Log

Author Commit Date CI Message
Patrick Steinhardt cf1a114b 2019-06-13T19:10:22 config_file: do not include trailing '/' for "gitdir" conditionals When evaluating "gitdir:" and "gitdir/i:" conditionals, we currently compare the given pattern with the value of `git_repository_path`. Thing is though that `git_repository_path` returns the gitdir path with trailing '/', while we actually need to match against the gitdir without it. Fix this issue by stripping the trailing '/' previous to matching. Add various tests to ensure we get this right.
Patrick Steinhardt 5d987f7d 2019-06-13T19:00:06 config_file: refactor `do_match_gitdir` to improve readability The function `do_match_gitdir` has some horribly named parameters and variables. Rename them to improve readability. Furthermore, fix a potentially undetected out-of-memory condition when appending "**" to the pattern.
Patrick Steinhardt 451df793 2019-06-13T15:20:23 posix: remove implicit include of "fnmatch.h" We're about to phase out our bundled fnmatch implementation as git.git has moved to wildmatch long ago in 2014. To make it easier to spot which files are stilll using fnmatch, remove the implicit "fnmatch.h" include in "posix.h" and instead include it explicitly.
Patrick Steinhardt a9f57629 2019-06-13T15:03:00 wildmatch: import wildmatch from git.git In commit 70a8fc999d (stop using fnmatch (either native or compat), 2014-02-15), upstream git has switched over all code from their internal fnmatch copy to its new wildmatch code. We haven't followed suit, and thus have developed some incompatibilities in how we match regular expressions. Import git's wildmatch from v2.22.0 and add a test suite based on their t3070-wildmatch.sh tests.
Patrick Steinhardt de70bb46 2019-06-13T15:27:22 global: convert trivial `fnmatch` users to use `wildcard` Upstream git.git has converted its codebase to use wildcard in favor of fnmatch in commit 70a8fc999d (stop using fnmatch (either native or compat), 2014-02-15). To keep our own regex-matching in line with what git does, convert all trivial instances of `fnmatch` usage to use `wildcard`, instead. Trivial usage is defined to be use of `fnmatch` with either no flags or flags that have a 1:1 equivalent in wildmatch (PATHNAME, IGNORECASE).
Patrick Steinhardt c3179eff 2019-06-14T13:34:13 Merge pull request #5055 from tiennou/cmake/backend-detect Modularize our TLS & hash detection
Etienne Samson 94fc83b6 2019-06-13T16:48:35 cmake: Modulize our TLS & hash detection The interactions between `USE_HTTPS` and `SHA1_BACKEND` have been streamlined. Previously we would have accepted not quite working configurations (like, `-DUSE_HTTPS=OFF -DSHA1_BACKEND=OpenSSL`) and, as the OpenSSL detection only ran with `USE_HTTPS`, the link would fail. The detection was moved to a new `USE_SHA1`, modeled after `USE_HTTPS`, which takes the values "CollisionDetection/Backend/Generic", to better match how the "hashing backend" is selected, the default (ON) being "CollisionDetection". Note that, as `SHA1_BACKEND` is still used internally, you might need to check what customization you're using it for.
Edward Thomson 231ccbeb 2019-06-14T10:36:23 Merge pull request #5109 from pks-t/pks/test-mergeanalysis-variant tests: merge::analysis: use test variants to avoid duplicated test suites
Edward Thomson 1ab0523d 2019-06-14T10:34:52 Merge pull request #5101 from libgit2/ethomson/opts_init Rename options initialization functions
Edward Thomson bed33a6f 2019-06-14T09:59:34 Merge pull request #5112 from pks-t/pks/ntlmclient-implicit-fallthrough deps: ntlmclient: disable implicit fallthrough warnings
Edward Thomson c0dd7122 2019-06-06T16:48:04 apply: add an options struct initializer
Edward Thomson 0b5ba0d7 2019-06-06T16:36:23 Rename opt init functions to `options_init` In libgit2 nomenclature, when we need to verb a direct object, we name a function `git_directobject_verb`. Thus, if we need to init an options structure named `git_foo_options`, then the name of the function that does that should be `git_foo_options_init`. The previous names of `git_foo_init_options` is close - it _sounds_ as if it's initializing the options of a `foo`, but in fact `git_foo_options` is its own noun that should be respected. Deprecate the old names; they'll now call directly to the new ones.
Patrick Steinhardt 358b7a9d 2019-06-14T08:44:13 deps: ntlmclient: disable implicit fallthrough warnings The ntlmclient dependency has quite a lot of places with implicit fallthroughs. As at least modern GCC has enabled warnings on implicit fallthroughs by default, the developer is greeted with a wall of warnings when compiling that dependency. Disable implicit fallthrough warnings for ntlmclient to fix this issue.
Edward Thomson a5ddae68 2019-06-13T22:00:48 Merge pull request #5097 from pks-t/pks/ignore-escapes gitignore with escapes
Edward Thomson e277ff4d 2019-06-13T21:41:55 Merge pull request #5108 from libgit2/ethomson/urlparse_empty_port Handle URLs with a colon after host but no port
Edward Thomson fb529a01 2019-06-11T22:03:29 http-parser: use our bundled http-parser by default Our bundled http-parser includes bugfixes, therefore we should prefer our http-parser until such time as we can identify that the system http-parser has these bugfixes (using a version check). Since these bugs are - at present - minor, retain the ability for users to force that they want to use the system http-parser anyway. This does change the cmake specification so that people _must_ opt-in to the new behavior knowingly.
Patrick Steinhardt 70fae43c 2019-06-13T11:57:16 tests: merge::analysis: use variants to deduplicate test suites Since commit 394951ad4 (tests: allow for simple data-driven tests, 2019-06-07), we have the ability to run a given test suite with multiple variants. Use this new feature to deduplicate the test suites for merge::{trees,workdir}::analysis into a single test suite.
Patrick Steinhardt 0c1029be 2019-06-13T11:41:39 Merge pull request #5022 from rcoup/merge-analysis-bare-repo-5017 Merge analysis support for bare repos
Patrick Steinhardt 758d1b9c 2019-06-13T11:38:14 Merge pull request #5104 from rcoup/patch-1 Add memleak check docs
Patrick Steinhardt 3b517351 2019-06-07T10:13:34 attr_file: remove invalid TODO comment In our attributes pattern parsing code, we have a comment that states we might have to convert '\' characters to '/' to have proper POSIX paths. But in fact, '\' characters are valid inside the string and act as escape mechanism for various characters, which is why we never want to convert those to POSIX directory separators. Furthermore, gitignore patterns are specified to only treat '/' as directory separators. Remove the comment to avoid future confusion.
Patrick Steinhardt b3b6a39d 2019-06-07T11:12:54 attr_file: account for escaped escapes when searching trailing space When determining the trailing space length, we need to honor whether spaces are escaped or not. Currently, we do not check whether the escape itself is escaped, though, which might generate an off-by-one in that case as we will simply treat the space as escaped. Fix this by checking whether the backslashes preceding the space are themselves escaped.
Patrick Steinhardt 10ac298c 2019-06-07T11:12:42 attr_file: fix unescaping of escapes required for fnmatch When parsing attribute patterns, we will eventually unescape the parsed pattern. This is required because we require custom escapes for whitespace characters, as normally they are used to terminate the current pattern. Thing is, we don't only unescape those whitespace characters, but in fact all escaped sequences. So for example if the pattern was "\*", we unescape that to "*". As this is directly passed to fnmatch(3) later, fnmatch would treat it as a simple glob matching all files where it should instead only match a file with name "*". Fix the issue by unescaping spaces, only. Add a bunch of tests to exercise escape parsing.
Patrick Steinhardt eb146e58 2019-06-07T09:17:23 attr_file: properly handle escaped '\' when searching non-escaped spaces When parsing attributes, we need to search for the first unescaped whitespace character to determine where the pattern is to be cut off. The scan fails to account for the case where the escaping '\' character is itself escaped, though, and thus we would not recognize the cut-off point in patterns like "\\ ". Refactor the scanning loop to remember whether the last character was an escape character. If it was and the next character is a '\', too, then we will reset to non-escaped mode again. Thus, we now handle escaped whitespaces as well as escaped wildcards correctly.
Patrick Steinhardt f7c6795f 2019-06-07T10:20:35 path: only treat paths starting with '\' as absolute on Win32 Windows-based systems treat paths starting with '\' as absolute, either referring to the current drive's root (e.g. "\foo" might refer to "C:\foo") or to a network path (e.g. "\\host\foo"). On the other hand, (most?) systems that are not based on Win32 accept backslashes as valid characters that may be part of the filename, and thus we cannot treat them to identify absolute paths. Change the logic to only paths starting with '\' as absolute on the Win32 platform. Add tests to avoid regressions and document behaviour.
Robert Coup b3196a60 2019-06-10T12:27:12 Add memleak check docs Document how to run it locally on macOS & Linux
Edward Thomson 1bbdec69 2019-06-11T21:55:31 http_parser: handle URLs with colon but no port When the end of the host is reached, and we're at the colon separating the host with the port (ie, there is no numeric port) then do not error. This is allowed by RFC 3986.
Edward Thomson 938cbd03 2019-06-11T21:53:35 net: handle urls with a colon after host but no port Core git copes with URLs that have a colon after the port, but no actual numeric value. eg `http://example.com:/foo.git` or `http://example.com:`. That's horrible, but RFC 3986 says: > URI producers and normalizers should omit the port component and its > ":" delimiter if port is empty or if its value would be the same as > that of the scheme's default. Which indicates that they may and therefore we must accept it. Test that we can handle URLs with a colon but no following port number.
Edward Thomson ff7652c1 2019-06-11T17:05:27 Merge pull request #5098 from pks-t/pks/clar-data-driven Data-driven tests
Edward Thomson fd734f7d 2019-06-11T12:45:27 Merge pull request #5107 from pks-t/pks/sha1dc-update sha1dc: update to fix endianess issues on AIX/HP-UX
Edward Thomson 110b5895 2019-06-11T08:07:48 Merge pull request #5052 from libgit2/ethomson/netrefactor Add NTLM support for HTTP(s) servers and proxies
Patrick Steinhardt 230a451e 2019-06-10T13:54:11 sha1dc: update to fix endianess issues on AIX/HP-UX Update our copy of sha1dc to the upstream commit 855827c (Detect endianess on HP-UX, 2019-05-09). Changes include fixes to endian detection on AIX and HP-UX systems as well as a define that allows us to force aligned access, which we're not using yet.
Edward Thomson 7ea8630e 2019-04-07T20:11:59 http: free auth context on failure When we send HTTP credentials but the server rejects them, tear down the authentication context so that we can start fresh. To maintain this state, additionally move all of the authentication handling into `on_auth_required`.
Edward Thomson 005b5bc2 2019-04-07T17:55:23 http: reconnect to proxy on connection close When we're issuing a CONNECT to a proxy, we expect to keep-alive to the proxy. However, during authentication negotiations, the proxy may close the connection. Reconnect if the server closes the connection.
Edward Thomson d171fbee 2019-04-07T17:40:23 http: allow server to drop a keepalive connection When we have a keep-alive connection to the server, that server may legally drop the connection for any reason once a successful request and response has occurred. It's common for servers to drop the connection after some amount of time or number of requests have occurred.
Edward Thomson 9af1de5b 2019-03-24T20:49:57 http: stop on server EOF We stop the read loop when we have read all the data. We should also consider the server's feelings. If the server hangs up on us, we need to stop our read loop. Otherwise, we'll try to read from the server - and fail - ad infinitum.
Edward Thomson 4c2ca1ba 2019-03-23T12:10:57 ci: test NTLM proxy authentication on Unix
Edward Thomson 539e6293 2019-03-22T19:06:46 http: teach auth mechanisms about connection affinity Instead of using `is_complete` to decide whether we have connection or request affinity for authentication mechanisms, set a boolean on the mechanism definition itself.
Edward Thomson 3e0b4b43 2019-03-22T18:52:03 http: maintain authentication across connections For request-based authentication mechanisms (Basic, Digest) we should keep the authentication context alive across socket connections, since the authentication headers must be transmitted with every request. However, we should continue to remove authentication contexts for mechanisms with connection affinity (NTLM, Negotiate) since we need to reauthenticate for every socket connection.
Edward Thomson ce72ae95 2019-03-22T10:53:30 http: simplify authentication mechanisms Hold an individual authentication context instead of trying to maintain all the contexts; we can select the preferred context during the initial negotiation. Subsequent authentication steps will re-use the chosen authentication (until such time as it's rejected) instead of trying to manage multiple contexts when all but one will never be used (since we can only authenticate with a single mechanism at a time.) Also, when we're given a 401 or 407 in the middle of challenge/response handling, short-circuit immediately without incrementing the retry count. The multi-step authentication is expected, and not a "retry" and should not be penalized as such. This means that we don't need to keep the contexts around and ensures that we do not unnecessarily fail for too many retries when we have challenge/response auth on a proxy and a server and potentially redirects in play as well.
Edward Thomson 6d931ba7 2019-03-22T16:35:59 http: don't set the header in the auth token
Edward Thomson 10718526 2019-03-09T13:53:16 http: don't reset replay count after connection A "connection" to a server is transient, and we may reconnect to a server in the midst of authentication failures (if the remote indicates that we should, via `Connection: close`) or in a redirect.
Edward Thomson 3192e3c9 2019-03-07T16:57:11 http: provide an NTLM authentication provider
Edward Thomson a7f65f03 2019-03-21T15:42:57 ntlm: add ntlmclient as a dependency Include https://github.com/ethomson/ntlmclient as a dependency.
Edward Thomson 79fc8281 2019-03-21T16:49:25 http: validate server's authentication types Ensure that the server supports the particular credential type that we're specifying. Previously we considered credential types as an input to an auth mechanism - since the HTTP transport only supported default credentials (via negotiate) and username/password credentials (via basic), this worked. However, if we are to add another mechanism that uses username/password credentials, we'll need to be careful to identify the types that are accepted.
Edward Thomson 5ad99210 2019-03-07T16:43:45 http: consume body on proxy auth failure We must always consume the full parser body if we're going to keep-alive. So in the authentication failure case, continue advancing the http message parser until it's complete, then we can retry the connection. Not doing so would mean that we have to tear the connection down and start over. Advancing through fully (even though we don't use the data) will ensure that we can retry a connection with keep-alive.
Edward Thomson 75b20458 2019-03-07T16:34:55 http: always consume body on auth failure When we get an authentication failure, we must consume the entire body of the response. If we only read half of the body (on the assumption that we can ignore the rest) then we will never complete the parsing of the message. This means that we will never set the complete flag, and our replay must actually tear down the connection and try again. This is particularly problematic for stateful authentication mechanisms (SPNEGO, NTLM) that require that we keep the connection alive. Note that the prior code is only a problem when the 401 that we are parsing is too large to be read in a single chunked read from the http parser. But now we will continue to invoke the http parser until we've got a complete message in the authentication failed scenario. Note that we need not do anything with the message, so when we get an authentication failed, we'll stop adding data to our buffer, we'll simply loop in the parser and let it advance its internal state.
Edward Thomson e87f912b 2019-03-21T15:29:52 http: don't realloc the request
Edward Thomson 10e8fe55 2019-03-21T13:55:54 transports: add an `is_complete` function for auth Some authentication mechanisms (like HTTP Basic and Digest) have a one-step mechanism to create credentials, but there are more complex mechanisms like NTLM and Negotiate that require challenge/response after negotiation, requiring several round-trips. Add an `is_complete` function to know when they have round-tripped enough to be a single authentication and should now either have succeeded or failed to authenticate.
Edward Thomson 9050c69c 2019-03-09T17:24:16 http: examine keepalive status at message end We cannot examine the keep-alive status of the http parser in `http_connect`; it's too late and the critical information about whether keep-alive is supported has been destroyed. Per the documentation for `http_should_keep_alive`: > If http_should_keep_alive() in the on_headers_complete or > on_message_complete callback returns 0, then this should be > the last message on the connection. Query then and set the state.
Edward Thomson 956ba48b 2019-03-14T10:36:40 http: increase the replay count Increase the permissible replay count; with multiple-step authentication schemes (NTLM, Negotiate), proxy authentication and redirects, we need to be mindful of the number of steps it takes to get connected. 7 seems high but can be exhausted quickly with just a single authentication failure over a redirected multi-state authentication pipeline.
Edward Thomson 7912db49 2019-03-14T10:35:03 ci: enable all proxy tests
Edward Thomson ad5419b5 2019-03-14T10:32:09 ci: enable SKIP_OFFLINE_TESTS for windows
Edward Thomson 1ef77e37 2019-03-11T23:33:20 ci: test NTLM proxy authentication on Windows Update our CI tests to start a proxy that requires NTLM authentication; ensure that our WIndows HTTP client can speak NTLM.
Edward Thomson ee3d35cf 2019-04-07T19:15:21 http: support https for proxies
Edward Thomson 3d11b6c5 2019-03-11T20:36:09 winhttp: support default credentials for proxies We did not properly support default credentials for proxies, only for destination servers. Refactor the credential handling to support sending either username/password _or_ default credentials to either the proxy or the destination server. This actually shares the authentication logic between proxy servers and destination servers. Due to copy/pasta drift over time, they had diverged. Now they share a common logic which is: first, use credentials specified in the URL (if there were any), treating empty username and password (ie, "http://:@foo.com/") as default credentials, for compatibility with git. Next, call the credential callbacks. Finally, fallback to WinHTTP compatibility layers using built-in authentication like we always have. Allowing default credentials for proxies requires moving the security level downgrade into the credential setting routines themselves. We will update our security level to "high" by default which means that we will never send default credentials without prompting. (A lower setting, like the WinHTTP default of "medium" would allow WinHTTP to handle credentials for us, despite what a user may have requested with their structures.) Now we start with "high" and downgrade to "low" only after a user has explicitly requested default credentials.
Edward Thomson 757411a0 2019-03-11T12:56:09 network: don't add arbitrary url rules There's no reason a git repository couldn't be at the root of a server, and URLs should have an implicit path of '/' when one is not specified.
Edward Thomson c6ab183e 2019-03-11T11:43:08 net: rename gitno_connection_data to git_net_url "Connection data" is an imprecise and largely incorrect name; these structures are actually parsed URLs. Provide a parser that takes a URL string and produces a URL structure (if it is valid). Separate the HTTP redirect handling logic from URL parsing, keeping a `gitno_connection_data_handle_redirect` whose only job is redirect handling logic and does not parse URLs itself.
Edward Thomson f4584a1e 2019-06-10T12:08:57 Merge pull request #5102 from libgit2/ethomson/callback_names Callback type names should be suffixed with `_cb`
Edward Thomson dd47a3ef 2019-06-10T11:49:17 Merge pull request #5099 from pks-t/pks/tests-fix-symlink-outside-sandbox tests: checkout: fix symlink.git being created outside of sandbox
Edward Thomson 178df697 2019-06-08T17:16:19 trace: suffix the callbacks with `_cb` The trace logging callbacks should match the other callback naming conventions, using the `_cb` suffix instead of a `_callback` suffix.
Edward Thomson 810cefd9 2019-06-08T17:14:00 credentials: suffix the callbacks with `_cb` The credential callbacks should match the other callback naming conventions, using the `_cb` suffix instead of a `_callback` suffix.
Robert Coup 7b27b6cf 2019-06-06T16:32:09 Refactor testing: - move duplication between merge/trees/ and merge/workdir/ into merge/analysis{.c,.h} - remove merge-resolve.git resource, open the existing merge-resolve as a bare repo instead.
Robert Coup 5427461f 2019-03-20T11:51:24 merge: add doc header to analysis tests
Robert Coup 1d04f477 2019-03-19T23:43:56 merge: tests for bare repo merge analysis dupe of workdir/analysis.c against a bare repo.
Robert Coup 6d2ab2cf 2019-03-19T23:43:10 merge: analysis support for bare repositories
Robert Coup 438c9958 2019-06-10T10:52:01 Fix memleaks in analysis tests. Wrap some missed setup api calls in asserts.
Robert Coup 21ddeabe 2019-06-07T15:22:42 Review fixes: - whitespace -> tabs - comment style - improve repo naming in merge/trees/analysis tests.
Patrick Steinhardt cb28df20 2019-06-07T14:29:47 tests: checkout: fix symlink.git being created outside of sandbox The function `populate_symlink_workdir` creates a new "symlink.git" repository with a relative path "../symlink.git". As the current working directory is the sandbox, the new repository will be created just outside of the sandbox. Fix this by using `clar_sandbox_path`.
Patrick Steinhardt 1f47efc4 2019-06-07T14:20:54 tests: object: consolidate cache tests The object::cache test module has two tests that do nearly the same thing: given a cache limit, load a certain set of objects and verify if those objects have been cached or not. Convert those tests to the new data-driven initializers to demonstrate how these are to be used. Furthermore, add some additional test data. This conversion is mainly done to show this new facility.
Patrick Steinhardt 394951ad 2019-06-07T14:11:29 tests: allow for simple data-driven tests Right now, we're not able to use data-driven tests at all. E.g. given a set of tests which we'd like to repeat with different test data, one has to hand-write any outer loop that iterates over the test data and then call each of the test functions. Next to being bothersome, this also has the downside that error reporting is quite lacking, as one never knows which test data actually produced failures. So let's implement the ability to re-run complete test modules with changing test data. To retain backwards compatibility and enable trivial addition of new runs with changed test data, we simply extend clar's generate.py. Instead of scanning for a single `_initialize` function, each test module may now implement multiple `_initialize_foo` functions. The generated test harness will then run all test functions for each of the provided initializer functions, making it possible to provide different test data inside of each of the initializer functions. Example: ``` void test_git_example__initialize_with_nonbare_repo(void) { g_repo = cl_git_sandbox_init("testrepo"); } void test_git_example__initialize_with_bare_repo(void) { g_repo = cl_git_sandbox_init("testrepo.git"); } void test_git_example__cleanup(void) { cl_git_sandbox_cleanup(); } void test_git_example__test1(void) { test1(); } void test_git_example__test2(void) { test2(); } ``` Executing this test module will cause the following output: ``` $ ./libgit2_clar -sgit::example git::example (with nonbare repo).. git::example (with bare repo).. ```
Patrick Steinhardt 01dda5ff 2019-06-07T08:29:32 tests: unify ignore tests into their own dir We had several occasions where tests for the gitignore had been added to status::ignore instead of the easier-to-handle attr::ignore test suite. This most likely resulted from the fact that the attr::ignore test suite is not easy to discover inside of the attr folder. Furthermore, ignore being part of the attributes code is an implementation detail, only, and thus shouldn't be stressed as much. Improve this by moving both attr::ignore and status::ignore tests into a new ignore test suite.
Patrick Steinhardt 65ad6b5a 2019-06-07T08:21:59 tests: remove accidentally checked in backup file The "ignore.c.bak" file has accidentally been checked in via commit 191649010 (ignore: test that leading whitespace is significant, 2019-05-19) and should obviously not be part of our test suites. Delete it.
Edward Thomson e50d138e 2019-06-06T09:48:30 Merge pull request #5095 from pks-t/pks/ignore-escaped-trailing-space ignore: handle escaped trailing whitespace
Edward Thomson 4de6eb5b 2019-06-06T09:47:43 Merge pull request #5074 from libgit2/ethomson/ignore_leading_slash Ignore: only treat one leading slash as a root identifier
Patrick Steinhardt d81e7866 2019-06-06T14:11:44 ignore: handle escaped trailing whitespace The gitignore's pattern format specifies that "Trailing spaces are ignored unless they are quoted with backslash ("\")". We do not honor this currently and will treat a pattern "foo\ " as if it was "foo\" only and a pattern "foo\ \ " as "foo\ \". Fix our code to handle those special cases and add tests to avoid regressions.
Patrick Steinhardt b6967c39 2019-06-06T14:02:17 attr_file: refactor stripping of trailing spaces The stripping of trailing spaces currently happens as part of `git_attr_fnmatch__parse`. As we aren't currently parsing trailing whitespaces correct in case they're escaped, we'll have to change that code, though. To make actual behavioural change easier to review, refactor the code up-front by pulling it out into its own function that is expected to retain the exact same functionality as before. Like this, the fix will be trivial to apply.
Edward Thomson b1795e0d 2019-06-05T15:02:33 Merge pull request #5094 from libgit2/ethomson/auth_failure online tests: use gitlab for auth failures
Edward Thomson e66a4eb3 2019-06-05T14:19:14 online tests: use gitlab for auth failures GitHub recently changed their behavior from returning 401s for private or nonexistent repositories on a clone to returning 404s. For our tests that require an auth failure (and 401), move to GitLab to request a missing repository. This lets us continue to test our auth failure case, at least until they decide to mimic that decision.
Edward Thomson e2d4f09d 2019-06-05T13:04:25 Merge pull request #5076 from libgit2/ethomson/ignore_spaces Ignore files: don't ignore whitespace
Edward Thomson 4bcebe2c 2019-05-19T16:34:44 attr: ensure regular attr files can have whitespace Unlike ignore files, gitattribute files can have flexible whitespace at the beginning of the line. Ensure that by adding new ignore rules that we have not impeded correct parsing of attribute files.
Edward Thomson 63adcc4e 2019-05-19T16:27:59 attr: optionally treat leading whitespace as significant When `allow_space` is unset, ensure that leading whitespace is not skipped.
Edward Thomson 7d330541 2019-05-19T16:33:28 ignore: test that comments begin at position 0 Comments must have a '#' at the beginning of the line. For compatibility with git, '#' after a whitespace is a literal part of the filename.
Edward Thomson 19164901 2019-05-19T16:27:02 ignore: test that leading whitespace is significant Ensure that leading whitespace is treated as being part of the filename, eg ` foo` in an ignore file indicates that a file literally named ` foo` is ignored.
Edward Thomson ac070afe 2019-05-24T15:54:00 Merge pull request #5088 from pks-t/pks/cache-eviction-segfault cache: fix cache eviction using deallocated key
Patrick Steinhardt bcb4d1d0 2019-05-24T15:39:25 Merge pull request #5085 from pks-t/pks/security.md SECURITY.md: split out security-relevant bits from readme
Patrick Steinhardt add17435 2019-05-24T15:24:26 cache: fix cache eviction using deallocated key When evicting cache entries, we first retrieve the object that is to be evicted, delete the object and then finally delete the key from the cache. In case where the cache eviction caused us to free the cached object, though, its key will point to invalid memory now when trying to remove it from the cache map. On my system, this causes us to not properly remove the key from the map, as its memory has been overwritten already and thus the key lookup it will fail and we cannot delete it. Fix this by only decrementing the refcount of the evictee after we have removed it from our cache map. Add a test that caused a segfault previous to that change.
Edward Thomson 2b8a05cc 2019-05-24T13:33:22 Merge pull request #5086 from jacquesg/netbsd Restore NetBSD support
Jacques Germishuys d668820d 2019-05-24T10:48:47 NetBSD < 7 doesn't have posix_fallocate See: https://www.netbsd.org/changes/changes-7.0.html
Patrick Steinhardt 62bbec5a 2019-05-24T11:09:51 SECURITY.md: split out security-relevant bits from readme GitHub has recently introduced a new set of tools that aims to ease the process around vulnerability reports and security fixes. Part of those tools is a new security tab for projects that will display contents from a new SECURITY.md file. Move relevant parts from README.md to this new file to make use of this feature.
Patrick Steinhardt 7a0238b1 2019-05-24T11:06:38 Merge pull request #5084 from eaigner/garbage-value repository: fix garbage return value
Erik Aigner 9cc904da 2019-05-23T10:49:44 repository: fix garbage return value error was never initialized and a garbage value returned on success.
Edward Thomson 2f7b6ad5 2019-05-23T00:41:16 Merge pull request #5083 from libgit2/ethomson/pcre_warnings cmake: disable fallthrough warnings for PCRE
Edward Thomson 1f9b7222 2019-05-22T12:47:04 cmake: disable fallthrough warnings for PCRE Our PCRE dependency has uncommented fallthroughs in switch statements. Turn off warnings for those in the PCRE code.
Edward Thomson ca046360 2019-05-22T12:18:30 Merge pull request #5073 from libgit2/ethomson/config_section_validity Configuration parsing: validate section headers with quotes
Edward Thomson 355b02a1 2019-05-22T11:48:28 config: rename subsection header parser func The `parse_section_header_ext` name suggests that it as an extended function for parsing the section header. It is not. Rename it to `parse_subsection_header` to better reflect its true mission.
Edward Thomson 23c5699e 2019-05-16T09:37:25 config: validate quoted section value When we reach a whitespace after a section name, we assume that what will follow will be a quoted subsection name. Pass the current position of the line being parsed to the subsection parser, so that it can validate that subsequent characters are additional whitespace or a single quote. Previously we would begin parsing after the section name, looking for the first quotation mark. This allows invalid characters to embed themselves between the end of the section name and the first quotation mark, eg `[section foo "subsection"]`, which is illegal.
Edward Thomson b83bd037 2019-05-16T08:57:10 config: don't write invalid column When we don't specify a particular column, don't write it in the error message. (column "0" is unhelpful.)
Edward Thomson 42dd38dd 2019-05-16T08:55:40 config: lowercase error messages Update the configuration parsing error messages to be lower-cased for consistency with the rest of the library.
Edward Thomson d97afb93 2019-05-22T11:45:45 Merge pull request #5060 from pks-t/pks/refspec-nested-globs Loosen restriction on wildcard "*" refspecs
Edward Thomson 3d9e82fd 2019-05-21T14:59:55 Merge pull request #4935 from libgit2/ethomson/pcre Use PCRE for our fallback regex engine when regcomp_l is unavailable