|
f0e693b1
|
2021-09-07T17:53:49
|
|
str: introduce `git_str` for internal, `git_buf` is external
libgit2 has two distinct requirements that were previously solved by
`git_buf`. We require:
1. A general purpose string class that provides a number of utility APIs
for manipulating data (eg, concatenating, truncating, etc).
2. A structure that we can use to return strings to callers that they
can take ownership of.
By using a single class (`git_buf`) for both of these purposes, we have
confused the API to the point that refactorings are difficult and
reasoning about correctness is also difficult.
Move the utility class `git_buf` to be called `git_str`: this represents
its general purpose, as an internal string buffer class. The name also
is an homage to Junio Hamano ("gitstr").
The public API remains `git_buf`, and has a much smaller footprint. It
is generally only used as an "out" param with strict requirements that
follow the documentation. (Exceptions exist for some legacy APIs to
avoid breaking callers unnecessarily.)
Utility functions exist to convert a user-specified `git_buf` to a
`git_str` so that we can call internal functions, then converting it
back again.
|
|
379c4646
|
2021-09-09T19:49:04
|
|
Fix coding style for pointer
Make some syntax change to follow coding style.
|
|
9937967e
|
2021-08-29T21:29:14
|
|
Merge branch 'main' into http-use-eauth
|
|
3433acd9
|
2020-12-21T21:27:58
|
|
Wrap newer hostkeys in #ifdefs
This allows the library to be built using a pre-1.9.0 version of libssh2.
|
|
ed7b20e7
|
2020-12-21T17:26:34
|
|
Add support for additional hostkey types.
Specifically: ECDSA_256, ECDSA_384, ECDSA_521 and ED25519.
|
|
29fe5f61
|
2020-11-22T18:25:00
|
|
Also add the raw hostkey to `git_cert_hostkey`
`git_cert_x509` has the raw encoded certificate. Let's do the same for
the SSH certificate for symmetry.
|
|
4f5f1127
|
2020-11-22T00:01:09
|
|
transports: use GIT_ASSERT
|
|
e316b0d3
|
2020-05-15T11:47:09
|
|
runtime: move init/shutdown into the "runtime"
Provide a mechanism for system components to register for initialization
and shutdown of the libgit2 runtime.
|
|
216165ec
|
2020-02-07T10:06:28
|
|
transports: use GIT_EAUTH for authentication failures
When the failure is clearly an auth failure
(as opposed to possibly an auth failure),
use the error code GIT_EAUTH instead of GIT_ERROR.
While we're here, fix a typo and improve an error message.
Fixes #5389.
|
|
3f54ba8b
|
2020-01-18T13:51:40
|
|
credential: change git_cred to git_credential
We avoid abbreviations where possible; rename git_cred to
git_credential.
In addition, we have standardized on a trailing `_t` for enum types,
instead of using "type" in the name. So `git_credtype_t` has become
`git_credential_t` and its members have become `GIT_CREDENTIAL` instead
of `GIT_CREDTYPE`.
Finally, the source and header files have been renamed to `credential`
instead of `cred`.
Keep previous name and values as deprecated, and include the new header
files from the previous ones.
|
|
dbb6429c
|
2020-01-10T14:30:18
|
|
Merge pull request #5305 from kas-luthor/bugfix/multiple-auth
Adds support for multiple SSH auth mechanisms being used sequentially
|
|
cb7fd1ed
|
2019-12-13T15:11:38
|
|
Fixes code styling
|
|
48c3f7e1
|
2019-11-20T11:21:14
|
|
ssh: include sha256 host key hash when supported
|
|
fbdf5bdd
|
2019-11-16T22:41:25
|
|
Adds support for multiple SSH auth mechanisms being used sequentially
|
|
8bf0f7eb
|
2019-09-09T13:00:27
|
|
cred: separate public interface from low-level details
|
|
c6ab183e
|
2019-03-11T11:43:08
|
|
net: rename gitno_connection_data to git_net_url
"Connection data" is an imprecise and largely incorrect name; these
structures are actually parsed URLs. Provide a parser that takes a URL
string and produces a URL structure (if it is valid).
Separate the HTTP redirect handling logic from URL parsing, keeping a
`gitno_connection_data_handle_redirect` whose only job is redirect
handling logic and does not parse URLs itself.
|
|
b51789ac
|
2019-04-16T13:20:08
|
|
transports: make use of the `GIT_CONTAINER_OF` macro
|
|
f673e232
|
2018-12-27T13:47:34
|
|
git_error: use new names in internal APIs and usage
Move to the `git_error` name in the internal API for error-related
functions.
|
|
a2e6e0ea
|
2018-11-06T14:15:43
|
|
transport: allow cred/cert callbacks to return GIT_PASSTHROUGH
Allow credential and certificate checking callbacks to return
GIT_PASSTHROUGH, indicating that they do not want to act.
Introduce this to support in both the http and ssh callbacks.
Additionally, enable the same mechanism for certificate validation.
This is most useful to disambiguate any meaning in the publicly exposed
credential and certificate functions (`git_transport_smart_credentials`
and `git_transport_smart_certificate_check`) but it may be more
generally useful for callers to be able to defer back to libgit2.
|
|
ecf4f33a
|
2018-02-08T11:14:48
|
|
Convert usage of `git_buf_free` to new `git_buf_dispose`
|
|
874ce161
|
2018-03-27T15:03:15
|
|
transports: ssh: replace deprecated function `libssh2_session_startup`
The function `libssh2_session_startup` has been deprecated since libssh2
version 1.2.8 in favor of `libssh2_session_handshake` introduced in the
same version. libssh2 1.2.8 was released in April 2011, so it is already
seven years old. It is available in Debian Wheezy, Ubuntu Trusty and
CentOS 7.4, so the most important and conservative distros already have
it available. As such, it seems safe to just use the new function.
|
|
2785cc8e
|
2018-03-27T14:49:21
|
|
transports: ssh: disconnect session before freeing it
The function `ssh_stream_free` takes over the responsibility of closing
channels and streams just before freeing their memory, but it does not
do so for the session. In fact, we never disconnect the session
ourselves at all, as libssh2 will not do so itself upon freeing the
structure. Quoting the documentation of `libssh2_session_free`:
> Frees all resources associated with a session instance. Typically
> called after libssh2_session_disconnect_ex,
The missing disconnect probably stems from a misunderstanding what it
actually does. As we are already closing the TCP socket ourselves, the
assumption was that no additional disconnect is required. But calling
`libssh2_session_disconnect` will notify the server that we are cleanly
closing the connection, such that the server can free his own resources.
Add a call to `libssh2_session_disconnect` to fix that issue.
[1]: https://www.libssh2.org/libssh2_session_free.html
|
|
6f577906
|
2018-03-03T20:09:09
|
|
ssh urls: use `git_buf_decode_percent`
Use `git_buf_decode_percent` so that we can avoid allocating a temporary
buffer.
|
|
16210877
|
2018-02-28T12:59:47
|
|
Unescape repo before constructing ssh request
|
|
88450c1c
|
2017-11-09T21:49:30
|
|
Merge pull request #4283 from tiennou/generic-tls
CMake: make HTTPS support more generic
|
|
e9369856
|
2017-03-21T00:25:15
|
|
stream: Gather streams to src/streams
|
|
f2f14724
|
2017-09-21T15:51:52
|
|
transports: ssh: ask for credentials again when passphrase is wrong
When trying to decode the private key it looks like LibSSH2 returns a
LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED when the passphrase is incorrect.
|
|
0c7f49dd
|
2017-06-30T13:39:01
|
|
Make sure to always include "common.h" first
Next to including several files, our "common.h" header also declares
various macros which are then used throughout the project. As such, we
have to make sure to always include this file first in all
implementation files. Otherwise, we might encounter problems or even
silent behavioural differences due to macros or defines not being
defined as they should be. So in fact, our header and implementation
files should make sure to always include "common.h" first.
This commit does so by establishing a common include pattern. Header
files inside of "src" will now always include "common.h" as its first
other file, separated by a newline from all the other includes to make
it stand out as special. There are two cases for the implementation
files. If they do have a matching header file, they will always include
this one first, leading to "common.h" being transitively included as
first file. If they do not have a matching header file, they instead
include "common.h" as first file themselves.
This fixes the outlined problems and will become our standard practice
for header and source files inside of the "src/" from now on.
|
|
2ce2a48f
|
2017-05-02T13:37:15
|
|
transports: ssh: clean up after libssh2 on exit
After calling `libssh2_init`, we need to clean up after the library by
executing `libssh2_exit` as soon as we exit. Register a shutdown handler
to do so which simply calls `libssh2_exit`. This fixes several memory
leaks.
|
|
8c027351
|
2017-05-02T13:35:09
|
|
transports: ssh: report failure initializing libssh2
We unconditionally return success when initializing libssh2, regardless
of whether `libgssh2_init` signals success or an error. Fix this by
checking its return code.
|
|
909d5494
|
2016-12-29T12:25:15
|
|
giterr_set: consistent error messages
Error messages should be sentence fragments, and therefore:
1. Should not begin with a capital letter,
2. Should not conclude with punctuation, and
3. Should not end a sentence and begin a new one
|
|
b7809b84
|
2016-03-08T13:38:55
|
|
Merge pull request #3555 from cbargren/ssh-git-protocols
Support for ssh+git and git+ssh protocols
|
|
22f3d3aa
|
2016-03-03T22:26:31
|
|
ssh: initialize libssh2
We should have been doing this, but it initializes itself upon first
use, which works as long as nobody's doing concurrent network
operations. Initialize it on our init to make sure it's not getting
initialized concurrently.
|
|
4df17045
|
2015-12-28T07:43:24
|
|
Removing #define for SSH_PREFIX_COUNT and using ARRAY_SIZE instead
Also moving var declarations to top of blocks to support bad old compilers
|
|
02fdc2db
|
2015-12-26T17:17:05
|
|
ssh_stream_read(): fix possible *bytes_read < 0 branch
Fix the possibility of returning successfully from ssh_stream_read()
with *bytes_read < 0. This would occur if stdout channel read resulted
in 0, and stderr channel read failed afterwards.
|
|
ed21fd74
|
2015-12-22T10:38:31
|
|
Handle git+ssh:// and ssh+git:// protocols support
|
|
241414ee
|
2015-08-14T15:42:59
|
|
added a single line of additional error reporting from libssh2 when failing to retrieve the list of authentication methods
|
|
ac728c24
|
2015-08-03T07:38:07
|
|
Handle ssh:// and git:// urls containing a '~' character.
For such a path '/~/...' the leading '/' is stripped so the server will
get a path starting with '~' and correctly handle it.
|
|
79698030
|
2015-06-29T22:51:18
|
|
git_cert: child types use proper base type
|
|
81be2f46
|
2015-06-09T16:01:29
|
|
ssh: move NULL check to the free function
Let `ssh_stream_free()` take a NULL stream, as free functions should,
and remove the check from the connection setup.
The connection setup would not need the check anyhow, as we always have
a stream by the time we reach this code.
|
|
d71e3b25
|
2015-06-02T10:23:54
|
|
Change error when running out of ssh agent keys
|
|
2629fc87
|
2015-05-24T22:33:55
|
|
cred: Check for null values when getting key from memory
The public key field is optional and as such can take NULL. Account for
that and do not call strlen() on NULL values. Also assert() for non-NULL
values of username & private key.
|
|
7a8b8503
|
2015-03-17T09:19:15
|
|
Add support to read ssh keys from memory.
|
|
1396c381
|
2015-05-18T16:04:55
|
|
errors: add GIT_EEOF to indicate early EOF
This can be used by tools to show mesages about failing to communicate
with the server. The error message in this case will often contain the
server's error message, as far as it managed to send anything.
|
|
e3435673
|
2015-05-18T15:51:55
|
|
ssh: read from stderr if stdout is empty
When we fail to read from stdout, it's typically because the URL was
wrong and the server process has sent some output over its stderr
output.
Read that output and set the error message to whatever we read from it.
|
|
142e5379
|
2015-03-17T12:49:33
|
|
Add a custom param to git_smart_subtransport_definition
The smart transport has already take the payload param. For the
sub transport a payload param is useful for the implementer.
|
|
4fd4341f
|
2014-11-02T10:52:03
|
|
ssh: use socket_stream to perform the connection
Having an ssh stream would require extra work for stream capabilities we
don't need anywhere else (oob auth and command execution) so for now
let's move away from the gitno connection to use socket_stream.
We can introduce an ssh stream interface if and as we need it.
|
|
bc42479a
|
2014-10-13T15:43:03
|
|
Cleanup memory leak in ssh transport
|
|
369b0217
|
2014-10-13T13:34:15
|
|
Clean up various compiler warnings
|
|
e6e834a1
|
2014-09-18T12:23:07
|
|
Provide host name to certificate_check_cb
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
|
1e0aa105
|
2014-09-16T03:22:09
|
|
ssh: expose both hashes
The user may have the data hashed as MD5 or SHA-1, so we should provide
both types for consumption.
|
|
286369a8
|
2014-09-16T02:27:16
|
|
ssh: provide our own types for host key lengths
Instead of using the libssh2 defines, provide our own, which eases usage
as we do not need to check whether libgit2 was built with libssh2 or not.
|
|
0782fc43
|
2014-09-16T01:47:30
|
|
net: use only structs to pass information about cert
Instead of spreading the data in function arguments, some of which
aren't used for ssh and having a struct only for ssh, use a struct for
both, using a common parent to pass to the callback.
|
|
0fef3899
|
2014-09-16T01:25:53
|
|
Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info
|
|
23ca0ad5
|
2014-08-29T21:25:13
|
|
Bring certificate check back to the normal return code
Returning 0 lets the certificate check succeed. An error code is bubbled
up to the user.
|
|
2f5864c5
|
2014-08-29T21:15:36
|
|
ssh: do ssh cert info before asking for credentials
We know the host's key as soon as we connect, so we should perform the
check as soon as we can, before we bother with the user's credentials.
|
|
17491f6e
|
2014-08-29T17:18:23
|
|
transport: always call the certificate check callback
We should let the user decide whether to cancel the connection or not
regardless of whether our checks have decided that the certificate is
fine. We provide our own assessment to the callback to let the user fall
back to our checks if they so desire.
|
|
ec1ce458
|
2014-08-10T17:06:53
|
|
http: send the DER-encoded cert to the callback
Instead of the parsed data, we can ask OpenSSL to give us the
DER-encoded version of the certificate, which the user can then parse
and validate.
|
|
9b940586
|
2014-07-04T12:45:43
|
|
Provide a callback for certificate validation
If the certificate validation fails (or always in the case of ssh),
let the user decide whether to allow the connection.
The data structure passed to the user is the native certificate
information from the underlying implementation, namely OpenSSL or
WinHTTP.
|
|
2dc399a8
|
2014-09-04T16:46:14
|
|
ssh: store error message immediately after a failed agent call
When the call to the agent fails, we must retrieve the error message
just after the function call, as other calls may overwrite it.
As the agent authentication is the only one which has a teardown and
there does not seem to be a way to get the error message from a stored
error number, this tries to introduce some small changes to store the
error from the agent.
Clearing the error at the beginning of the loop lets us know whether the
agent has already set the libgit2 error message and we should skip it,
or if we should set it.
|
|
6a0d2b43
|
2014-08-27T15:09:07
|
|
Merge remote-tracking branch 'upstream/master' into cmn/ssh-retry
|
|
959a93e7
|
2014-07-13T11:50:49
|
|
Silence unused variables warnings
|
|
8baeb8a4
|
2014-07-16T13:03:34
|
|
ssh: Fix unused warning
|
|
d4256ed5
|
2014-07-04T10:00:39
|
|
ssh: provide a factory function for setting ssh paths
git allows you to set which paths to use for the git server programs
when connecting over ssh; and we want to provide something similar.
We do this by providing a factory function which can be set as the
remote's transport callback which will set the given paths upon
creation.
|
|
ae241ae1
|
2014-07-03T20:20:00
|
|
Include libssh2.h before git2.h (transport.h)
|
|
0963716b
|
2014-07-02T12:49:51
|
|
ssh: libssh2_channel_write() behaves like send()
When the stream writing function was written, it assume that
libssh2_channel_write() would always write all of the data to the
wire. This is only true for the first 32k of data, which it tries to
fit into one ssh packet.
Since it can perform short writes, call it in a loop like we do for
send(), advancing the buffer offset.
|
|
ccb85c8f
|
2014-06-25T16:27:43
|
|
ssh: make sure to ask for a username and use the same one
In order to know which authentication methods are supported/allowed by
the ssh server, we need to send a NONE auth request, which needs a
username associated with it.
Most ssh server implementations do not allow switching the username
between authentication attempts, which means we cannot use a dummy
username and then switch. There are two ways around this.
The first is to use a different connection, which an earlier commit
implements, but this increases how long it takes to get set up, and
without knowing the right username, we cannot guarantee that the
list we get in response is the right one.
The second is what's implemented here: if there is no username specified
in the url, ask for it first. We can then ask for the list of auth
methods and use the user's credentials in the same connection.
|
|
d7f962f4
|
2014-06-16T19:30:06
|
|
ssh: request credentials again on authentication failure
Instead of completely giving up on the first failure, ask for
credentials as long as we fail to authenticate.
|
|
22618906
|
2014-06-12T16:09:54
|
|
ssh: detect authentication methods
Before calling the credentials callback, ask the sever which
authentication methods it supports and report that to the user, instead
of simply reporting everything that the transport supports.
In case of an error, we do fall back to listing all of them.
|
|
b529c5f9
|
2014-06-12T17:19:00
|
|
ssh: propagate the error code from the auth callback
We need to be able to get a GIT_EUSER back through the outermost call.
|
|
bc0a6198
|
2014-04-19T15:52:58
|
|
transports: allow the creds callback to say it doesn't exist
Allow the credentials callback to return GIT_PASSTHROUGH to make the
transports code behave as though none was set.
This should make it easier for bindings to behave closer to the C code
when there is no credentials callback set at their level.
|
|
8ec0a552
|
2014-04-18T00:49:07
|
|
Make git_cred_ssh_custom_new() naming more consistent
|
|
478408c0
|
2014-04-17T23:03:44
|
|
Introduce git_cred_ssh_interactive_new()
This allows for keyboard-interactive based SSH authentication
|
|
bd270b70
|
2014-04-18T17:08:10
|
|
cred: tighten username rules
The ssh-specific credentials allow the username to be missing. The idea
being that the ssh transport will then use the username provided in the
url, if it's available. There are two main issues with this.
The credential callback already knows what username was provided by the
url and needs to figure out whether it wants to ask the user for it or
it can reuse it, so passing NULL as the username means the credential
callback is suspicious.
The username provided in the url is not in fact used by the
transport. The only time it even considers it is for the user/pass
credential, which asserts the existence of a username in its
constructor. For the ssh-specific ones, it passes in the username stored
in the credential, which is NULL. The libssh2 macro we use runs strlen()
against this value (which is no different from what we would be doing
ourselves), so we then crash.
As the documentation doesn't suggest to leave out the username, assert
the need for a username in the code, which removes this buggy behavior
and removes implicit state.
git_cred_has_username() becomes a blacklist of credential types that do
not have a username. The only one at the moment is the 'default' one,
which is meant to call up some Microsoft magic.
|
|
300f4412
|
2014-02-25T11:56:11
|
|
- BUGFIX #2133 (@fourplusone) in smart_protocol.c
- added MSVC cmake definitions to disable warnings
- general.c is rewritten so it is ansi-c compatible and compiles ok on microsoft windows
- some MSVC reported warning fixes
|
|
ee7040fd
|
2013-11-20T14:11:44
|
|
ssh: add support for ssh-agent authentication
|
|
ac72051a
|
2013-11-04T19:09:30
|
|
Fix ssh.c compile
|
|
c227c173
|
2013-11-04T11:42:14
|
|
Use http_parser_parse_url to parse urls
|
|
048f837b
|
2013-10-31T13:30:22
|
|
Prevent another segfault from bad URL
|
|
70a8c78f
|
2013-10-23T12:08:54
|
|
Rename the ssh credentials
The names from libssh2 are somewhat obtuse for us. We can simplify the
usual key/passphrase credential's name, as well as make clearer what the
custom signature function is.
|
|
2648dc1a
|
2013-10-21T11:03:31
|
|
Allowed credential types should be a bitfield
|
|
eec4dcc3
|
2013-08-09T13:14:19
|
|
Whitespace.
|
|
b622aabe
|
2013-08-09T13:14:06
|
|
Add a wrapper to provide the libssh2 error message
|
|
b345026b
|
2013-09-10T05:16:52
|
|
Test for repo before removing leading colon
|
|
fbabe855
|
2013-09-08T14:11:08
|
|
Trim leading colon from ssh repository path
|
|
c87bf86c
|
2013-08-14T10:58:02
|
|
Commit 7affc2f7 removed var initialization
That commit accidentally removed the initialization of the "start"
variable giving undefined results for the host extraction from the
url input.
|
|
7affc2f7
|
2013-08-11T23:30:47
|
|
Include username in each credential type
Key-based authentication also needs an username, so include it in each
one.
Also stop assuming a default username of "git" in the ssh transport
which has no business making such a decision.
|
|
c2de6b1a
|
2013-07-10T10:21:24
|
|
Bring SSH error reporting up to base standards
The SSH error checking and reporting could still be further
improved by using the libssh2 native methods to get error info,
but at least this ensures that all error codes are checked and
translated into libgit2 error messages.
|
|
68bc49a1
|
2013-07-10T09:20:46
|
|
Merge branch 'ssh-cred-fix' of tiennou/libgit2
Conflicts:
src/transports/ssh.c
|
|
08bf80fa
|
2013-07-10T10:29:32
|
|
Tab indent.
|
|
367c1903
|
2013-07-10T10:29:09
|
|
Add some missing error messages.
|
|
a3c062db
|
2013-07-09T09:58:33
|
|
Make SSH APIs present even without SSH support
The SSH APIs will just return an error code and state that the
library was built without SSH support if they are called in
that case.
|
|
f6bd0863
|
2013-07-03T22:02:44
|
|
Fix a probable leak.
|
|
219f318c
|
2013-07-03T22:02:29
|
|
Fix a crash if git_remote_set_cred_acquire_cb wasn't called before connecting.
Fixes #1700.
|
|
84ac625d
|
2013-05-15T12:51:40
|
|
Added GITERR_CHECK_ALLOC
|
|
b54ed3ef
|
2013-05-15T12:41:16
|
|
Added error check
|
|
22011b33
|
2013-05-15T12:38:40
|
|
Cleanup
|
|
ce6d50b9
|
2013-05-09T17:37:42
|
|
Changed to use libssh2_channel_exec
|
|
05f58131
|
2013-05-09T17:36:27
|
|
Renaming
|
|
574b86b7
|
2013-05-07T13:53:23
|
|
Fixed compilation issues when libssh2 is missing
|