
main push.
|
|
3149547b
|
2014-10-10T12:39:53
|
|
remote: introduce git_remote_push()
This function, similar in style to git_remote_fetch(), performs all the
steps required for a push, with a similar interface.
The remote callbacks struct has learnt about the push callbacks, letting
us set the callbacks a single time instead of setting some in the remote
and some in the push operation.
|
|
209425ce
|
2014-11-08T13:25:51
|
|
remote: rename _load() to _lookup()
This brings it in line with the rest of the lookup functions.
|
|
f54d8d52
|
2014-10-10T11:28:58
|
|
Merge pull request #2574 from csware/hostname-for-certificate_check_cb
Provide host name to certificate_check_cb
|
|
db3d169c
|
2014-09-24T11:28:45
|
|
Add tests for host names
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
9c206a22
|
2014-06-06T15:24:53
|
|
remote: use active refspec override in the tests
This lets us test this bit as well as getting closer to what they were
trying to do.
|
|
3f894205
|
2014-06-06T15:01:45
|
|
remote: allow overriding the refspecs for download and fetch
With opportunistic ref updates, git has introduced the concept of having
base refspecs *and* refspecs that are active for a particular fetch.
Let's start by letting the user override the refspecs for download.
|
|
e6e834a1
|
2014-09-18T12:23:07
|
|
Provide host name to certificate_check_cb
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
52e09724
|
2014-09-16T17:13:58
|
|
ssh: skip the localhost cert check earlier
Skip it before we attempt to clone, as we would exit with -1 on systems
which do not have sshd running.
|
|
1e0aa105
|
2014-09-16T03:22:09
|
|
ssh: expose both hashes
The user may have the data hashed as MD5 or SHA-1, so we should provide
both types for consumption.
|
|
286369a8
|
2014-09-16T02:27:16
|
|
ssh: provide our own types for host key lengths
Instead of using the libssh2 defines, provide our own, which eases usage
as we do not need to check whether libgit2 was built with libssh2 or not.
|
|
0782fc43
|
2014-09-16T01:47:30
|
|
net: use only structs to pass information about cert
Instead of spreading the data in function arguments, some of which
aren't used for ssh and having a struct only for ssh, use a struct for
both, using a common parent to pass to the callback.
|
|
0fef3899
|
2014-09-16T01:25:53
|
|
Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info
|
|
bf8756d6
|
2014-09-15T21:51:42
|
|
ssh: add test for host key
Test that the certificate check callback gets the right fingerprint from
the host we're connecting to.
|
|
23ca0ad5
|
2014-08-29T21:25:13
|
|
Bring certificate check back to the normal return code
Returning 0 lets the certificate check succeed. An error code is bubbled
up to the user.
|
|
2f5864c5
|
2014-08-29T21:15:36
|
|
ssh: do ssh cert info before asking for credentials
We know the host's key as soon as we connect, so we should perform the
check as soon as we can, before we bother with the user's credentials.
|
|
08545d36
|
2014-08-30T00:40:37
|
|
winhttp: credential check on successful connect
On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
|
|
17491f6e
|
2014-08-29T17:18:23
|
|
transport: always call the certificate check callback
We should let the user decide whether to cancel the connection or not
regardless of whether our checks have decided that the certificate is
fine. We provide our own assessment to the callback to let the user fall
back to our checks if they so desire.
|
|
85acc562
|
2014-08-29T17:07:07
|
|
remote: add tests for the certificate callback
|
|
9b940586
|
2014-07-04T12:45:43
|
|
Provide a callback for certificate validation
If the certificate validation fails (or always in the case of ssh),
let the user decide whether to allow the connection.
The data structure passed to the user is the native certificate
information from the underlying implementation, namely OpenSSL or
WinHTTP.
|
|
a7fcac13
|
2014-09-15T20:26:12
|
|
Merge pull request #2554 from linquize/fetch-head-tag
When auto follow tags, FETCH_HEAD should list only newly followed tags
|
|
d908351a
|
2014-09-05T22:31:53
|
|
When auto follow tags, FETCH_HEAD should list only newly followed tags
|
|
0ac9f9a0
|
2014-09-03T00:13:23
|
|
Merge pull request #2545 from linquize/no-ssh
Skip SSH clone tests if libgit2 not built with GIT_SSH defined
|
|
fe3b6789
|
2014-09-01T19:18:20
|
|
Skip SSH clone tests if libgit2 not built with GIT_SSH defined
|
|
aff70018
|
2014-08-31T22:43:53
|
|
MSVC does not support zero size array
|
|
f0c53d21
|
2014-08-27T10:28:46
|
|
winhttp: Prevent swallowing of url parsing error
|
|
c13b6844
|
2014-08-27T15:25:46
|
|
Adjust clone tests to USERNAME cred type
|
|
6a0d2b43
|
2014-08-27T15:09:07
|
|
Merge remote-tracking branch 'upstream/master' into cmn/ssh-retry
|
|
d28b2b7a
|
2014-08-18T15:18:59
|
|
Merge pull request #2528 from libgit2/vmg/tostr_s
Export `git_oid_tostr_s` instead of `_allocfmt`
|
|
4ca0b566
|
2014-08-18T12:41:06
|
|
oid: Export `git_oid_tostr_s` instead of `_allocfmt`
The old `allocfmt` is of no use to callers, as they are not able to free
the returned buffer. Export a new API that returns a static string that
doesn't need to be freed.
|
|
adcdeb36
|
2014-08-01T13:06:37
|
|
online::clone::credentials support default credentials
|
|
f96e7e6c
|
2014-08-15T11:10:27
|
|
Free references during push validation
|
|
0f29e967
|
2014-08-01T13:43:46
|
|
Remove the refs/notes/commits that we push in test
The online::push::notes test pushes a note but leaves it hanging
around for other tests to stumble across when they're validating
that they're seeing the refs they expect to see. Clean it up on
exit.
|
|
aea67633
|
2014-07-31T17:59:03
|
|
Don't run the ssh clone tests against http remotes
|
|
d4256ed5
|
2014-07-04T10:00:39
|
|
ssh: provide a factory function for setting ssh paths
git allows you to set which paths to use for the git server programs
when connecting over ssh; and we want to provide something similar.
We do this by providing a factory function which can be set as the
remote's transport callback which will set the given paths upon
creation.
|
|
6812afaf
|
2014-06-30T21:36:38
|
|
clone: remote git_clone_into{,_local} from the public API
As git_clone now has callbacks to configure the details of the
repository and remote, remove the lower-level functions from the public
API, as they lack some of the logic from git_clone proper.
|
|
e26b08d3
|
2014-06-25T17:05:27
|
|
ssh: adjust clone and push test credentials to the split user+pass method
For urls where we do not specify a username, we must handle the case
where the ssh transport asks us for the username.
Test also that switching username fails.
|
|
ccb85c8f
|
2014-06-25T16:27:43
|
|
ssh: make sure to ask for a username and use the same one
In order to know which authentication methods are supported/allowed by
the ssh server, we need to send a NONE auth request, which needs a
username associated with it.
Most ssh server implementations do not allow switching the username
between authentication attempts, which means we cannot use a dummy
username and then switch. There are two ways around this.
The first is to use a different connection, which an earlier commit
implements, but this increases how long it takes to get set up, and
without knowing the right username, we cannot guarantee that the
list we get in response is the right one.
The second is what's implemented here: if there is no username specified
in the url, ask for it first. We can then ask for the list of auth
methods and use the user's credentials in the same connection.
|
|
d7f962f4
|
2014-06-16T19:30:06
|
|
ssh: request credentials again on authentication failure
Instead of completely giving up on the first failure, ask for
credentials as long as we fail to authenticate.
|
|
b529c5f9
|
2014-06-12T17:19:00
|
|
ssh: propagate the error code from the auth callback
We need to be able to get a GIT_EUSER back through the outermost call.
|
|
22618906
|
2014-06-12T16:09:54
|
|
ssh: detect authentication methods
Before calling the credentials callback, ask the sever which
authentication methods it supports and report that to the user, instead
of simply reporting everything that the transport supports.
In case of an error, we do fall back to listing all of them.
|
|
09561d33
|
2014-06-13T22:27:46
|
|
test: remove assembla clone test
The assembla failure we were seeing referred to a private repository,
which is not what is there at the moment.
This reverts 1fd21b0342f
|