Log

Author Commit Date CI Message
Edward Thomson 9f7ad3c5 2017-12-23T10:55:13 Merge pull request #4430 from tiennou/fix/openssl-x509-leak Free OpenSSL peer certificate
Edward Thomson 30d91760 2017-12-23T10:52:08 Merge pull request #4435 from lhchavez/ubsan-shift-overflow libFuzzer: Prevent a potential shift overflow
Edward Thomson 1ddc57b3 2017-12-23T10:09:12 Merge pull request #4402 from libgit2/ethomson/iconv cmake: let USE_ICONV be optional on macOS
Edward Thomson 06f3aa5f 2017-12-23T10:07:44 Merge pull request #4429 from novalis/delete-modify-submodule-merge Do not attempt to check out submodule as blob when merging a submodule modify/deltete conflict
Edward Thomson a0867242 2017-12-19T00:02:52 Merge pull request #4449 from libgit2/charliesome/git-authors-jonathan-tan Add Jonathan Tan to git.git-authors
Charlie Somerville 1ee0628d 2017-12-19T10:09:44 Add Jonathan Tan to git.git-authors Jonathan has consented via email to have his contributions to git reused in libgit2
Edward Thomson fa8cf14f 2017-12-16T21:49:45 Merge pull request #4447 from pks-t/pks/diff-file-contents-refcount-blob diff_file: properly refcount blobs when initializing file contents
Etienne Samson 8be2a790 2017-12-05T23:21:05 openssl: free the peer certificate Per SSL_get_peer_certificate docs: ``` The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer certificate is freed. The X509 object must be explicitly freed using X509_free(). ```
Etienne Samson 2518eb81 2017-11-24T14:04:10 openssl: merge all the exit paths of verify_server_cert This makes it easier to cleanup allocated resources on exit.
lhchavez 53f2c6b1 2017-12-15T15:01:50 Simplified overflow condition
Patrick Steinhardt 2482559d 2017-12-15T05:52:02 Merge pull request #4432 from lhchavez/fix-missing-trailer libFuzzer: Fix missing trailer crash
Patrick Steinhardt 2388a9e2 2017-12-15T10:47:01 diff_file: properly refcount blobs when initializing file contents When initializing a `git_diff_file_content` from a source whose data is derived from a blob, we simply assign the blob's pointer to the resulting struct without incrementing its refcount. Thus, the structure can only be used as long as the blob is kept alive by the caller. Fix the issue by using `git_blob_dup` instead of a direct assignment. This function will increment the refcount of the blob without allocating new memory, so it does exactly what we want. As `git_diff_file_content__unload` already frees the blob when `GIT_DIFF_FLAG__FREE_BLOB` is set, we don't need to add new code handling the free but only have to set that flag correctly.
Patrick Steinhardt c342c131 2017-12-15T04:01:13 Merge pull request #4444 from tiennou/fix/4440 stransport: provide error message on trust failures
Etienne Samson 1b2e83a9 2017-12-13T00:19:41 stransport: provide error message on trust failures Fixes #4440
lhchavez e7fac2af 2017-12-09T05:26:27 Using unsigned instead
lhchavez c8aaba24 2017-12-06T03:03:18 libFuzzer: Fix missing trailer crash This change fixes an invalid memory access when the trailer is missing / corrupt. Found using libFuzzer.
Patrick Steinhardt 1bf173c3 2017-12-08T03:02:32 Merge pull request #4431 from lhchavez/fix-stream-leak libFuzzer: Fix a git_packfile_stream leak
lhchavez 28662c13 2017-12-08T06:00:27 libFuzzer: Prevent a potential shift overflow The type of |base_offset| in get_delta_base() is `git_off_t`, which is a signed `long`. That means that we need to make sure that the 8 most significant bits are zero (instead of 7) to avoid an overflow when it is shifted by 7 bits. Found using libFuzzer.
lhchavez 400caed3 2017-12-06T03:22:58 libFuzzer: Fix a git_packfile_stream leak This change ensures that the git_packfile_stream object in git_indexer_append() does not leak when the stream has errors. Found using libFuzzer.
David Turner 2a3e0635 2017-12-04T16:56:07 Do not attempt to check out submodule as blob when merging a submodule modify/deltete conflict
Edward Thomson 429bb357 2017-12-01T11:45:53 Merge pull request #4318 from Uncommon/amend_status Add git_status_file_at
Edward Thomson 344b4ead 2017-12-01T11:27:15 Merge pull request #4427 from pks-t/pks/openssl-threadid openssl: fix thread-safety on non-glibc POSIX systems
Edward Thomson 494a2f23 2017-11-30T21:45:27 Merge pull request #4426 from pks-t/pks/diff-flag-set-fix diff_generate: fix unsetting diff flags
Edward Thomson 6cf53e8f 2017-11-30T21:41:16 Merge pull request #4424 from tiennou/fix/incorrect-winhttp-cert-payload Use the same cert checking payload in WinHTTP
Patrick Steinhardt 2d2e70f8 2017-11-30T18:10:28 openssl: fix thread-safety on non-glibc POSIX systems While the OpenSSL library provides all means to work safely in a multi-threaded application, we fail to do so correctly. Quoting from crypto_lock(3): OpenSSL can safely be used in multi-threaded applications provided that at least two callback functions are set, locking_function and threadid_func. We do in fact provide the means to set up the locking function via `git_openssl_set_locking()`, where we initialize a set of locks by using the POSIX threads API and set the correct callback function to lock and unlock them. But what we do not do is setting the `threadid_func` callback. This function is being used to correctly locate thread-local data of the OpenSSL library and should thus return per-thread identifiers. Digging deeper into OpenSSL's documentation, the library does provide a fallback in case that locking function is not provided by the user. On Windows and BeOS we should be safe, as it simply "uses the system's default thread identifying API". On other platforms though OpenSSL will fall back to using the address of `errno`, assuming it is thread-local. While this assumption holds true for glibc-based systems, POSIX in fact does not specify whether it is thread-local or not. Quoting from errno(3p): It is unspecified whether errno is a macro or an identifier declared with external linkage. And in fact, with musl there is at least one libc implementation which simply declares `errno` as a simple `int` without being thread-local. On those systems, the fallback threadid function of OpenSSL will not be thread-safe. Fix this by setting up our own callback for this setting. As users of libgit2 may want to set it themselves, we obviously cannot always set that function on initialization. But as we already set up primitives for threading in `git_openssl_set_locking()`, this function becomes the obvious choice where to implement the additional setup.
Patrick Steinhardt 5ca3f115 2017-11-30T15:12:48 diff_generate: fix unsetting diff flags The macro `DIFF_FLAG_SET` can be used to set or unset a flag by modifying the diff's bitmask. While the case of setting the flag is handled correctly, the case of unsetting the flag was not. Instead of inverting the flags, we are inverting the value which is used to decide whether we want to set or unset the bits. The value being used here is a simple `bool` which is `false`. As that is being uplifted to `int` when getting the bitwise-complement, we will end up retaining all bits inside of the bitmask. As that's only ever used to set `GIT_DIFF_IGNORE_CASE`, we were actually always ignoring case for generated diffs. Fix that by instead getting the bitwise-complement of `FLAG`, not `VAL`.
Patrick Steinhardt 90fc7f53 2017-11-30T15:09:05 diff: remove unused macros `DIFF_FLAG_*` In commit 9be638ecf (git_diff_generated: abstract generated diffs, 2016-04-19), the code for generated diffs was moved out of the generic "diff.c" and instead into its own module. During that conversion, it was forgotten to remove the macros `DIFF_FLAG_IS_SET`, `DIFF_FLAG_ISNT_SET` and `DIFF_FLAG_SET`, which are now only used in "diff_generated.c". Remove those macros now.
David Catmull 4ccacdc8 2017-07-21T17:07:10 status: Add a baseline field to git_status_options for comparing to trees other than HEAD
Edward Thomson a9b66677 2017-11-30T14:17:04 Merge pull request #4422 from pks-t/pks/commit-msg-style CONTRIBUTING: add documentation of our commit message style
Etienne Samson 38eaa7ab 2017-11-24T12:28:19 winhttp: pass the same payload as ssh & http transports when checking certificates
Patrick Steinhardt 364184ac 2017-11-25T11:35:50 Merge pull request #4423 from apnadkarni/patch-1 Include git2/worktree.h in git2.h
apnadkarni d439fb20 2017-11-25T15:48:03 Include git2/worktree.h in git2.h I'm not sure if worktree.h was intentionally left out of git2.h. Looks like an oversight since it is in fact documented.
Edward Thomson fa767daa 2017-11-24T22:30:32 Merge pull request #4410 from libgit2/ethomson/readme Getting started README improvements
Edward Thomson 5bcaba5d 2017-11-15T22:52:23 README: add up some marketing
Edward Thomson 8cbfa183 2017-11-15T22:42:35 README: document test output
Edward Thomson d8c603aa 2017-11-12T13:58:37 TROUBLESHOOTING: introduce guide for common errors Introduce a simple FAQ for common errors for people getting started with the project.
Edward Thomson c5d8682f 2017-11-12T14:47:11 README: clarify why one would run libgit2_clar Since we recommend `ctest -V`, it's not clear why somebody would want to run `libgit2_clar`. Indicate that it's helpful when running individual tests or suites.
Edward Thomson 9e91a989 2017-11-12T13:05:59 README: provide quick start paragraph Provide a very simple quick start paragraph that highlights how easy it is to get started, and points people toward common problems.
Edward Thomson dc985353 2017-11-12T12:03:21 README: drop VS command shell instructions Users should not be advised to use the VS command prompt; instead, they should let cmake find their Visual Studio installation.
Edward Thomson b2d54cfa 2017-11-12T11:59:56 README: suggest `ctest -V` for getting started Suggest that users run `ctest -V` instead of `make test` when getting started. `ctest -V` is superior over alternatives as: 1. Unlike `make test`, it gives output. Users getting started with the library believe that it is hung. 2. `ctest -V` shows verbose output; showing suite names is helpful for giving users more feedback immediately.
Patrick Steinhardt d7905450 2017-11-24T11:21:54 CONTRIBUTING: add documentation of our commit message style While we try to conform to a certain commit message style, this style has never been documented anywhere. Document it such that new contributors do not have to go through another needless iteration of their pull requests just to fix up commit messages.
Patrick Steinhardt 59ffb512 2017-11-24T10:37:09 Merge pull request #4298 from tiennou/gather-reflog-messages-tests Gather the reflog entry content tests
Etienne Samson da635eda 2017-11-22T23:47:29 tests: move free functions at the end
Carlos Martín Nieto 54510cc6 2017-11-19T09:10:02 Merge pull request #4391 from libgit2/cmn/expose-indent-heuristic diff: expose the "indent heuristic" in the diff options
Carlos Martín Nieto 7e3faf58 2017-10-29T15:05:28 diff: expose the "indent heuristic" in the diff options We default to off, but we might want to consider changing `GIT_DIFF_NORMAL` to include it.
Carlos Martín Nieto a8f19f81 2017-11-18T18:41:52 Merge pull request #4420 from pks-t/pks/strict-aliasing refcount: make refcounting conform to aliasing rules
Patrick Steinhardt 585b5dac 2017-11-18T15:43:11 refcount: make refcounting conform to aliasing rules Strict aliasing rules dictate that for most data types, you are not allowed to cast them to another data type and then access the casted pointers. While this works just fine for most compilers, technically we end up in undefined behaviour when we hurt that rule. Our current refcounting code makes heavy use of casting and thus violates that rule. While we didn't have any problems with that code, Travis started spitting out a lot of warnings due to a change in their toolchain. In the refcounting case, the code is also easy to fix: as all refcounting-statements are actually macros, we can just access the `rc` field directly instead of casting. There are two outliers in our code where that doesn't work. Both the `git_diff` and `git_patch` structures have specializations for generated and parsed diffs/patches, which directly inherit from them. Because of that, the refcounting code is only part of the base structure and not of the children themselves. We can help that by instead passing their base into `GIT_REFCOUNT_INC`, though.
Edward Thomson 530c878d 2017-11-15T22:43:37 Merge pull request #4414 from cpoerschke/master-test-status-codes-legend add test status codes legend to the 'Started' test trace
Etienne Samson ebe5d8ec 2017-07-21T20:12:01 tests: move static method to the top
Etienne Samson f01a8587 2017-07-21T17:45:44 tests: make reflog_check_entry more clar-y
Etienne Samson b9b1f9f8 2017-07-14T03:21:02 tests: clarify which steps corresponds to each checks
Etienne Samson 53672128 2017-07-21T17:35:30 tests: gather the reflog entry content tests
Christine Poerschke 19f37f97 2017-11-13T13:16:28 add test status codes legend to the 'Started' test trace motivation: (for someone new to the tests) it's puzzling to find the odd 'S' interspersed in the test output proposed alternative test output (extract): $ cmake --build . && ./libgit2_clar -srepo -v ... Loaded 340 suites: Started (test status codes: OK='.' FAILURE='F' SKIPPED='S') repo::config... repo::discover.......... repo::env. repo::getters... repo::hashfile.. repo::head...................... repo::headtree.... repo::init.........................S repo::message.. repo::new.. repo::open............. repo::pathspec.......... repo::reservedname..... repo::setters..... repo::shallow.... repo::state.............
Carlos Martín Nieto 15f8d9a2 2017-11-13T11:44:30 Merge pull request #4412 from cpoerschke/master-tests-repo-init-tweak s/Init/Index comment tweak for test_repo_init__init_with_initial_commit
Christine Poerschke 732c0b6d 2017-11-12T15:17:31 s/Init/Index comment tweak for test_repo_init__init_with_initial_commit
Patrick Steinhardt fd1492e8 2017-11-12T15:34:42 Merge pull request #4408 from hkleynhans/pos_neg_zero_offset_sig signature: distinguish +0000 and -0000 UTC offsets
Henry Kleynhans f063dafb 2017-11-12T10:56:50 signature: distinguish +0000 and -0000 UTC offsets Git considers '-0000' a valid offset for signature lines. They need to be treated as _not_ equal to a '+0000' signature offset. Parsing a signature line stores the offset in a signed integer which does not distinguish between `+0` and `-0`. This patch adds an additional flag `sign` to the `git_time` in the `signature` object which is populated with the sign of the offset. In addition to exposing this information to the user, this information is also used to compare signatures. /cc @pks-t @ethomson
Patrick Steinhardt 8c928be4 2017-11-12T12:34:51 Merge pull request #4406 from yoney/clar Fix clar to verify command line arguments before execute
Edward Thomson 1d7c15ad 2017-11-11T20:15:07 Merge pull request #4310 from pks-t/pks/common-parser Common parser interface
Yoney 32758631 2017-11-11T15:38:27 clar: verify command line arguments before execute When executing `libgit2_clar -smerge -invalid_option`, it will first execute the merge test suite and afterwards output help because of the invalid option. With this changa, it verifies all options before execute. If there are any invalid options, it will output help and exit without actually executing the test suites.
Edward Thomson bbb213c1 2017-11-11T13:19:24 cmake: let USE_ICONV be optional on macOS Instead of forcing iconv support on macOS (by forcing `USE_ICONV` on), honor the `USE_ICONV` option only on macOS. Although macOS includes iconv by default, some macOS users may have a deficient installation for some reason and they should be provided a workaround to use libgit2 even in this situation. iconv support is now disabled entirely on non-macOS platforms. No other platform supports core.precomposeunicode, and iconv should never be linked.
Edward Thomson 46e1dabb 2017-11-11T17:21:13 Merge pull request #4403 from hkleynhans/select_bundled_zlib cmake: Allow user to select bundled zlib
Patrick Steinhardt 9e66590b 2017-07-21T13:01:43 config_parse: use common parser interface As the config parser is now cleanly separated from the config file code, we can easily refactor the code and make use of the common parser module. This removes quite a lot of duplicated functionality previously used for handling the actual parser state and replaces it with the generic interface provided by the parser context.
Patrick Steinhardt 1953c68b 2017-11-11T17:12:31 config_file: split out module to parse config files The configuration file code grew quite big and intermingles both actual configuration logic as well as the parsing logic of the configuration syntax. This makes it hard to refactor the parsing logic on its own and convert it to make use of our new parsing context module. Refactor the code and split it up into two parts. The config file code will only handle actual handling of configuration files, includes and writing new files. The newly created config parser module is then only responsible for parsing the actual contents of a configuration file, leaving everything else to callbacks provided to its provided function `git_config_parse`.
Patrick Steinhardt 7bdfc0a6 2017-07-14T15:33:32 parse: always initialize line pointer Upon initializing the parser context, we do not currently initialize the current line, line length and line number. Do so in order to make the interface easier to use and more obvious for future consumers of the parsing API.
Patrick Steinhardt e72cb769 2017-07-14T14:37:07 parse: implement `git_parse_peek` Some code parts need to inspect the next few bytes without actually consuming it yet, for example to examine what content it has to expect next. Create a new function `git_parse_peek` which returns the next byte without modifying the parsing context and use it at multiple call sites.
Patrick Steinhardt 252f2eee 2017-07-14T13:45:05 parse: implement and use `git_parse_advance_digit` The patch parsing code has multiple recurring patterns where we want to parse an actual number. Create a new function `git_parse_advance_digit` and use it to avoid code duplication.
Patrick Steinhardt 65dcb645 2017-07-14T13:29:29 patch_parse: use git_parse_contains_s Instead of manually checking the parsing context's remaining length and comparing the leading bytes with a specific string, we can simply re-use the function `git_parse_ctx_contains_s`. Do so to avoid code duplication and to further decouple patch parsing from the parsing context's struct members.
Patrick Steinhardt ef1395f3 2017-11-11T15:30:43 parse: extract parse module The `git_patch_parse_ctx` encapsulates both parser state as well as options specific to patch parsing. To advance this state and keep it consistent, we provide a few functions which handle advancing the current position and accessing bytes of the patch contents. In fact, these functions are quite generic and not related to patch-parsing by themselves. Seeing that we have similar logic inside of other modules, it becomes quite enticing to extract this functionality into its own parser module. To do so, we create a new module `parse` with a central struct called `git_parse_ctx`. It encapsulates both the content that is to be parsed as well as its lengths and the current position. `git_patch_parse_ctx` now only contains this `parse_ctx` only, which is then accessed whenever we need to touch the current parser. This is the first step towards re-using this functionality across other modules which require parsing functionality and remove code-duplication.
Henry Kleynhans a0b0b808 2017-11-11T14:03:14 cmake: Allow user to select bundled zlib Under some circumstances the installed / system version of zlib may not be desirable due to being too old or buggy. This patch adds the option `USE_BUNDLED_ZLIB` that will cause the bundled version of zlib to be used. We may also want to add similar functionality to allow the user to select other bundled 3rd-party dependencies instead of using the system versions. /cc @pks-t @ethomson
Edward Thomson 0393ecc6 2017-11-11T13:29:27 Merge pull request #4308 from pks-t/pks/header-state-machine patch_parse: implement state machine for parsing patch headers
Edward Thomson 5a061a23 2017-11-10T23:23:02 Merge pull request #4401 from ktdreyer/describe-h-spelling describe.h: fix spelling in comments
Ken Dreyer 38169764 2017-11-10T16:19:39 describe.h: fix spelling in comments optios -> options
Patrick Steinhardt 88450c1c 2017-11-09T21:49:30 Merge pull request #4283 from tiennou/generic-tls CMake: make HTTPS support more generic
Edward Thomson 28c89507 2017-11-06T11:49:46 Merge pull request #4394 from libgit2/cmn/macos-ramdisk travis: put clar's sandbox in a ramdisk on macOS
Edward Thomson 1082eabb 2017-11-06T11:36:34 Merge pull request #4397 from pks-t/pks/appveyor-examples appveyor: build examples
Patrick Steinhardt bf15dbf6 2017-11-06T12:47:40 examples: network: fix Win32 linking errors due to getline The getline(3) function call is not part of ISO C and, most importantly, it is not implemented on Microsoft Windows platforms. As our networking example code makes use of getline, this breaks builds on MSVC and MinGW. As this code wasn't built prior to the previous commit, this was never noticed. Fix the error by instead implementing a `readline` function, which simply reads the password from stdin until it reads a newline character.
Patrick Steinhardt 0b98a66b 2017-11-06T11:16:02 appveyor: build examples By default, CMake will not build our examples directory. As we do not instruct either the MinGW or MSVC builds on AppVeyor to enable building these examples, we cannot verify that those examples at least build on Windows systems. Fix that by passing `-DBUILD_EXAMPLES=ON` to AppVeyor's CMake invocation.
Carlos Martín Nieto 8233f6e3 2017-11-04T23:34:14 Merge pull request #4386 from novalis/gitignore-ignore-space ignore spaces in .gitignore files
Carlos Martín Nieto 6f1e4f4f 2017-11-04T18:31:22 CHANGELOG: add note about supporting conditional includes
Carlos Martín Nieto 0d723f39 2017-11-04T18:30:29 Merge pull request #4332 from pks-t/pks/conditional-includes Conditional includes
Carlos Martín Nieto 42627933 2017-11-04T18:03:26 Merge remote-tracking branch 'upstream/master' into pks/conditional-includes
Carlos Martín Nieto 1475b981 2017-11-04T18:00:56 config: keep the output parameter at the start of the function
Carlos Martín Nieto 71ba4644 2017-10-31T14:43:28 travis: let's try a 5GB ramdisk
Carlos Martín Nieto 37bb1512 2017-10-31T10:40:24 travis: put clar's sandbox in a ramdisk on macOS The macOS tests are by far the slowest right now. This attempts to remedy the situation somewhat by asking clar to put its test data on a ramdisk.
Carlos Martín Nieto c44b9170 2017-10-31T09:52:33 tests: resolve the real path for the sandbox in includeIf tests We put our repository in the temporary directory which makes macOS map the path into a virtual path. `realpath(3)` can resolve it and we do so during repository opening, but that makes its path have a different prefix from the sandbox path clar thinks we have. Resolve the sandbox path before putting it into the test config files so the paths match as expected.
Carlos Martín Nieto 990d2b85 2017-10-31T00:13:59 Merge pull request #4393 from libgit2/ethomson/pgpkey travis: grab pgp key from www.edwardthomson.com
Carlos Martín Nieto 6f8a6c33 2017-10-31T00:02:52 Merge pull request #4392 from libgit2/cmn/config-write-preserve-case Preserve the input casing when writing config files
Edward Thomson 45c6efd5 2017-10-30T15:40:44 travis: grab pgp key from www.edwardthomson.com Getting the key from the MIT keyserver is surprisingly unreliable. Try getting it from my website instead...
Carlos Martín Nieto 94e30d9b 2017-10-30T15:55:18 config: check for OOM when writing
Carlos Martín Nieto ba1afdc3 2017-10-30T06:29:02 CHANGELOG: add note about config writing changes
Carlos Martín Nieto 8ec806d7 2017-10-30T06:23:31 config: preserve the original case when writing out new sections and vars For sections we will still use the existing one even if the case disagrees, but the variable always gets written with the case given by the caller.
Carlos Martín Nieto bb8bc4b8 2017-10-30T06:21:55 config: add failing test for preserving case when writing keys While most parts of a configuration key are case-insensitive, we should still be case-preserving and write down whatever string the caller provided.
David Turner 5cb6a2c9 2017-10-29T12:28:43 Ignore trailing whitespace in .gitignore files (as git itself does)
Carlos Martín Nieto 9e3fb594 2017-10-29T15:32:18 Merge pull request #4373 from cjhoward92/examples/log-show-log-size example-log: add support for --log-size
Carlos Martín Nieto 79e09e1a 2017-10-29T13:16:09 Merge pull request #3944 from mhagger/diff-indent-heuristic Implement a diff indent heuristic
Carlos Martín Nieto 1b9cc2ec 2017-10-29T12:08:00 Merge remote-tracking branch 'upstream/master' into diff-indent-heuristic
Edward Thomson 781d73bf 2017-10-28T12:08:39 Merge pull request #4357 from invenia/cv/ssh-passphrase-incorrect Ask for SSH credentials again when passphrase is wrong
Edward Thomson 70e4a31a 2017-10-28T12:07:08 Merge pull request #4384 from pks-t/pks/rm-example-makefile examples: remove Makefile
Etienne Samson c9bb68c2 2017-09-07T00:41:54 cmake: move Darwin-specific block around This allows us to only link against CoreFoundation when using the SecureTransport backend