src/transports/http.c


Log

Author Commit Date CI Message
Pierre-Olivier Latour 1630981e 2015-06-30T09:03:23 http: fixed leak when asking for credentials again t->cred might have been allocated the previous time and needs to be freed before asking caller for credentials again.
Carlos Martín Nieto 8b380060 2015-06-29T21:12:44 http: don't give up on auth on the first try When the server rejects an authentication request, ask the caller for the credentials again, instead of giving up on the first try.
Carlos Martín Nieto 8443f492 2015-06-11T16:57:04 curl: remove the encrypted param to the constructor We do not want libcurl to perform the TLS negotiation for us, so we don't need to pass this option.
Carlos Martín Nieto f97d5d09 2015-06-11T16:54:48 http: ask for the curl stream for non-encrypted connections The TLS streams talk over the curl stream themselves, so we don't need to ask for it explicitly. Do so in the case of the non-encrypted one so we can still make use proxies in that case.
Carlos Martín Nieto 8762d721 2015-06-07T14:51:10 http: set the proxy if the stream supports it Of the built-in ones, only cURL support it, but there's no reason a user-provided stream wouldn't support it.
Carlos Martín Nieto 8dea1c21 2015-06-05T11:02:11 Implement a curl stream cURL has a mode in which it acts a lot like our streams, providing send and recv functions and taking care of the TLS and proxy setup for us. Implement a new stream which uses libcurl instead of raw sockets or the TLS libraries directly. This version does not support reporting certificates or proxies yet.
J Wyman 7dd22538 2015-05-11T10:19:25 centralizing all IO buffer size values
Carlos Martín Nieto 24e53d2f 2015-03-19T09:55:20 Rename GIT_SSL to GIT_OPENSSL This is what it's meant all along, but now we actually have multiple implementations, it's clearer to use the name of the library.
Carlos Martín Nieto 6946a3be 2015-03-19T00:18:03 Abstract away the TLS stream implementation Instead, provide git_tls_stream_new() to ask for the most appropriate encrypted stream and use it in our HTTP transport.
Carlos Martín Nieto 6bb54cbf 2014-11-02T13:23:32 Add a SecureTransport TLS channel As an alternative to OpenSSL when we're on OS X. This one can actually take advantage of stacking the streams.
Edward Thomson c5e07187 2015-03-24T14:03:51 Merge pull request #2990 from leoyanggit/custom_param Add a custom param to git_smart_subtransport_definition
Leo Yang 142e5379 2015-03-17T12:49:33 Add a custom param to git_smart_subtransport_definition The smart transport has already take the payload param. For the sub transport a payload param is useful for the implementer.
Carlos Martín Nieto 84d83b8e 2015-03-16T19:41:50 http: do not try to use the cert callback on unencrypted streams When the user has a certificate check callback set, we still have to check whether the stream we're using is even capable of providing a certificate. In the case of an unencrypted certificate, do not ask for it from the stream, and do not call the callback.
Carlos Martín Nieto e892b6a9 2015-03-03T17:23:01 http: enforce the credential types The user may decide to return any type of credential, including ones we did not say we support. Add a check to make sure the user returned an object of the right type and error out if not.
Carlos Martín Nieto a2fd56ab 2014-12-10T16:22:50 Fix a couple of compiler warnings
Carlos Martín Nieto b6f5464e 2014-11-01T21:35:06 Port HTTP(S) to the new stream API
Carlos Martín Nieto 1ca61bdc 2014-11-19T20:53:25 fetch: clear the connection data on close When we fetch twice with the same remote object, we did not properly clear the connection flags, so we would leak state from the last connection. This can cause the second fetch with the same remote object to fail if using a HTTP URL where the server redirects to HTTPS, as the second fetch would see `use_ssl` set and think the initial connection wanted to downgrade the connection.
Edward Thomson 369b0217 2014-10-13T13:34:15 Clean up various compiler warnings
Sven Strickroth e6e834a1 2014-09-18T12:23:07 Provide host name to certificate_check_cb Signed-off-by: Sven Strickroth <email@cs-ware.de>
Carlos Martín Nieto 0782fc43 2014-09-16T01:47:30 net: use only structs to pass information about cert Instead of spreading the data in function arguments, some of which aren't used for ssh and having a struct only for ssh, use a struct for both, using a common parent to pass to the callback.
Carlos Martín Nieto 41698f22 2014-09-11T10:04:05 net: remove support for outright ignoring certificates This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.
Carlos Martín Nieto 23ca0ad5 2014-08-29T21:25:13 Bring certificate check back to the normal return code Returning 0 lets the certificate check succeed. An error code is bubbled up to the user.
Carlos Martín Nieto 17491f6e 2014-08-29T17:18:23 transport: always call the certificate check callback We should let the user decide whether to cancel the connection or not regardless of whether our checks have decided that the certificate is fine. We provide our own assessment to the callback to let the user fall back to our checks if they so desire.
Carlos Martín Nieto ec1ce458 2014-08-10T17:06:53 http: send the DER-encoded cert to the callback Instead of the parsed data, we can ask OpenSSL to give us the DER-encoded version of the certificate, which the user can then parse and validate.
Carlos Martín Nieto 9b940586 2014-07-04T12:45:43 Provide a callback for certificate validation If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.
Carlos Martín Nieto 294c6f29 2014-08-16T22:12:13 http: make sure we can consume the data we request The recv buffer (parse_buffer) and the buffer have independent sizes and offsets. We try to fill in parse_buffer as much as possible before passing it to the http parser. This is fine most of the time, but fails us when the buffer is almost full. In those situations, parse_buffer can have more data than we would be able to put into the buffer (which may be getting full if we're towards the end of a data sideband packet). To work around this, we check if the space we have left on our buffer is smaller than what could come from the network. If this happens, we make parse_buffer think that it has as much space left as our buffer, so it won't try to retrieve more data than we can deal with. As the start of the data may no longer be at the start of the buffer, we need to keep track of where it really starts (data_offset) and use that in our calculations for the real size of the data we received from the network. This fixes #2518.
Edward Thomson 23135afa 2014-08-14T11:52:20 Introduce proper http authentication API
Edward Thomson 315cb38e 2014-07-31T18:43:20 Add GSSAPI support for SPNEGO/Kerberos auth over HTTP
Edward Thomson e003f83a 2014-07-31T15:14:56 Introduce git_buf_decode_base64 Decode base64-encoded text into a git_buf
Edward Thomson 40867266 2014-07-31T18:39:58 Perform HTTP keep-alive
Carlos Martín Nieto 9c3e4e97 2014-06-13T02:35:33 http: fix typo in credentials logic We want to check whether the credentials callback is NULL, not whether the payload is.
Carlos Martín Nieto bc0a6198 2014-04-19T15:52:58 transports: allow the creds callback to say it doesn't exist Allow the credentials callback to return GIT_PASSTHROUGH to make the transports code behave as though none was set. This should make it easier for bindings to behave closer to the C code when there is no credentials callback set at their level.
Russell Belfer 9cfce273 2013-12-12T12:11:38 Cleanups, renames, and leak fixes This renames git_vector_free_all to the better git_vector_free_deep and also contains a couple of memory leak fixes based on valgrind checks. The fixes are specifically: failure to free global dir path variables when not compiled with threading on and failure to free filters from the filter registry that had not be initialized fully.
Russell Belfer 25e0b157 2013-12-06T15:07:57 Remove converting user error to GIT_EUSER This changes the behavior of callbacks so that the callback error code is not converted into GIT_EUSER and instead we propagate the return value through to the caller. Instead of using the giterr_capture and giterr_restore functions, we now rely on all functions to pass back the return value from a callback. To avoid having a return value with no error message, the user can call the public giterr_set_str or some such function to set an error message. There is a new helper 'giterr_set_callback' that functions can invoke after making a callback which ensures that some error message was set in case the callback did not set one. In places where the sign of the callback return value is meaningful (e.g. positive to skip, negative to abort), only the negative values are returned back to the caller, obviously, since the other values allow for continuing the loop. The hardest parts of this were in the checkout code where positive return values were overloaded as meaningful values for checkout. I fixed this by adding an output parameter to many of the internal checkout functions and removing the overload. This added some code, but it is probably a better implementation. There is some funkiness in the network code where user provided callbacks could be returning a positive or a negative value and we want to rely on that to cancel the loop. There are still a couple places where an user error might get turned into GIT_EUSER there, I think, though none exercised by the tests.
Ben Straub 1b02baf4 2013-09-26T16:25:05 Adjust to new utility signature
Ben Straub 83fbd368 2013-09-26T15:58:41 Deploy gitno_connection_data into transport
Ben Straub 8988688c 2013-09-25T20:41:56 Migrate redirect URL handling to common utility
Russell Belfer 46fbc88e 2013-09-24T14:50:06 Prevent HTTPS to HTTP redirect
Russell Belfer eb0ff130 2013-09-24T14:07:08 Disconnect path string to preserve after redirect The subtransport path was relying on pointing to data owned by the remote which meant that after a redirect, the updated path was getting lost for future requests. This updates the http transport to strdup the path and maintain its own lifetime. This also pulls responsibility for parsing the URL back into the http transport and isolates the functions that parse and free that connection data so that they can be reused between the initial parsing and the redirect parsing.
Ben Straub 210d5325 2013-09-23T12:09:23 Allow redirects to use same host
Philip Kelley 35e0f3c6 2013-03-25T17:59:30 Refine the redirect check condition
Philip Kelley 2c7f7a66 2013-03-25T17:35:36 http: Support 302 Found (arrbee did most of the work)
Ben Straub 54ffc1f7 2013-01-31T14:41:01 HTTP: use creds in url if available
Ben Straub cf7038a6 2013-01-31T14:04:21 Enhance url parsing to include passwords
Ben Straub 7602cb7c 2013-01-31T10:44:57 Add user-from-url param to auth callback
Ben Straub 2234b2b0 2013-01-30T19:03:58 Stash username from url (but don't use it yet)
Edward Thomson 359fc2d2 2013-01-08T17:07:25 update copyrights
Ben Straub 59bccf33 2012-12-10T11:11:01 Add a payload param to git_cred_acquire_cb Fixes #1128.
Philip Kelley 4a6621fd 2012-11-29T08:35:21 Leverage the min macro from util.h
Philip Kelley 6762fe08 2012-11-29T08:29:26 Remove casts of return values of type void *
Philip Kelley 613d5eb9 2012-11-28T11:42:37 Push! By schu, phkelley, and congyiwu, et al
Vicent Marti f6c18dda 2012-11-13T14:17:41 http: Unrustle
Vicent Martí aa1c3b58 2012-11-13T14:13:47 Merge pull request #1016 from arrbee/fix-checkout-dir-removal Update checkout with new strategies & behavior
Michael Schubert d51e54f1 2012-11-13T14:28:44 Remove unused variables
Russell Belfer 757b4065 2012-11-09T14:01:44 Fix warnings and valgrind issues This fixes some various warnings that showed up in Travis and a couple uses of uninitialized memory and one memory leak.
Philip Kelley 11fa8472 2012-11-06T11:27:23 Don't store no_check_cert; fetch it on demand
Philip Kelley 2f7538ec 2012-11-06T09:36:04 Fix connection leak in http subtransport
Philip Kelley 091361f5 2012-11-06T08:52:03 Basic authentication for http and winhttp
Philip Kelley ff830366 2012-11-01T12:07:42 Http: Set an error for invalid content-type
Philip Kelley 41fb1ca0 2012-10-29T13:41:14 Reorganize transport architecture (squashed 3)
Ben Straub a0ce87c5 2012-10-26T13:43:13 Add network transfer callbacks on Windows
Ben Straub 7bcd9e23 2012-10-19T19:23:32 gitno_buffer: callback on each packet The fetch code takes advantage of this to implement a progress callback every 100kb of transfer.
nulltoken 68206c54 2012-10-13T21:00:45 test: fix some memory leaks
Carlos Martín Nieto aeba5e17 2012-10-10T23:55:03 http: don't discard the HEAD ref The fix for fetching from empty repositories (22935b06d protocol: don't store flushes; 2012-10-07) forgot to take into account the deletion of the flush pkt in the HTTP transport. As a result, the HEAD ref advertisement where we detect the remote's capabilities was deleted instead. Fix this.
nulltoken 9ac8b113 2012-09-20T14:06:49 Fix MSVC amd64 compilation warnings
Carlos Martín Nieto 3ce22c74 2012-08-26T19:22:34 http: use WinHTTP on Windows Wondows has its own HTTP library. Use that one when possible instead of our own. As we don't depend on them anymore, remove the http-parser library from the Windows build, as well as the search for OpenSSL.
Carlos Martín Nieto 687ec68b 2012-09-14T00:51:29 http: use the new unicode functions The winhttp branch was based on a version before these existed, so the build broke on Windows.
Carlos Martín Nieto cc1d85d1 2012-08-25T23:32:19 http: increase buffer side to deal with side-band-64k This poor transport was forgotten in the recent sideband support.
Russell Belfer e9ca852e 2012-08-23T09:20:17 Fix warnings and merge issues on Win64
Russell Belfer 5dca2010 2012-08-03T17:08:01 Update iterators for consistency across library This updates all the `foreach()` type functions across the library that take callbacks from the user to have a consistent behavior. The rules are: * A callback terminates the loop by returning any non-zero value * Once the callback returns non-zero, it will not be called again (i.e. the loop stops all iteration regardless of state) * If the callback returns non-zero, the parent fn returns GIT_EUSER * Although the parent returns GIT_EUSER, no error will be set in the library and `giterr_last()` will return NULL if called. This commit makes those changes across the library and adds tests for most of the iteration APIs to make sure that they follow the above rules.
Carlos Martín Nieto 0048372a 2012-07-27T01:09:06 transport: rename encrypt to use_ssl SSL isn't the only way that a transport can be encrypted. The new name will make it easier to merge the SSH support.
Carlos Martín Nieto ad4b5beb 2012-07-25T10:40:59 transport: store the refs in a common area Instad of each transport having its own function and logic to get to its refs, store them directly in transport. Leverage the new gitno_buffer to make the parsing and storing of the refs use common code and get rid of the git_protocol struct.
Carlos Martín Nieto b49c8f71 2012-07-24T19:03:22 remote: use the same code to control git and http This allows us to add capabilitites to both at the same time, keeps them in sync and removes a lot of code. gitno_buffer now uses a callback to fill its buffer, allowing us to use the same interface for git and http (which uses callbacks).
Carlos Martín Nieto 64d01de8 2012-07-24T14:23:16 remote: start moving the protocol to a common area For the transition, http is going to keep its own logic until the git/common code catches up with the implied multi_ack that http has. This also has the side-effect of making the code cleaner and more correct regardingt he protocol.
Carlos Martín Nieto 37159957 2012-06-28T09:33:08 indexer: don't use '/objects/pack/' unconditionally Not everyone who indexes a packfile wants to put it in the standard git repository location.
Michael Schubert fdc5c38e 2012-06-05T23:03:06 transports: fix buglet
Vicent Martí 966fbdcb 2012-06-05T13:53:33 Merge pull request #697 from carlosmn/ssl Add HTTPS support
Arthur Schreiber e9551e86 2012-06-02T16:52:22 Fix git_close/http_close/local_close to set the transport's connected attribute to 0.
Carlos Martín Nieto 250b95b2 2012-05-26T21:17:08 ssl: allow skipping the server certificate check Sometimes it's useful not to perform the check. Allow it to be configurable.
Carlos Martín Nieto 66024c7c 2012-05-01T00:05:25 http: add https support when GnuTLS is available If it's not available, an error saying so will be returned when trying to use a https:// URL. This also unifies a lot of the network code to use git_transport in many places instead of an socket descriptor.
Carlos Martín Nieto a6f24a5b 2012-05-01T01:50:26 https: make it work with OpenSSL as well Add specific functions that use OpenSSL instead of GnuTLS
Carlos Martín Nieto 89460f3f 2012-05-03T14:07:55 ssl: teardown the connection on close This should help us free some resources, though the libraries do keep some buffers allocated regardless.
Vicent Martí 904b67e6 2012-05-18T01:48:50 errors: Rename error codes
Vicent Martí e172cf08 2012-05-18T01:21:06 errors: Rename the generic return codes
Vicent Martí cd58c15c 2012-05-05T16:47:20 Merge remote-tracking branch 'scottjg/fix-mingw32' into development Conflicts: src/netops.c src/netops.h src/transports/http.c tests-clar/clar
Scott J. Goldman b4b96d56 2012-05-05T13:30:33 Fix gitno_connect() error handling on Windows gitno_connect() can return an error or socket, which is fine on most platforms where sockets are file descriptors (signed int), but on Windows, SOCKET is an unsigned type, which is problematic when we are trying to test if the socket was actually a negative error code. This fix seperates the error code and socket in gitno_connect(), and fixes the error handling in do_connect() functions to compensate. It appears that git_connect() and the git-transport do_connect() functions had bugs in the non-windows cases too (leaking sockets, and not properly reporting connection error, respectively) so I went ahead and fixed those too.
Vicent Martí 3fbcac89 2012-05-02T19:56:38 Remove old and unused error codes
Vicent Martí ced9da54 2012-04-30T14:38:15 Merge pull request #654 from carlosmn/pkt-err Recognize and report server-side error messages
Carlos Martín Nieto 39e6af6a 2012-04-30T17:44:37 net: recognize and report server-side error messages When e.g. a repository isn't found, the server sends an error saying so. Put that error message in our error buffer.
nulltoken fa6420f7 2012-04-29T21:46:33 buf: deploy git_buf_len()
Carlos Martín Nieto dee5515a 2012-04-14T18:34:50 transports: buffer the git requests before sending them Trying to send every single line immediately won't give us any speed improvement and duplicates the code we need for other transports. Make the git transport use the same buffer functions as HTTP.
Carlos Martín Nieto 7a520f5d 2012-04-13T23:19:38 fetch: use the streaming indexer when downloading a pack This changes the git_remote_download() API, but the existing one is silly, so you don't get to complain. The new API allows to know how much data has been downloaded, how many objects we expect in total and how many we've processed.
Russell Belfer 44ef8b1b 2012-04-13T13:00:10 Fix warnings on 64-bit windows builds This fixes all the warnings on win64 except those in deps, which come from the regex code.
Carlos Martín Nieto 25530fca 2012-03-06T11:26:10 error-handling: http
Vicent Martí cb8a7961 2012-03-07T00:02:55 error-handling: Repository This also includes droping `git_buf_lasterror` because it makes no sense in the new system. Note that in most of the places were it has been dropped, the code needs cleanup. I.e. GIT_ENOMEM is going away, so instead it should return a generic `-1` and obviously not throw anything.
schu 5e0de328 2012-02-13T17:10:24 Update Copyright header Signed-off-by: schu <schu-github@schulog.org>
Carlos Martín Nieto 9269ccce 2012-01-19T23:44:52 diff-index: fix leak The buffer wasn't getting freed if the last difference was a deletion.
Carlos Martín Nieto 860de004 2012-01-19T23:26:20 http: use PRIuZ MSVC doesn't think %zd is a valid specifier.
Russell Belfer 97769280 2011-11-30T11:27:15 Use git_buf for path storage instead of stack-based buffers This converts virtually all of the places that allocate GIT_PATH_MAX buffers on the stack for manipulating paths to use git_buf objects instead. The patch is pretty careful not to touch the public API for libgit2, so there are a few places that still use GIT_PATH_MAX. This extends and changes some details of the git_buf implementation to add a couple of extra functions and to make error handling easier. This includes serious alterations to all the path.c functions, and several of the fileops.c ones, too. Also, there are a number of new functions that parallel existing ones except that use a git_buf instead of a stack-based buffer (such as git_config_find_global_r that exists alongsize git_config_find_global). This also modifies the win32 version of p_realpath to allocate whatever buffer size is needed to accommodate the realpath instead of hardcoding a GIT_PATH_MAX limit, but that change needs to be tested still.
Vicent Marti d88d4311 2011-11-28T08:40:40 remote: Cleanup the remotes code - Hide the remaining transports code - Drop `git_headarray`, switch to using a callback to list refs. Makes the code cleaner.