kmx git

Commit	Date	Message
d475d5d6	2019-06-19T12:59:27	config: validate ownership of C:\ProgramData\Git\config before using it When the VirtualStore feature is in effect, it is safe to let random users write into C:\ProgramData because other users won't see those files. This seemed to be the case when we introduced support for C:\ProgramData\Git\config. However, when that feature is not in effect (which seems to be the case in newer Windows 10 versions), we'd rather not use those files unless they come from a trusted source, such as an administrator. This change imitates the strategy chosen by PowerShell's native OpenSSH port to Windows regarding host key files: if a system file is owned neither by an administrator, a system account, or the current user, it is ignored.
887e004e	2019-05-20T12:44:37	define SYMBOLIC_LINK_FLAG_DIRECTORY if not defined (cherry picked from commit 0fd259ed7a597c32d619190898bb5780a1ddbdd4)
4881a867	2019-05-06T14:51:52	Moved dwFlags declaration to beginning of scope (cherry picked from commit 336e98bb95393b165bc5f13f3b729cbddf1fd554)
0d68704a	2019-05-05T07:49:09	Support symlinks for directories in win32 (cherry picked from commit 37a7adb59c5075901bd64259e8a98ccef6f6f452)
98c11905	2019-03-20T12:28:45	Correctly write to missing locked global config Opening a default config when ~/.gitconfig doesn't exist, locking it, and attempting to write to it causes an assertion failure. Treat non-existent global config file content as an empty string. (cherry picked from commit e44110dbbfc9d50b883d73fbb6c9e3b53732ec9d)
9e07f684	2019-04-26T08:01:56	cmake: fix include ordering issues with bundled deps When linking against bundled libraries, we include their header directories by using "-isystem". The reason for that is that we want to handle our vendored library headers specially, most importantly to ignore warnings generated by including them. By using "-isystem", though, we screw up the order of searched include directories by moving those bundled dependencies towards the end of the lookup order. Like this, chances are high that any other specified include directory contains a file that collides with the actual desired include file. Fix this by not treating the bundled dependencies' include directories as system includes. This will move them to the front of the lookup order and thus cause them to override system-provided headers. While this may cause the compiler to generate additional warnings when processing bundled headers, this is a tradeoff we should make regardless to fix builds on systems hitting this issue. (cherry picked from commit ee3d71fb86bad4a681d762d90374e46f1d005714)
085ed2c6	2019-02-25T11:35:16	cmake: correctly detect if system provides `regcomp` We assume that if we are on Win32, Amiga OS, Solaris or SunOS, that the regcomp(3P) function cannot be provided by the system. Thus we will in these cases always include our own, bundled regex sources to make a regcomp implementation available. This test is obviously very fragile, and we have seen it fail on MSYS2/MinGW systems, which do in fact provide the regcomp symbol. The effect is that during compilation, we will use the "regex.h" header provided by MinGW, but use symbols provided by ourselves. This in fact may cause subtle memory layout issues, as the structure made available via MinGW doesn't match what our bundled code expects. There's one more problem with our regex detection: on the listed platforms, we will incorrectly include the bundled regex code even in case where the system provides regcomp_l(3), but it will never be used for anything. Fix the issue by improving our regcomp detection code. Instead of relying on a fragile listing of platforms, we can just use `CHECK_FUNCTION_EXISTS` instead. This will not in fact avoid the header-ordering problem. But we can assume that as soon as a system-provided "regex.h" header is provided, that `CHECK_FUNCTION_EXISTS` will now correctly find the desired symbol and thus not include our bundled regex code. (cherry picked from commit 13cb9f7a3325e71a01073647d1c23f49464f200e)
4ec32d36	2019-04-16T18:13:31	config_file: check result of git_array_alloc git_array_alloc can return NULL if no memory is available, causing a segmentation fault in memset. This adds GIT_ERROR_CHECK_ALLOC similar to how other parts of the code base deal with the return value of git_array_alloc.
9b698978	2019-04-12T08:54:06	git_repository_init: stop traversing at windows root Stop traversing the filesystem at the Windows directory root. We were calculating the filesystem root for the given directory to create, and walking up the filesystem hierarchy. We intended to stop when the traversal path length is equal to the root path length (ie, stopping at the root, since no path may be shorter than the root path). However, on Windows, the root path may be specified in two different ways, as either `Z:` or `Z:\`, where `Z:` is the current drive letter. `git_path_dirname_r` returns the path _without_ a trailing slash, even for the Windows root. As a result, during traversal, we need to test that the traversal path is _less than or equal to_ the root path length to determine if we've hit the root to ensure that we stop when our traversal path is `Z:` and our calculated root path was `Z:\`.
21baf7ab	2019-04-05T10:22:46	ignore: treat paths with trailing "/" as directories The function `git_ignore_path_is_ignored` is there to test the ignore status of paths that need not necessarily exist inside of a repository. This has the implication that for a given path, we cannot always decide whether it references a directory or a file, and we need to distinguish those cases because ignore rules may treat those differently. E.g. given the following gitignore file: * !/**/ we'd only want to unignore directories, while keeping files ignored. But still, calling `git_ignore_path_is_ignored("dir/")` will say that this directory is ignored because it treats "dir/" as a file path. As said, the `is_ignored` function cannot always decide whether the given path is a file or directory, and thus it may produce wrong results in some cases. While this is unfixable in the general case, we can do better when we are being passed a path name with a trailing path separator (e.g. "dir/") and always treat them as directories.
71424f63	2019-03-22T23:56:10	patch_parse.c: Handle CRLF in parse_header_start
c79f9dae	2019-03-29T11:58:50	patch_parse: improve formatting
12bc7181	2019-03-14T15:51:15	ignore: Do not match on prefix of negated patterns Matching on the prefix of a negated pattern was triggering false negatives on siblings of that pattern. e.g. Given the .gitignore: dir/* !dir/sub1/sub2/** The path `dir/a.text` would not be ignored.
856afc27	2019-02-16T22:06:58	Fix a _very_ improbable memory leak in git_odb_new() This change fixes a mostly theoretical memory leak in got_odb_new() that can only manifest if git_cache_init() fails due to running out of memory or not being able to acquire its lock.
5189beb0	2019-02-16T19:55:30	Fix a memory leak in odb_otype_fast() This change frees a copy of a cached object in odb_otype_fast().
96b6fe11	2019-03-29T12:15:20	patch_parse: fix parsing addition/deletion of file with space The diff header format is a strange beast in that it is inherently unparseable in an unambiguous way. While parsing a/file.txt b/file.txt is obvious and trivially doable, parsing a diff header of a/file b/file ab.txt b/file b/file ab.txt is not (but in fact valid and created by git.git). Due to that, we have relaxed our diff header parser in commit 80226b5f6 (patch_parse: allow parsing ambiguous patch headers, 2017-09-22), so that we started to bail out when seeing diff headers with spaces in their file names. Instead, we try to use the "---" and "+++" lines, which are unambiguous. In some cases, though, we neither have a useable file name from the header nor from the "---" or "+++" lines. This is the case when we have a deletion or addition of a file with spaces: the header is unparseable and the other lines will simply show "/dev/null". This trips our parsing logic when we try to extract the prefix (the "a/" part) that is being used in the path line, where we unconditionally try to dereference a NULL pointer in such a scenario. We can fix this by simply not trying to parse the prefix in cases where we have no useable path name. That'd leave the parsed patch without either `old_prefix` or `new_prefix` populated. But in fact such cases are already handled by users of the patch object, which simply opt to use the default prefixes in that case.
24ac9e0c	2019-02-13T23:26:54	deprecation: ensure we GIT_EXTERN deprecated funcs Although the error functions were deprecated, we did not properly mark them as deprecated. We need to include the `deprecated.h` file in order to ensure that the functions get their export attributes. Similarly, do not define `GIT_DEPRECATE_HARD` within the library, or those functions will also not get their export attributes. Define that only on the tests and examples.
0ceac0d0	2019-01-23T14:45:19	mbedtls: fix potential size overflow when reading or writing data The mbedtls library uses a callback mechanism to allow downstream users to plug in their own receive and send functions. We implement `bio_read` and `bio_write` functions, which simply wrap the `git_stream_read` and `git_stream_write` functions, respectively. The problem arises due to the return value of the callback functions: mbedtls expects us to return an `int` containing the actual number of bytes that were read or written. But this is in fact completely misdesigned, as callers are allowed to pass in a buffer with length `SIZE_MAX`. We thus may be unable to represent the number of bytes written via the return value. Fix this by only ever reading or writing at most `INT_MAX` bytes.
75918aba	2019-01-23T14:43:54	mbedtls: make global variables static The mbedtls stream implementation makes use of some global variables which are not marked as `static`, even though they're only used in this compilation unit. Fix this and remove a duplicate declaration.
657197e6	2019-01-23T15:54:05	openssl: fix potential size overflow when writing data Our `openssl_write` function calls `SSL_write` by passing in both `data` and `len` arguments directly. Thing is, our `len` parameter is of type `size_t` and theirs is of type `int`. We thus need to clamp our length to be at most `INT_MAX`.
7613086d	2019-01-23T15:49:28	streams: handle short writes only in generic stream Now that the function `git_stream__write_full` exists and callers of `git_stream_write` have been adjusted, we can lift logic for short writes out of the stream implementations. Instead, this is now handled either by `git_stream__write_full` or by callers of `git_stream_write` directly.
5265b31c	2019-01-23T15:00:20	streams: fix callers potentially only writing partial data Similar to the write(3) function, implementations of `git_stream_write` do not guarantee that all bytes are written. Instead, they return the number of bytes that actually have been written, which may be smaller than the total number of bytes. Furthermore, due to an interface design issue, we cannot ever write more than `SSIZE_MAX` bytes at once, as otherwise we cannot represent the number of bytes written to the caller. Unfortunately, no caller of `git_stream_write` ever checks the return value, except to verify that no error occurred. Due to this, they are susceptible to the case where only partial data has been written. Fix this by introducing a new function `git_stream__write_full`. In contrast to `git_stream_write`, it will always return either success or failure, without returning the number of bytes written. Thus, it is able to write all `SIZE_MAX` bytes and loop around `git_stream_write` until all data has been written. Adjust all callers except the BIO callbacks in our mbedtls and OpenSSL streams, which already do the right thing and require the amount of bytes written.
193e7ce9	2019-01-23T15:42:07	streams: make file-local functions static The callback functions that implement the `git_stream` structure are only used inside of their respective implementation files, but they are not marked as `static`. Fix this.
89bd4ddb	2019-01-21T11:32:53	diff_generate: validate oid file size Index entries are 32 bit unsigned ints, not `size_t`s.
fd9d4e28	2019-01-21T11:29:16	describe: don't mix and match abbreviated size types The git_describe_format_options.abbreviated_size type is an unsigned int. There's no need for it to be anything else; keep it what it is.
751eb462	2019-01-21T11:20:18	delta: validate sizes and cast safely Quiet down a warning from MSVC about how we're potentially losing data. Validate that our data will fit into the type provided then cast.
4947216f	2019-01-21T11:11:27	git transport: only write INT_MAX bytes The transport code returns an `int` with the number of bytes written; thus only attempt to write at most `INT_MAX`.
a861839d	2019-01-21T10:55:59	windows: add SSIZE_MAX Windows doesn't include ssize_t or its _MAX value by default. We are already declaring ssize_t as SSIZE_T, which is __int64_t on Win64 and long otherwise. Include its _MAX value as a correspondence to its type.
f1986a23	2019-01-21T09:56:23	streams: don't write more than SSIZE_MAX Our streams implementation takes a `size_t` that indicates the length of the data buffer to be written, and returns an `ssize_t` that indicates the length that _was_ written. Clearly no such implementation can write more than `SSIZE_MAX` bytes. Ensure that each TLS stream implementation does not try to write more than `SSIZE_MAX` bytes (or smaller; if the given implementation takes a smaller size).
e5e2fac8	2019-01-21T00:57:39	buffer: explicitly cast Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested it.
f4ebb2d4	2019-01-21T00:56:35	blame: make hunk_cmp handle unsigned differences
ae681d3f	2019-01-21T00:49:07	apply: make update_hunk accept a size_t
fac08837	2019-01-21T11:38:46	filter: return an int Validate that the return value of the read is not less than INT_MAX, then cast.
1d4ddb8e	2019-01-20T23:42:08	iterator: cast filesystem iterator entry values explicitly The filesystem iterator takes `stat` data from disk and puts them into index entries, which use 32 bit ints for time (the seconds portion) and filesize. However, on most systems these are not 32 bit, thus will typically invoke a warning. Most users ignore these fields entirely. Diff and checkout code do use the values, however only for the cache to determine if they should check file modification. Thus, this is not a critical error (and will cause a hash recomputation at worst).
c6cac733	2019-01-20T22:40:38	blob: validate that blob sizes fit in a size_t Our blob size is a `git_off_t`, which is a signed 64 bit int. This may be erroneously negative or larger than `SIZE_MAX`. Ensure that the blob size fits into a `size_t` before casting.
3aa6d96a	2019-01-20T20:38:25	tree: cast filename length in git_tree__parse_raw Quiet down a warning from MSVC about how we're potentially losing data. Ensure that we're within a uint16_t before we do.
759502ed	2019-01-20T20:30:42	odb_loose: explicitly cast to size_t Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested that it's positive and less than SIZE_MAX.
80c3867b	2019-01-20T19:20:12	patch: explicitly cast down in parse_header_percent Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested that it's within the range of 0-100.
494448a5	2019-01-20T19:10:08	index: explicitly cast down to a size_t Quiet down a warning from MSVC about how we're potentially losing data. This cast is safe since we've explicitly tested that `strip_len` <= `last_len`.
c3866fa8	2019-01-20T18:54:16	diff: explicitly cast in flush_hunk Quiet down a warning from MSVC about how we're potentially losing data.
826d9a4d	2019-01-25T09:43:20	Merge pull request #4858 from tiennou/fix/index-ext-read index: preserve extension parsing errors
e09f0c10	2019-01-23T10:21:42	deprecation: don't use deprecated stream cb Avoid the deprecated `git_stream_cb` typedef since we want to compile the library without deprecated functions or types. Instead, we can unroll the alias to its actual type.
bff7aed2	2019-01-24T16:44:04	Don't use deprecated constants Follow up for PR #4917. Signed-off-by: Sven Strickroth <email@cs-ware.de>
0bf7e043	2019-01-24T12:12:04	index: preserve extension parsing errors Previously, we would clobber any extension-specific error message with an "extension is truncated" message. This makes `read_extension` correctly preserve those errors, takes responsibility for truncation errors, and adds a new message with the actual extension signature for unsupported mandatory extensions.
53bf0bde	2019-01-24T11:29:36	Fix VS warning C4098: 'giterr_set_str' : void function returning a value Signed-off-by: Sven Strickroth <email@cs-ware.de>
f673e232	2018-12-27T13:47:34	git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.
647dfdb4	2019-01-10T22:13:07	git_error: deprecate error values Replace the `GITERR` values with a `const int` to deprecate error values.
20961b98	2018-12-26T14:06:21	git_error: use full class name in public error API Move to the `git_error` name in error-related functions, deprecating the `giterr` functions. This means, for example, that `giterr_last` is now `git_error_last`. The old names are retained for compatibility. This only updates the public API; internal API and function usage remains unchanged.
f7416509	2019-01-20T20:15:31	Fix odb foreach to also close on positive error code In include/git2/odb.h it states that callback can also return positive value which should break looping. Implementations of git_odb_foreach() and pack_backend__foreach() did not respect that.
b8b796c1	2019-01-20T18:09:43	repository: free memory in symlink detection function
86b522bd	2019-01-20T14:27:57	Merge pull request #4945 from libgit2/ethomson/fix-intrinsics Add/multiply with overflow tweaks
75444d97	2019-01-20T13:52:46	add with overflow: correct documentation Correct the documentation on the fallback add/multiply with overflow functions.
abbc07f1	2019-01-20T13:51:15	add with overflow: use SizeTAdd on Windows Windows provides <intsafe.h> which provides "performant" add and multiply with overflow operations. Use them when possible.
c6d47acf	2019-01-20T13:04:10	Remove unused git__add_uint64_overflow
f04f1c7e	2019-01-20T13:00:53	add with overflow intrinsics: simplify tests Use the smallest unsigned type that is equivalent to `size_t` to simplify the conditionals. Error if we're on a system that we believe offers builtins but we cannot determine which one to use.
1758636b	2019-01-19T01:38:34	Merge pull request #4939 from libgit2/ethomson/git_ref Move `git_ref_t` to `git_reference_t`
b2c2dc64	2019-01-19T01:36:40	Merge pull request #4940 from libgit2/ethomson/git_obj More `git_obj` to `git_object` updates
abe23675	2019-01-17T20:09:05	Merge pull request #4925 from lhchavez/fix-a-bunch-of-warnings Fix a bunch of warnings
83151018	2019-01-17T10:47:32	object_type: convert final internal users to new names Update some missed types that were continuing to use the old `GIT_OBJ` names.
cd350852	2019-01-17T10:40:13	object_type: GIT_OBJECT_BAD is now GIT_OBJECT_INVALID We use the term "invalid" to refer to bad or malformed data, eg `GIT_REF_INVALID` and `GIT_EINVALIDSPEC`. Since we're changing the names of the `git_object_t`s in this release, update it to be `GIT_OBJECT_INVALID` instead of `BAD`.
ed8cfbf0	2019-01-17T00:32:31	references: use new names in internal usage Update internal usage to use the `git_reference` names for constants.
35d86c77	2019-01-14T10:14:36	proxy: fix crash on remote connection with GIT_PROXY_AUTO but no proxy is detected
2848923a	2019-01-08T17:32:23	Let GCC use the add/mul overflow intrinsics This change tweaks the macros for git__{add,multiply}_sizet_overflow so that GCC can use them. It also stops using the uadd,umul versions since the add,mul can handle way more cases.
c6bfaf14	2019-01-09T06:58:40	Explanation for the rationale behind splitting formatting
1305cd4e	2019-01-09T09:55:26	Merge pull request #4926 from csware/warning-c4133 Fix warning 'function': incompatible types - from 'git_cvar_value ' to 'int ' (C4133) on VS
728101e3	2019-01-08T17:35:16	Move the intrinsics part of the change to its own PR Less controversial changes together is better.
8b599528	2019-01-08T17:26:14	Fix Linux warnings This change fixes -Wmaybe-uninitialized and -Wdeprecated-declarations warnings on Linux builds
45001906	2019-01-07T16:14:51	Fix warning 'function': incompatible types - from 'git_cvar_value ' to 'int ' (C4133) on VS Signed-off-by: Sven Strickroth <email@cs-ware.de>
321d19c1	2019-01-06T08:36:06	Windows is hard.
b5e8272f	2019-01-06T08:29:56	Attempt at fixing the MingW64 compilation It seems like MingW64's size_t is defined differently than in Linux.
7b453e7e	2019-01-05T22:12:48	Fix a bunch of warnings This change fixes a bunch of warnings that were discovered by compiling with `clang -target=i386-pc-linux-gnu`. It turned out that the intrinsics were not necessarily being used in all platforms! Especially in GCC, since it does not support __has_builtin. Some more warnings were gleaned from the Windows build, but I stopped when I saw that some third-party dependencies (e.g. zlib) have warnings of their own, so we might never be able to enable -Werror there.
d9eae98b	2018-10-24T01:30:12	refs: assert that we're passed valid refs when renaming CID 1382962
0a8745f2	2018-10-24T01:26:48	diff: assert that we're passed a valid git_diff object CID 1386176, 1386177, 1388219
9c23552c	2018-10-24T01:21:21	submodule: grab the error while loading from config Previously, an error in `git_config_next` would be mistaken as a successful load, because the previous call would have succeeded. Coverity saw the subsequent check for a completed iteration as dead, so let's make it useful again. CID 1391374
9f714dec	2018-08-17T18:51:56	config: assert that our parameters are valid CID 1395011
fba70a9d	2019-01-03T12:02:06	Merge pull request #4919 from pks-t/pks/shutdown-cb-count Shutdown callback count
9084712b	2019-01-03T12:01:52	Merge pull request #4904 from libgit2/ethomson/crlf Update CRLF filtering to match modern git
b46c3594	2019-01-02T09:33:55	global: move init callbacks into an array We currently have an explicit callchain of all the initialization callbacks in our `init_common` function. This is perfectly fine, but requires us to manually keep track of how many shutdown callbacks there may be installed: to avoid allocations before libgit2 is fully initialized, we assume that every initializer may register at most one shutdown function. These shutdown functions are stored in a static array of size `MAX_SHUTDOWN_CB`, which then needs to be updated manually whenever a new initializer function is being added. The situation can be easily fixed: convert the callchain of init functions into an array and iterate over it to initialize all subsystems. This allows us to define the `git__shutdown_callbacks` array with the same size as the initializer array and rids us of the need to always update `MAX_SHUTDOWN_CB`.
03dc6480	2019-01-02T09:27:44	hash: convert `global_init` macros to real function The `git_hash_global_init` function is simply defined as a macro to zero for most of the different hash implementations. This makes it impossible to treat it like a function pointer, which is required for a later commit where we want to improve the way global initialization works. Fix the issue by converting all no-op macros to an inline function returning zero. There's a small gotcha here, though: as most hash implementations only have a header file, but not a corresponding implementation file, we cannot declare the function as non-static. But declaring it as `static inline` fails, too, as there is a previous declaration as non-static. So we have to move the function declaration after the include that brings in the function definition, as it is allowed to have a non-static declaration after a static definition, but not the other way round.
8dde7e11	2018-12-19T11:04:58	refdb_fs: refactor error handling in `refdb_reflog_fs__delete` The function `refdb_reflog_fs__delete` uses the `if (!error && foobar())` pattern of checking, where error conditions are being checked by following calls to different code. This does not match our current style, where the call-site of a function is usually directly responsible for checking the return value. Convert the function to use `if ((error = foobar()) < 0) goto out;` style. Note that this changes the code flow a bit: previously, we were always trying to delete empty reference hierarchies even if deleting the reflog entry has failed. This wasn't much of a problem -- if deletion failed, the hierarchy will still contain at least one file and thus the function call was an expensive no-op. Now, we will only perform this deletion if we have successfully removed the reflog.
bc219657	2018-12-19T11:01:55	Merge pull request #4833 from csware/drop-empty-dirs Remove empty (sub-)directories when deleting refs
6ea9381b	2018-12-14T14:43:09	annotated_commit: peel to commit instead of assuming we have one We want to allow the creation of annotated commits out of annotated tags and for that we have to peel the reference all the way to the commit instead of stopping at the first id it provides.
5bd78c48	2018-12-14T14:41:17	refs: constify git_reference_peel We have no need to take a non-const reference. This does involve some other work to make sure we don't mix const and non-const variables, but by splitting what we want each variable to do we can also simplify the logic for when we do want to free a new reference we might have allocated.
da8138b0	2018-12-06T12:59:17	Merge pull request #4906 from QBobWatson/bugfix Fix segfault in loose_backend__readstream
2f3c4b69	2018-12-06T10:48:20	Typesetting conventions
f4835e44	2018-12-04T21:48:12	make proxy_stream_close close target stream even on errors When git_filter_apply_fn callback returns a error while smudging proxy_stream_close ends up returning without closing the stream. This is turn makes blob_content_to_file crash as it asserts the stream being closed whether there are errors or not. Closing the target stream on error fixes this problem.
08afdb57	2018-12-04T10:59:25	Removed one null check
36f80742	2018-12-04T10:12:24	Fix segfault in loose_backend__readstream If the routine exits with error before stream or hash_ctx is initialized, the program will segfault when trying to free them.
ef8f8ec6	2018-12-03T13:35:30	crlf: update to match git's logic Examine the recent CRLF changes to git by Torsten Bögershausen and include similar changes to update our CRLF logic to match. Note: Torsten Bögershausen has previously agreed to allow his changes to be included in libgit2.
168fe39b	2018-11-28T14:26:57	object_type: use new enumeration names Use the new object_type enumeration names within the codebase.
18e71e6d	2018-11-28T13:31:06	index: use new enum and structure names Use the new-style index names throughout our own codebase.
0ddc6094	2018-11-30T09:46:14	Merge pull request #4770 from tiennou/feature/merge-analysis-any-branch Allow merge analysis against any reference
e7873eb2	2018-11-29T08:00:31	Merge pull request #4888 from TheBB/add-cb revwalk: Allow changing hide_cb
487233fa	2018-11-29T07:21:41	Merge pull request #4895 from pks-t/pks/unused-warnings Unused function warnings
a904fc6d	2018-11-28T20:31:30	Merge pull request #4870 from libgit2/ethomson/proxy Add builtin proxy support for the http transport
30ac46aa	2018-11-28T10:12:43	http: reset replay_count upon connection Reset the replay_count upon a successful connection. It's possible that we could encounter a situation where we connect successfully but need to replay a request - for example, a connection and initial request succeeds without authentication but a subsequent call does require authentication. Reset the replay count upon any successful request to afford subsequent replays room to manuever.
02bb39f4	2018-11-22T08:49:09	stream registration: take an enum type Accept an enum (`git_stream_t`) during custom stream registration that indicates whether the registration structure should be used for standard (non-TLS) streams or TLS streams.
52478d7d	2018-11-18T19:54:49	http: don't allow SSL connections to a proxy Temporarily disallow SSL connections to a proxy until we can understand the valgrind warnings when tunneling OpenSSL over OpenSSL.
41f620d9	2018-11-18T19:10:50	http: only load proxy configuration during connection Only load the proxy configuration during connection; we need this data when we're going to connect to the server, however we may mutate it after connection (connecting through a CONNECT proxy means that we should send requests like normal). If we reload the proxy configuration but do not actually reconnect (because we're in a keep-alive session) then we will reload the proxy configuration that we should have mutated. Thus, only load the proxy configuration when we know that we're going to reconnect.
df2cc108	2018-11-18T10:29:07	stream: provide generic registration API Update the new stream registration API to be `git_stream_register` which takes a registration structure and a TLS boolean. This allows callers to register non-TLS streams as well as TLS streams. Provide `git_stream_register_tls` that takes just the init callback for backward compatibliity.

d475d5d6

2019-06-19T12:59:27

config: validate ownership of C:\ProgramData\Git\config before using it When the VirtualStore feature is in effect, it is safe to let random users write into C:\ProgramData because other users won't see those files. This seemed to be the case when we introduced support for C:\ProgramData\Git\config. However, when that feature is not in effect (which seems to be the case in newer Windows 10 versions), we'd rather not use those files unless they come from a trusted source, such as an administrator. This change imitates the strategy chosen by PowerShell's native OpenSSH port to Windows regarding host key files: if a system file is owned neither by an administrator, a system account, or the current user, it is ignored.

887e004e

2019-05-20T12:44:37

define SYMBOLIC_LINK_FLAG_DIRECTORY if not defined (cherry picked from commit 0fd259ed7a597c32d619190898bb5780a1ddbdd4)

4881a867

2019-05-06T14:51:52

Moved dwFlags declaration to beginning of scope (cherry picked from commit 336e98bb95393b165bc5f13f3b729cbddf1fd554)

0d68704a

2019-05-05T07:49:09

Support symlinks for directories in win32 (cherry picked from commit 37a7adb59c5075901bd64259e8a98ccef6f6f452)

98c11905

2019-03-20T12:28:45

Correctly write to missing locked global config Opening a default config when ~/.gitconfig doesn't exist, locking it, and attempting to write to it causes an assertion failure. Treat non-existent global config file content as an empty string. (cherry picked from commit e44110dbbfc9d50b883d73fbb6c9e3b53732ec9d)

9e07f684

2019-04-26T08:01:56

cmake: fix include ordering issues with bundled deps When linking against bundled libraries, we include their header directories by using "-isystem". The reason for that is that we want to handle our vendored library headers specially, most importantly to ignore warnings generated by including them. By using "-isystem", though, we screw up the order of searched include directories by moving those bundled dependencies towards the end of the lookup order. Like this, chances are high that any other specified include directory contains a file that collides with the actual desired include file. Fix this by not treating the bundled dependencies' include directories as system includes. This will move them to the front of the lookup order and thus cause them to override system-provided headers. While this may cause the compiler to generate additional warnings when processing bundled headers, this is a tradeoff we should make regardless to fix builds on systems hitting this issue. (cherry picked from commit ee3d71fb86bad4a681d762d90374e46f1d005714)

085ed2c6

2019-02-25T11:35:16

cmake: correctly detect if system provides `regcomp` We assume that if we are on Win32, Amiga OS, Solaris or SunOS, that the regcomp(3P) function cannot be provided by the system. Thus we will in these cases always include our own, bundled regex sources to make a regcomp implementation available. This test is obviously very fragile, and we have seen it fail on MSYS2/MinGW systems, which do in fact provide the regcomp symbol. The effect is that during compilation, we will use the "regex.h" header provided by MinGW, but use symbols provided by ourselves. This in fact may cause subtle memory layout issues, as the structure made available via MinGW doesn't match what our bundled code expects. There's one more problem with our regex detection: on the listed platforms, we will incorrectly include the bundled regex code even in case where the system provides regcomp_l(3), but it will never be used for anything. Fix the issue by improving our regcomp detection code. Instead of relying on a fragile listing of platforms, we can just use `CHECK_FUNCTION_EXISTS` instead. This will not in fact avoid the header-ordering problem. But we can assume that as soon as a system-provided "regex.h" header is provided, that `CHECK_FUNCTION_EXISTS` will now correctly find the desired symbol and thus not include our bundled regex code. (cherry picked from commit 13cb9f7a3325e71a01073647d1c23f49464f200e)

4ec32d36

2019-04-16T18:13:31

config_file: check result of git_array_alloc git_array_alloc can return NULL if no memory is available, causing a segmentation fault in memset. This adds GIT_ERROR_CHECK_ALLOC similar to how other parts of the code base deal with the return value of git_array_alloc.

9b698978

2019-04-12T08:54:06

git_repository_init: stop traversing at windows root Stop traversing the filesystem at the Windows directory root. We were calculating the filesystem root for the given directory to create, and walking up the filesystem hierarchy. We intended to stop when the traversal path length is equal to the root path length (ie, stopping at the root, since no path may be shorter than the root path). However, on Windows, the root path may be specified in two different ways, as either `Z:` or `Z:\`, where `Z:` is the current drive letter. `git_path_dirname_r` returns the path _without_ a trailing slash, even for the Windows root. As a result, during traversal, we need to test that the traversal path is _less than or equal to_ the root path length to determine if we've hit the root to ensure that we stop when our traversal path is `Z:` and our calculated root path was `Z:\`.

21baf7ab

2019-04-05T10:22:46

ignore: treat paths with trailing "/" as directories The function `git_ignore_path_is_ignored` is there to test the ignore status of paths that need not necessarily exist inside of a repository. This has the implication that for a given path, we cannot always decide whether it references a directory or a file, and we need to distinguish those cases because ignore rules may treat those differently. E.g. given the following gitignore file: * !/**/ we'd only want to unignore directories, while keeping files ignored. But still, calling `git_ignore_path_is_ignored("dir/")` will say that this directory is ignored because it treats "dir/" as a file path. As said, the `is_ignored` function cannot always decide whether the given path is a file or directory, and thus it may produce wrong results in some cases. While this is unfixable in the general case, we can do better when we are being passed a path name with a trailing path separator (e.g. "dir/") and always treat them as directories.

71424f63

2019-03-22T23:56:10

patch_parse.c: Handle CRLF in parse_header_start

c79f9dae

2019-03-29T11:58:50

patch_parse: improve formatting

12bc7181

2019-03-14T15:51:15

ignore: Do not match on prefix of negated patterns Matching on the prefix of a negated pattern was triggering false negatives on siblings of that pattern. e.g. Given the .gitignore: dir/* !dir/sub1/sub2/** The path `dir/a.text` would not be ignored.

856afc27

2019-02-16T22:06:58

Fix a _very_ improbable memory leak in git_odb_new() This change fixes a mostly theoretical memory leak in got_odb_new() that can only manifest if git_cache_init() fails due to running out of memory or not being able to acquire its lock.

5189beb0

2019-02-16T19:55:30

Fix a memory leak in odb_otype_fast() This change frees a copy of a cached object in odb_otype_fast().

96b6fe11

2019-03-29T12:15:20

patch_parse: fix parsing addition/deletion of file with space The diff header format is a strange beast in that it is inherently unparseable in an unambiguous way. While parsing a/file.txt b/file.txt is obvious and trivially doable, parsing a diff header of a/file b/file ab.txt b/file b/file ab.txt is not (but in fact valid and created by git.git). Due to that, we have relaxed our diff header parser in commit 80226b5f6 (patch_parse: allow parsing ambiguous patch headers, 2017-09-22), so that we started to bail out when seeing diff headers with spaces in their file names. Instead, we try to use the "---" and "+++" lines, which are unambiguous. In some cases, though, we neither have a useable file name from the header nor from the "---" or "+++" lines. This is the case when we have a deletion or addition of a file with spaces: the header is unparseable and the other lines will simply show "/dev/null". This trips our parsing logic when we try to extract the prefix (the "a/" part) that is being used in the path line, where we unconditionally try to dereference a NULL pointer in such a scenario. We can fix this by simply not trying to parse the prefix in cases where we have no useable path name. That'd leave the parsed patch without either `old_prefix` or `new_prefix` populated. But in fact such cases are already handled by users of the patch object, which simply opt to use the default prefixes in that case.

24ac9e0c

2019-02-13T23:26:54

deprecation: ensure we GIT_EXTERN deprecated funcs Although the error functions were deprecated, we did not properly mark them as deprecated. We need to include the `deprecated.h` file in order to ensure that the functions get their export attributes. Similarly, do not define `GIT_DEPRECATE_HARD` within the library, or those functions will also not get their export attributes. Define that only on the tests and examples.

0ceac0d0

2019-01-23T14:45:19

mbedtls: fix potential size overflow when reading or writing data The mbedtls library uses a callback mechanism to allow downstream users to plug in their own receive and send functions. We implement `bio_read` and `bio_write` functions, which simply wrap the `git_stream_read` and `git_stream_write` functions, respectively. The problem arises due to the return value of the callback functions: mbedtls expects us to return an `int` containing the actual number of bytes that were read or written. But this is in fact completely misdesigned, as callers are allowed to pass in a buffer with length `SIZE_MAX`. We thus may be unable to represent the number of bytes written via the return value. Fix this by only ever reading or writing at most `INT_MAX` bytes.

75918aba

2019-01-23T14:43:54

mbedtls: make global variables static The mbedtls stream implementation makes use of some global variables which are not marked as `static`, even though they're only used in this compilation unit. Fix this and remove a duplicate declaration.

657197e6

2019-01-23T15:54:05

openssl: fix potential size overflow when writing data Our `openssl_write` function calls `SSL_write` by passing in both `data` and `len` arguments directly. Thing is, our `len` parameter is of type `size_t` and theirs is of type `int`. We thus need to clamp our length to be at most `INT_MAX`.

7613086d

2019-01-23T15:49:28

streams: handle short writes only in generic stream Now that the function `git_stream__write_full` exists and callers of `git_stream_write` have been adjusted, we can lift logic for short writes out of the stream implementations. Instead, this is now handled either by `git_stream__write_full` or by callers of `git_stream_write` directly.

5265b31c

2019-01-23T15:00:20

streams: fix callers potentially only writing partial data Similar to the write(3) function, implementations of `git_stream_write` do not guarantee that all bytes are written. Instead, they return the number of bytes that actually have been written, which may be smaller than the total number of bytes. Furthermore, due to an interface design issue, we cannot ever write more than `SSIZE_MAX` bytes at once, as otherwise we cannot represent the number of bytes written to the caller. Unfortunately, no caller of `git_stream_write` ever checks the return value, except to verify that no error occurred. Due to this, they are susceptible to the case where only partial data has been written. Fix this by introducing a new function `git_stream__write_full`. In contrast to `git_stream_write`, it will always return either success or failure, without returning the number of bytes written. Thus, it is able to write all `SIZE_MAX` bytes and loop around `git_stream_write` until all data has been written. Adjust all callers except the BIO callbacks in our mbedtls and OpenSSL streams, which already do the right thing and require the amount of bytes written.

193e7ce9

2019-01-23T15:42:07

streams: make file-local functions static The callback functions that implement the `git_stream` structure are only used inside of their respective implementation files, but they are not marked as `static`. Fix this.

89bd4ddb

2019-01-21T11:32:53

diff_generate: validate oid file size Index entries are 32 bit unsigned ints, not `size_t`s.

fd9d4e28

2019-01-21T11:29:16

describe: don't mix and match abbreviated size types The git_describe_format_options.abbreviated_size type is an unsigned int. There's no need for it to be anything else; keep it what it is.

751eb462

2019-01-21T11:20:18

delta: validate sizes and cast safely Quiet down a warning from MSVC about how we're potentially losing data. Validate that our data will fit into the type provided then cast.

4947216f

2019-01-21T11:11:27

git transport: only write INT_MAX bytes The transport code returns an `int` with the number of bytes written; thus only attempt to write at most `INT_MAX`.

a861839d

2019-01-21T10:55:59

windows: add SSIZE_MAX Windows doesn't include ssize_t or its _MAX value by default. We are already declaring ssize_t as SSIZE_T, which is __int64_t on Win64 and long otherwise. Include its _MAX value as a correspondence to its type.

f1986a23

2019-01-21T09:56:23

streams: don't write more than SSIZE_MAX Our streams implementation takes a `size_t` that indicates the length of the data buffer to be written, and returns an `ssize_t` that indicates the length that _was_ written. Clearly no such implementation can write more than `SSIZE_MAX` bytes. Ensure that each TLS stream implementation does not try to write more than `SSIZE_MAX` bytes (or smaller; if the given implementation takes a smaller size).

e5e2fac8

2019-01-21T00:57:39

buffer: explicitly cast Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested it.

f4ebb2d4

2019-01-21T00:56:35

blame: make hunk_cmp handle unsigned differences

ae681d3f

2019-01-21T00:49:07

apply: make update_hunk accept a size_t

fac08837

2019-01-21T11:38:46

filter: return an int Validate that the return value of the read is not less than INT_MAX, then cast.

1d4ddb8e

2019-01-20T23:42:08

iterator: cast filesystem iterator entry values explicitly The filesystem iterator takes `stat` data from disk and puts them into index entries, which use 32 bit ints for time (the seconds portion) and filesize. However, on most systems these are not 32 bit, thus will typically invoke a warning. Most users ignore these fields entirely. Diff and checkout code do use the values, however only for the cache to determine if they should check file modification. Thus, this is not a critical error (and will cause a hash recomputation at worst).

c6cac733

2019-01-20T22:40:38

blob: validate that blob sizes fit in a size_t Our blob size is a `git_off_t`, which is a signed 64 bit int. This may be erroneously negative or larger than `SIZE_MAX`. Ensure that the blob size fits into a `size_t` before casting.

3aa6d96a

2019-01-20T20:38:25

tree: cast filename length in git_tree__parse_raw Quiet down a warning from MSVC about how we're potentially losing data. Ensure that we're within a uint16_t before we do.

759502ed

2019-01-20T20:30:42

odb_loose: explicitly cast to size_t Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested that it's positive and less than SIZE_MAX.

80c3867b

2019-01-20T19:20:12

patch: explicitly cast down in parse_header_percent Quiet down a warning from MSVC about how we're potentially losing data. This is safe since we've explicitly tested that it's within the range of 0-100.

494448a5

2019-01-20T19:10:08

index: explicitly cast down to a size_t Quiet down a warning from MSVC about how we're potentially losing data. This cast is safe since we've explicitly tested that `strip_len` <= `last_len`.

c3866fa8

2019-01-20T18:54:16

diff: explicitly cast in flush_hunk Quiet down a warning from MSVC about how we're potentially losing data.

826d9a4d

2019-01-25T09:43:20

Merge pull request #4858 from tiennou/fix/index-ext-read index: preserve extension parsing errors

e09f0c10

2019-01-23T10:21:42

deprecation: don't use deprecated stream cb Avoid the deprecated `git_stream_cb` typedef since we want to compile the library without deprecated functions or types. Instead, we can unroll the alias to its actual type.

bff7aed2

2019-01-24T16:44:04

Don't use deprecated constants Follow up for PR #4917. Signed-off-by: Sven Strickroth <email@cs-ware.de>

0bf7e043

2019-01-24T12:12:04

index: preserve extension parsing errors Previously, we would clobber any extension-specific error message with an "extension is truncated" message. This makes `read_extension` correctly preserve those errors, takes responsibility for truncation errors, and adds a new message with the actual extension signature for unsupported mandatory extensions.

53bf0bde

2019-01-24T11:29:36

Fix VS warning C4098: 'giterr_set_str' : void function returning a value Signed-off-by: Sven Strickroth <email@cs-ware.de>

f673e232

2018-12-27T13:47:34

git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.

647dfdb4

2019-01-10T22:13:07

git_error: deprecate error values Replace the `GITERR` values with a `const int` to deprecate error values.

20961b98

2018-12-26T14:06:21

git_error: use full class name in public error API Move to the `git_error` name in error-related functions, deprecating the `giterr` functions. This means, for example, that `giterr_last` is now `git_error_last`. The old names are retained for compatibility. This only updates the public API; internal API and function usage remains unchanged.

f7416509

2019-01-20T20:15:31

Fix odb foreach to also close on positive error code In include/git2/odb.h it states that callback can also return positive value which should break looping. Implementations of git_odb_foreach() and pack_backend__foreach() did not respect that.

b8b796c1

2019-01-20T18:09:43

repository: free memory in symlink detection function

86b522bd

2019-01-20T14:27:57

Merge pull request #4945 from libgit2/ethomson/fix-intrinsics Add/multiply with overflow tweaks

75444d97

2019-01-20T13:52:46

add with overflow: correct documentation Correct the documentation on the fallback add/multiply with overflow functions.

abbc07f1

2019-01-20T13:51:15

add with overflow: use SizeTAdd on Windows Windows provides <intsafe.h> which provides "performant" add and multiply with overflow operations. Use them when possible.

c6d47acf

2019-01-20T13:04:10

Remove unused git__add_uint64_overflow

f04f1c7e

2019-01-20T13:00:53

add with overflow intrinsics: simplify tests Use the smallest unsigned type that is equivalent to `size_t` to simplify the conditionals. Error if we're on a system that we believe offers builtins but we cannot determine which one to use.

1758636b

2019-01-19T01:38:34

Merge pull request #4939 from libgit2/ethomson/git_ref Move `git_ref_t` to `git_reference_t`

b2c2dc64

2019-01-19T01:36:40

Merge pull request #4940 from libgit2/ethomson/git_obj More `git_obj` to `git_object` updates

abe23675

2019-01-17T20:09:05

Merge pull request #4925 from lhchavez/fix-a-bunch-of-warnings Fix a bunch of warnings

83151018

2019-01-17T10:47:32

object_type: convert final internal users to new names Update some missed types that were continuing to use the old `GIT_OBJ` names.

cd350852

2019-01-17T10:40:13

object_type: GIT_OBJECT_BAD is now GIT_OBJECT_INVALID We use the term "invalid" to refer to bad or malformed data, eg `GIT_REF_INVALID` and `GIT_EINVALIDSPEC`. Since we're changing the names of the `git_object_t`s in this release, update it to be `GIT_OBJECT_INVALID` instead of `BAD`.

ed8cfbf0

2019-01-17T00:32:31

references: use new names in internal usage Update internal usage to use the `git_reference` names for constants.

35d86c77

2019-01-14T10:14:36

proxy: fix crash on remote connection with GIT_PROXY_AUTO but no proxy is detected

2848923a

2019-01-08T17:32:23

Let GCC use the add/mul overflow intrinsics This change tweaks the macros for git__{add,multiply}_sizet_overflow so that GCC can use them. It also stops using the uadd,umul versions since the add,mul can handle way more cases.

c6bfaf14

2019-01-09T06:58:40

Explanation for the rationale behind splitting formatting

1305cd4e

2019-01-09T09:55:26

Merge pull request #4926 from csware/warning-c4133 Fix warning 'function': incompatible types - from 'git_cvar_value *' to 'int *' (C4133) on VS

728101e3

2019-01-08T17:35:16

Move the intrinsics part of the change to its own PR Less controversial changes together is better.

8b599528

2019-01-08T17:26:14

Fix Linux warnings This change fixes -Wmaybe-uninitialized and -Wdeprecated-declarations warnings on Linux builds

45001906

2019-01-07T16:14:51

Fix warning 'function': incompatible types - from 'git_cvar_value *' to 'int *' (C4133) on VS Signed-off-by: Sven Strickroth <email@cs-ware.de>

321d19c1

2019-01-06T08:36:06

Windows is hard.

b5e8272f

2019-01-06T08:29:56

Attempt at fixing the MingW64 compilation It seems like MingW64's size_t is defined differently than in Linux.

7b453e7e

2019-01-05T22:12:48

Fix a bunch of warnings This change fixes a bunch of warnings that were discovered by compiling with `clang -target=i386-pc-linux-gnu`. It turned out that the intrinsics were not necessarily being used in all platforms! Especially in GCC, since it does not support __has_builtin. Some more warnings were gleaned from the Windows build, but I stopped when I saw that some third-party dependencies (e.g. zlib) have warnings of their own, so we might never be able to enable -Werror there.

d9eae98b

2018-10-24T01:30:12

refs: assert that we're passed valid refs when renaming CID 1382962

0a8745f2

2018-10-24T01:26:48

diff: assert that we're passed a valid git_diff object CID 1386176, 1386177, 1388219

9c23552c

2018-10-24T01:21:21

submodule: grab the error while loading from config Previously, an error in `git_config_next` would be mistaken as a successful load, because the previous call would have succeeded. Coverity saw the subsequent check for a completed iteration as dead, so let's make it useful again. CID 1391374

9f714dec

2018-08-17T18:51:56

config: assert that our parameters are valid CID 1395011

fba70a9d

2019-01-03T12:02:06

Merge pull request #4919 from pks-t/pks/shutdown-cb-count Shutdown callback count

9084712b

2019-01-03T12:01:52

Merge pull request #4904 from libgit2/ethomson/crlf Update CRLF filtering to match modern git

b46c3594

2019-01-02T09:33:55

global: move init callbacks into an array We currently have an explicit callchain of all the initialization callbacks in our `init_common` function. This is perfectly fine, but requires us to manually keep track of how many shutdown callbacks there may be installed: to avoid allocations before libgit2 is fully initialized, we assume that every initializer may register at most one shutdown function. These shutdown functions are stored in a static array of size `MAX_SHUTDOWN_CB`, which then needs to be updated manually whenever a new initializer function is being added. The situation can be easily fixed: convert the callchain of init functions into an array and iterate over it to initialize all subsystems. This allows us to define the `git__shutdown_callbacks` array with the same size as the initializer array and rids us of the need to always update `MAX_SHUTDOWN_CB`.

03dc6480

2019-01-02T09:27:44

hash: convert `global_init` macros to real function The `git_hash_global_init` function is simply defined as a macro to zero for most of the different hash implementations. This makes it impossible to treat it like a function pointer, which is required for a later commit where we want to improve the way global initialization works. Fix the issue by converting all no-op macros to an inline function returning zero. There's a small gotcha here, though: as most hash implementations only have a header file, but not a corresponding implementation file, we cannot declare the function as non-static. But declaring it as `static inline` fails, too, as there is a previous declaration as non-static. So we have to move the function declaration after the include that brings in the function definition, as it is allowed to have a non-static declaration after a static definition, but not the other way round.

8dde7e11

2018-12-19T11:04:58

refdb_fs: refactor error handling in `refdb_reflog_fs__delete` The function `refdb_reflog_fs__delete` uses the `if (!error && foobar())` pattern of checking, where error conditions are being checked by following calls to different code. This does not match our current style, where the call-site of a function is usually directly responsible for checking the return value. Convert the function to use `if ((error = foobar()) < 0) goto out;` style. Note that this changes the code flow a bit: previously, we were always trying to delete empty reference hierarchies even if deleting the reflog entry has failed. This wasn't much of a problem -- if deletion failed, the hierarchy will still contain at least one file and thus the function call was an expensive no-op. Now, we will only perform this deletion if we have successfully removed the reflog.

bc219657

2018-12-19T11:01:55

Merge pull request #4833 from csware/drop-empty-dirs Remove empty (sub-)directories when deleting refs

6ea9381b

2018-12-14T14:43:09

annotated_commit: peel to commit instead of assuming we have one We want to allow the creation of annotated commits out of annotated tags and for that we have to peel the reference all the way to the commit instead of stopping at the first id it provides.

5bd78c48

2018-12-14T14:41:17

refs: constify git_reference_peel We have no need to take a non-const reference. This does involve some other work to make sure we don't mix const and non-const variables, but by splitting what we want each variable to do we can also simplify the logic for when we do want to free a new reference we might have allocated.

da8138b0

2018-12-06T12:59:17

Merge pull request #4906 from QBobWatson/bugfix Fix segfault in loose_backend__readstream

2f3c4b69

2018-12-06T10:48:20

Typesetting conventions

f4835e44

2018-12-04T21:48:12

make proxy_stream_close close target stream even on errors When git_filter_apply_fn callback returns a error while smudging proxy_stream_close ends up returning without closing the stream. This is turn makes blob_content_to_file crash as it asserts the stream being closed whether there are errors or not. Closing the target stream on error fixes this problem.

08afdb57

2018-12-04T10:59:25

Removed one null check

36f80742

2018-12-04T10:12:24

Fix segfault in loose_backend__readstream If the routine exits with error before stream or hash_ctx is initialized, the program will segfault when trying to free them.

ef8f8ec6

2018-12-03T13:35:30

crlf: update to match git's logic Examine the recent CRLF changes to git by Torsten Bögershausen and include similar changes to update our CRLF logic to match. Note: Torsten Bögershausen has previously agreed to allow his changes to be included in libgit2.

168fe39b

2018-11-28T14:26:57

object_type: use new enumeration names Use the new object_type enumeration names within the codebase.

18e71e6d

2018-11-28T13:31:06

index: use new enum and structure names Use the new-style index names throughout our own codebase.

0ddc6094

2018-11-30T09:46:14

Merge pull request #4770 from tiennou/feature/merge-analysis-any-branch Allow merge analysis against any reference

e7873eb2

2018-11-29T08:00:31

Merge pull request #4888 from TheBB/add-cb revwalk: Allow changing hide_cb

487233fa

2018-11-29T07:21:41

Merge pull request #4895 from pks-t/pks/unused-warnings Unused function warnings

a904fc6d

2018-11-28T20:31:30

Merge pull request #4870 from libgit2/ethomson/proxy Add builtin proxy support for the http transport

30ac46aa

2018-11-28T10:12:43

http: reset replay_count upon connection Reset the replay_count upon a successful connection. It's possible that we could encounter a situation where we connect successfully but need to replay a request - for example, a connection and initial request succeeds without authentication but a subsequent call does require authentication. Reset the replay count upon any successful request to afford subsequent replays room to manuever.

02bb39f4

2018-11-22T08:49:09

stream registration: take an enum type Accept an enum (`git_stream_t`) during custom stream registration that indicates whether the registration structure should be used for standard (non-TLS) streams or TLS streams.

52478d7d

2018-11-18T19:54:49

http: don't allow SSL connections to a proxy Temporarily disallow SSL connections to a proxy until we can understand the valgrind warnings when tunneling OpenSSL over OpenSSL.

41f620d9

2018-11-18T19:10:50

http: only load proxy configuration during connection Only load the proxy configuration during connection; we need this data when we're going to connect to the server, however we may mutate it after connection (connecting through a CONNECT proxy means that we should send requests like normal). If we reload the proxy configuration but do not actually reconnect (because we're in a keep-alive session) then we will reload the proxy configuration that we should have mutated. Thus, only load the proxy configuration when we know that we're going to reconnect.

df2cc108

2018-11-18T10:29:07

stream: provide generic registration API Update the new stream registration API to be `git_stream_register` which takes a registration structure and a TLS boolean. This allows callers to register non-TLS streams as well as TLS streams. Provide `git_stream_register_tls` that takes just the init callback for backward compatibliity.

thodg/libgit2/src

src

Log