kmx git

Commit	Date	Message
5cbd5260	2016-11-11T11:37:00	curl_stream: use CURLINFO_ACTIVESOCKET if curl is recent enough The `CURLINFO_LASTSOCKET` information has been deprecated since curl version 7.45.0 as it may result in an overflow in the returned socket on certain systems, most importantly on 64 bit Windows. Instead, a new call `CURLINFO_ACTIVESOCKET` has been added which instead returns a `curl_socket_t`, which is always sufficiently long to store a socket. As we need to provide backwards compatibility with curl versions smaller than 7.45.0, alias CURLINFO_ACTIVESOCKET to CURLINFO_LASTSOCKET on platforms without CURLINFO_ACTIVESOCKET.
5ca75fd5	2016-11-10T08:00:22	curl_stream: check for -1 after CURLINFO_LASTSOCKET We're recently trying to upgrade to the current master of libgit2 in Cargo but we're unfortunately hitting a segfault in one of our tests. This particular test is just a small smoke test that https works (e.g. it's configured in libgit2). It attempts to clone from a URL which simply immediately drops connections after they're accepted (e.g. terminate abnormally). We expect to see a standard error from libgit2 but unfortunately we're seeing a segfault. This segfault is happening inside of the `wait_for` function of `curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is -1. This ends up doing an out-of-bounds array access that faults the program. I tracked back to where this -1 came from to the line here (returned by `CURLINFO_LASTSOCKET`) and added a check to return an error.
467e2cb1	2015-10-02T10:11:43	curl: ask for proxy credentials
b373e9a6	2015-09-21T22:38:50	net: use proxy options struct in the stream config
a001846b	2016-02-08T17:05:57	curl_stream: fix unused cert infos When copying contents of the cURL certiinfo we duplicate the data but forget to actually put it into the vector.
8bd1c19e	2016-01-16T19:39:24	Free allocated pointer to curl stream on error
dc035189	2015-08-06T13:02:35	curl: use the most secure auth method for the proxy When curl uses a proxy, it will only use Basic unless we prompt it to try to use the most secure on it has available. This is something which git did recently, and it seems like a good idea.
79698030	2015-06-29T22:51:18	git_cert: child types use proper base type
8443f492	2015-06-11T16:57:04	curl: remove the encrypted param to the constructor We do not want libcurl to perform the TLS negotiation for us, so we don't need to pass this option.
cdee630f	2015-06-09T19:07:58	curl: extract certificate information The information is exposed by curl for some crypto libraries in the form of name:content strings. We can't do much more than return this information.
1376e784	2015-06-07T14:42:13	stream: add support for setting a proxy If the stream claims to support this feature, we can let the transport set the proxy. We also set HTTPPROXYTUNNEL option so curl can create a tunnel through the proxy which lets us create our own TLS session (if needed).
8dea1c21	2015-06-05T11:02:11	Implement a curl stream cURL has a mode in which it acts a lot like our streams, providing send and recv functions and taking care of the TLS and proxy setup for us. Implement a new stream which uses libcurl instead of raw sockets or the TLS libraries directly. This version does not support reporting certificates or proxies yet.

5cbd5260

2016-11-11T11:37:00

curl_stream: use CURLINFO_ACTIVESOCKET if curl is recent enough The `CURLINFO_LASTSOCKET` information has been deprecated since curl version 7.45.0 as it may result in an overflow in the returned socket on certain systems, most importantly on 64 bit Windows. Instead, a new call `CURLINFO_ACTIVESOCKET` has been added which instead returns a `curl_socket_t`, which is always sufficiently long to store a socket. As we need to provide backwards compatibility with curl versions smaller than 7.45.0, alias CURLINFO_ACTIVESOCKET to CURLINFO_LASTSOCKET on platforms without CURLINFO_ACTIVESOCKET.

5ca75fd5

2016-11-10T08:00:22

curl_stream: check for -1 after CURLINFO_LASTSOCKET We're recently trying to upgrade to the current master of libgit2 in Cargo but we're unfortunately hitting a segfault in one of our tests. This particular test is just a small smoke test that https works (e.g. it's configured in libgit2). It attempts to clone from a URL which simply immediately drops connections after they're accepted (e.g. terminate abnormally). We expect to see a standard error from libgit2 but unfortunately we're seeing a segfault. This segfault is happening inside of the `wait_for` function of `curl_stream.c` at the line `FD_SET(fd, &errfd)` because `fd` is -1. This ends up doing an out-of-bounds array access that faults the program. I tracked back to where this -1 came from to the line here (returned by `CURLINFO_LASTSOCKET`) and added a check to return an error.

467e2cb1

2015-10-02T10:11:43

curl: ask for proxy credentials

b373e9a6

2015-09-21T22:38:50

net: use proxy options struct in the stream config

a001846b

2016-02-08T17:05:57

curl_stream: fix unused cert infos When copying contents of the cURL certiinfo we duplicate the data but forget to actually put it into the vector.

8bd1c19e

2016-01-16T19:39:24

Free allocated pointer to curl stream on error

dc035189

2015-08-06T13:02:35

curl: use the most secure auth method for the proxy When curl uses a proxy, it will only use Basic unless we prompt it to try to use the most secure on it has available. This is something which git did recently, and it seems like a good idea.

79698030

2015-06-29T22:51:18

git_cert: child types use proper base type

8443f492

2015-06-11T16:57:04

curl: remove the encrypted param to the constructor We do not want libcurl to perform the TLS negotiation for us, so we don't need to pass this option.

cdee630f

2015-06-09T19:07:58

curl: extract certificate information The information is exposed by curl for some crypto libraries in the form of name:content strings. We can't do much more than return this information.

1376e784

2015-06-07T14:42:13

stream: add support for setting a proxy If the stream claims to support this feature, we can let the transport set the proxy. We also set HTTPPROXYTUNNEL option so curl can create a tunnel through the proxy which lets us create our own TLS session (if needed).

8dea1c21

2015-06-05T11:02:11

Implement a curl stream cURL has a mode in which it acts a lot like our streams, providing send and recv functions and taking care of the TLS and proxy setup for us. Implement a new stream which uses libcurl instead of raw sockets or the TLS libraries directly. This version does not support reporting certificates or proxies yet.

thodg/libgit2/src/curl_stream.c

src/curl_stream.c

Log