|
34f1ded9
|
2017-12-13T00:19:41
|
|
stransport: provide error message on trust failures
Fixes #4440
|
|
b9895144
|
2016-08-08T14:47:32
|
|
stransport: do not use `git_stream_free` on uninitialized stransport
When failing to initialize a new stransport stream, we try to
release already allocated memory by calling out to
`git_stream_free`, which in turn called out to the stream's
`free` function pointer. As we only initialize the function
pointer later on, this leads to a `NULL` pointer exception.
Furthermore, plug another memory leak when failing to create the
SSL context.
|
|
b47e79e2
|
2016-08-08T08:42:32
|
|
Merge pull request #3890 from pks-t/pks/stransport-static-linkage
stransport: make internal functions static
|
|
067bf5dc
|
2016-08-08T13:49:17
|
|
stransport: make internal functions static
|
|
9884dd61
|
2016-08-05T18:40:37
|
|
SecureTransport: handle NULL trust on success
The `SSLCopyPeerTrust` call can succeed but fail to return a trust
object if it can't load the certificate chain and thus cannot check the
validity of a certificate. This can lead to us calling `CFRelease` on a
`NULL` trust object, causing a crash.
Handle this by returning ECERTIFICATE.
|
|
2527db87
|
2016-05-05T23:34:23
|
|
Fix unused variable 'message' warning
|
|
e0aed4bd
|
2016-04-21T11:01:09
|
|
stransport: pass proxy opts instead of char*
|
|
79698030
|
2015-06-29T22:51:18
|
|
git_cert: child types use proper base type
|
|
cae2a555
|
2015-06-26T08:17:56
|
|
Fixed build failure if GIT_CURL is not defined
|
|
58ca8c7e
|
2015-06-24T17:27:16
|
|
SecureTransport: use the curl stream if available
If the libcurl stream is available, use that as the underlying stream
instead of the socket stream. This allows us to set a proxy for HTTPS
connections.
|
|
b224c388
|
2015-05-07T14:21:25
|
|
Fix in stransport_stream.c for usage of SecCopyErrorMessageString(), which is unavailable to iOS targets.
|
|
6d0a0aca
|
2015-06-11T23:20:28
|
|
Fixed some Secure Transport issues on OS X
The read and write callbacks passed to SSLSetIOFuncs() have been
rewritten to match the implementation used on opensource.apple.com and
other open source projects like VLC.
This change also fixes a bug where the read callback could get into
an infinite loop when 0 bytes were read.
|
|
44b769e4
|
2015-04-13T15:39:58
|
|
SecureTransport: handle graceful closes
On close, we might get a return code which looks like an error but just
means that the other side closed gracefully. Handle that.
|
|
65ac7ddc
|
2015-03-24T16:31:51
|
|
SecureTransport: require TLS v1.x
Anything SSL is deprecated. Let's make sure we don't try to use SSL v3
when talking to the server.
|
|
b7e1c81d
|
2015-03-19T10:51:48
|
|
SecureTransport: allow overriding a bad certificate
Do not automatically fail on a bad certificate, but let the caller
decide. This means we don't need our switch on errors anymore but can
return a string representation from the security framework.
|
|
6bb54cbf
|
2014-11-02T13:23:32
|
|
Add a SecureTransport TLS channel
As an alternative to OpenSSL when we're on OS X. This one can actually
take advantage of stacking the streams.
|