kmx git

Commit	Date	Message
f0e693b1	2021-09-07T17:53:49	str: introduce `git_str` for internal, `git_buf` is external libgit2 has two distinct requirements that were previously solved by `git_buf`. We require: 1. A general purpose string class that provides a number of utility APIs for manipulating data (eg, concatenating, truncating, etc). 2. A structure that we can use to return strings to callers that they can take ownership of. By using a single class (`git_buf`) for both of these purposes, we have confused the API to the point that refactorings are difficult and reasoning about correctness is also difficult. Move the utility class `git_buf` to be called `git_str`: this represents its general purpose, as an internal string buffer class. The name also is an homage to Junio Hamano ("gitstr"). The public API remains `git_buf`, and has a much smaller footprint. It is generally only used as an "out" param with strict requirements that follow the documentation. (Exceptions exist for some legacy APIs to avoid breaking callers unnecessarily.) Utility functions exist to convert a user-specified `git_buf` to a `git_str` so that we can call internal functions, then converting it back again.
3c0f14cc	2021-09-01T20:34:28	remote: refactor proxy detection Update the proxy detection for a remote. 1. Honor `http.<url>.proxy` syntax for a remote's direct URL and parent URLs. 2. Honor an empty configuration URL to override a proxy configuration. Add tests to ensure that configuration specificity is honored.
e5a32774	2021-02-11T22:53:16	Add NO_PROXY env support Item 2 of 3 from #4164 Signed-off-by: Mathieu Parent <math.parent@gmail.com>
16a2e667	2021-08-29T22:53:28	Merge pull request #6012 from libgit2/ethomson/custom_url remote: introduce remote_ready_cb, deprecate resolve_url callback
0e047268	2021-08-25T18:01:34	opts: test GIT_OPT_SET_SSL_CERT_LOCATIONS Include a self-signed certificate for test.libgit2.org:1443 that we can use to verify that GIT_OPT_SET_SSL_CERT_LOCATIONS works.
72df17c6	2021-08-27T10:59:51	remote: introduce git_remote_ready_cb Introduce a new callback that fires when the remote is ready to connect.
bea1b024	2021-06-16T10:32:46	Add test for fetch proxy memleak
592a3252	2021-03-01T11:00:37	winhttp: test proxy https clone
589b8129	2020-12-14T10:43:07	badssl: RC4 should not fail with ECERTIFICATE Using RC4 is not a _certificate_ problem, it's a cipher problem. The SSL implementation should and will fail with an unrecoverable error (-1). There's no opportunity to accept/continue.
89ffa98e	2017-11-18T15:51:08	badssl: re-enable RC4 test This used to fail with an error indicating a mis-use of OpenSSL on platforms using it due to poor error handling. Re-enable it even if this isn't the right error code to use for now.
b52bb4d4	2020-10-11T13:20:52	refs: use git_reference_name_is_valid
c837bff1	2020-10-05T11:03:39	clone: test that the origin HEAD is created Ensure that we created `refs/remotes/origin/HEAD` when cloning, a symbolic link pointing to `refs/remotes/origin/<default>`
53a8f463	2020-06-03T07:40:59	Merge pull request #5536 from libgit2/ethomson/http httpclient: support googlesource
51eff5a5	2020-05-29T13:13:19	strarray: we should `dispose` instead of `free` We _dispose_ the contents of objects; we _free_ objects (and their contents). Update `git_strarray_free` to be `git_strarray_dispose`. `git_strarray_free` remains as a deprecated proxy function.
b7bdb071	2020-05-30T15:21:48	online::clone: test a googlesource URL Google Git (googlesource.com) behaves differently than git proper. Test that we can communicate with it.
46228d86	2020-02-06T11:10:27	transports: http: fix custom headers not being applied In commit b9c5b15a7 (http: use the new httpclient, 2019-12-22), the HTTP code got refactored to extract a generic HTTP client that operates independently of the Git protocol. Part of refactoring was the creation of a new `git_http_request` struct that encapsulates the generation of requests. Our Git-specific HTTP transport was converted to use that in `generate_request`, but during the process we forgot to set up custom headers for the `git_http_request` and as a result we do not send out these headers anymore. Fix the issue by correctly setting up the request's custom headers and add a test to verify we correctly send them.
93a9044f	2020-01-31T08:49:34	fetchhead: strip credentials from remote URL If fetching from an anonymous remote via its URL, then the URL gets written into the FETCH_HEAD reference. This is mainly done to give valuable context to some commands, like for example git-merge(1), which will put the URL into the generated MERGE_MSG. As a result, what gets written into FETCH_HEAD may become public in some cases. This is especially important considering that URLs may contain credentials, e.g. when cloning 'https://foo:bar@example.com/repo' we persist the complete URL into FETCH_HEAD and put it without any kind of sanitization into the MERGE_MSG. This is obviously bad, as your login data has now just leaked as soon as you do git-push(1). When writing the URL into FETCH_HEAD, upstream git does strip credentials first. Let's do the same by trying to parse the remote URL as a "real" URL, removing any credentials and then re-formatting the URL. In case this fails, e.g. when it's a file path or not a valid URL, we just fall back to using the URL as-is without any sanitization. Add tests to verify our behaviour.
3f54ba8b	2020-01-18T13:51:40	credential: change git_cred to git_credential We avoid abbreviations where possible; rename git_cred to git_credential. In addition, we have standardized on a trailing `_t` for enum types, instead of using "type" in the name. So `git_credtype_t` has become `git_credential_t` and its members have become `GIT_CREDENTIAL` instead of `GIT_CREDTYPE`. Finally, the source and header files have been renamed to `credential` instead of `cred`. Keep previous name and values as deprecated, and include the new header files from the previous ones.
bf55facf	2019-10-25T12:24:34	tests: allow users to use expect/continue
fe4efe2e	2019-12-03T10:17:30	tests: test that clone returns 4321 This conditional was backwards. We should instead test that clone returns 4321, not that 4321 returns clone.
0005c77a	2019-11-24T15:49:49	test: add an azure repos test We currently talk to Azure Repos for executing an online test (online::clone::path_whitespace). Add a simpler test to talk to Azure Repos to make it obvious that strange test failures are not likely the whitespace in the path, but actually a function of talking to Azure Repos itself.
62b80138	2019-08-13T09:10:10	clone: Remove whitespace ssh test Will add later when infrastructure is configured
b15e7f2d	2019-08-12T09:56:51	clone: Update whitespace test url
42ea2f95	2019-07-25T13:15:10	clone: whitespace in url ssh test
1748f92c	2019-07-24T16:36:45	clone: whitespace in url test
e54343a4	2019-06-29T09:17:32	fileops: rename to "futils.h" to match function signatures Our file utils functions all have a "futils" prefix, e.g. `git_futils_touch`. One would thus naturally guess that their definitions and implementation would live in files "futils.h" and "futils.c", respectively, but in fact they live in "fileops.h". Rename the files to match expectations.
e48dbdf9	2019-05-20T05:51:44	fetchhead: use size_t in tests
3d11b6c5	2019-03-11T20:36:09	winhttp: support default credentials for proxies We did not properly support default credentials for proxies, only for destination servers. Refactor the credential handling to support sending either username/password _or_ default credentials to either the proxy or the destination server. This actually shares the authentication logic between proxy servers and destination servers. Due to copy/pasta drift over time, they had diverged. Now they share a common logic which is: first, use credentials specified in the URL (if there were any), treating empty username and password (ie, "http://:@foo.com/") as default credentials, for compatibility with git. Next, call the credential callbacks. Finally, fallback to WinHTTP compatibility layers using built-in authentication like we always have. Allowing default credentials for proxies requires moving the security level downgrade into the credential setting routines themselves. We will update our security level to "high" by default which means that we will never send default credentials without prompting. (A lower setting, like the WinHTTP default of "medium" would allow WinHTTP to handle credentials for us, despite what a user may have requested with their structures.) Now we start with "high" and downgrade to "low" only after a user has explicitly requested default credentials.
757411a0	2019-03-11T12:56:09	network: don't add arbitrary url rules There's no reason a git repository couldn't be at the root of a server, and URLs should have an implicit path of '/' when one is not specified.
e66a4eb3	2019-06-05T14:19:14	online tests: use gitlab for auth failures GitHub recently changed their behavior from returning 401s for private or nonexistent repositories on a clone to returning 404s. For our tests that require an auth failure (and 401), move to GitLab to request a missing repository. This lets us continue to test our auth failure case, at least until they decide to mimic that decision.
59647e1a	2019-04-08T15:54:25	remote: add callback to resolve URLs before connecting Since libssh2 doesn't read host configuration from the config file, this callback can be used to hand over URL resolving to the client without touching the SSH implementation itself.
a1ef995d	2019-02-21T10:33:30	indexer: use git_indexer_progress throughout Update internal usage of `git_transfer_progress` to `git_indexer_progreses`.
f673e232	2018-12-27T13:47:34	git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.
ed8cfbf0	2019-01-17T00:32:31	references: use new names in internal usage Update internal usage to use the `git_reference` names for constants.
35d86c77	2019-01-14T10:14:36	proxy: fix crash on remote connection with GIT_PROXY_AUTO but no proxy is detected
45054732	2018-10-29T10:45:59	tests: optionally ignore https cert validation For testing, we may wish to use a man-in-the-middle proxy that can inspect the CONNECT traffic to our test endpoints. For this, we will need to accept the proxy's certificate, which will not be valid for the true endpoint. Add a new environment variable, GITTEST_REMOTE_SSL_NOVERIFY to disable https certificate validation for the tests.
6ba3e6af	2018-11-18T21:53:48	proxy tests: rename credential callback Rename credential callback to proxy_cred_cb to match new cert callback.
394ae7e1	2018-10-22T17:35:35	proxy tests: support self-signed proxy cert Give the proxy tests a proxy certificate callback, and allow self-signed certificates when the `GITTEST_REMOTE_PROXY_SELFSIGNED` environment variable is set (to anything). In that case, simply compare the hostname from the callback to the hostname that we connected to.
4ecc14cd	2018-10-21T23:47:53	tests: support optional PROXY_SCHEME As we want to support HTTPS proxies, support an optional `GITTEST_REMOTE_PROXY_SCHEME` environment variable for tests that will allow for HTTPS support. (When unset, the tests default to HTTP proxies.)
de60d9b4	2018-10-21T21:00:37	tests: PROXY_URL is more accurately PROXY_HOST Change the `GITTEST_REMOTE_PROXY_URL` environment variable to be `GITTEST_REMOTE_PROXY_HOST`, since it is a host:port combination, not an actual URL. (We cannot use a URL here since we may want to include the username:password combination in the constructed URL.)
e84914fd	2018-09-20T20:11:36	online::clone: free url and username before resetting Before resetting the url and username, ensure that we free them in case they were set by environment variables.
d285de73	2018-07-20T21:52:24	push tests: deeply free the specs Don't just free the spec vector, also free the specs themselves.
dad99881	2018-07-20T21:51:36	push tests: deeply free the push status Don't just free the push status structure, actually free the strings that were strdup'd into the struct as well.
ecf4f33a	2018-02-08T11:14:48	Convert usage of `git_buf_free` to new `git_buf_dispose`
fd634019	2018-04-16T15:42:35	Merge pull request #4556 from libgit2/ethomson/proxy_pass_in_env online::clone: validate user:pass in HTTP_PROXY
54bf4d14	2018-03-20T07:47:27	online tests: update auth for bitbucket test Update the settings to use a specific read-only token for accessing our test repositories in Bitbucket.
03c58778	2018-03-19T09:20:35	online::clone: skip creds fallback test At present, we have three online tests against bitbucket: one which specifies the credentials in the payload, one which specifies the correct credentials in the URL and a final one that specifies the incorrect credentials in the URL. Bitbucket has begun responding to the latter test with a 403, which causes us to fail. Break these three tests into separate tests so that we can skip the latter until this is resolved on Bitbucket's end or until we can change the test to a different provider.
e380eae0	2018-02-28T16:10:53	online::clone: validate user:pass in HTTP_PROXY Validate using the http://user:pass@host/ format in HTTP_PROXY and HTTPS_PROXY environment variables.
820fb712	2018-01-18T07:48:28	tests: online::clone: fix memory leak due to not freeing URL
54a1bf05	2017-06-07T13:06:53	tests: online::clone: inline creds-test with nonexistent URL Right now, we test our credential callback code twice, once via SSH on localhost and once via a non-existent GitHub repository. While the first URL makes sense to be configurable, it does not make sense to hard-code the non-existing repository, which requires us to call tests multiple times. Instead, we can just inline the URL into another set of tests.
fea60920	2017-06-07T12:48:48	tests: online::clone: construct credential-URL from environment We support two types of passing credentials to the proxy, either via the URL or explicitly by specifying user and password. We test these types by modifying the proxy URL and executing the tests twice, which is in fact unnecessary and requires us to maintain the list of environment variables and test executions across multiple CI infrastructures. To fix the situation, we can just always pass the host, port, user and password to the tests. The tests can then assemble the complete URL either with or without included credentials, allowing us to test both cases in-process.
fb585d01	2017-07-31T00:58:58	Merge branch '4233'
c2c95ad0	2017-04-26T13:16:18	tests: online::clone: use URL of test server All our tests running against a local SSH server usually read the server's URL from environment variables. But online::clone::ssh_cert test fails to do so and instead always connects to "ssh://localhost/foo". This assumption breaks whenever the SSH server is not running on the standard port, e.g. when it is running as a user. Fix the issue by using the URL provided by the environment.
9364f274	2017-05-05T09:40:38	remote: test creating and fetching detached remotes
34b79391	2017-05-05T09:14:20	tests: online::remotes: add defines for URL and refspec The repository URL is duplicated several times and can be de-duplicated like this. Furthermore, exchange the static refspec variable with a define to reduce BSS size.
8897f8fe	2017-05-05T09:47:54	remote: reject various actions for detached remotes There are only few actions which actually make sense for a detached remote, like e.g. `git_remote_ls`, `git_remote_prune`. For all the other actions, we have to report an error when the remote has no repository attached to it. This commit does so and implements some tests.
a4de1ae3	2017-04-25T10:14:19	cmake: define GIT_HTTPS when HTTPS is supported
2ac57aa8	2017-01-09T17:53:21	https: don't test that RC4 is invalid None of our crypto backends actually reject RC4 as a cipher so don't test for it and instead keep it as something we'd like to do.
3829ba2e	2017-01-09T17:50:17	http: correct the expected error for RC4 We must make sure that we're getting a certificate error from the library so we know that we're testing the right thing.
98d66240	2017-01-06T10:51:31	http: perform 'badssl' check also via certificate callback Make sure that the callbacks do also get a 'valid' value of zero when the certificate we're looking at is in valid and assert that within the test.
30a876cd	2016-10-27T11:29:15	tests: fetchhead: fix memory leak
1eee631d	2016-08-04T13:45:28	refspec: do not set empty rhs for fetch refspecs According to git-fetch(1), "[t]he colon can be omitted when <dst> is empty." So according to git, the refspec "refs/heads/master" is the same as the refspec "refs/heads/master:" when fetching changes. When trying to fetch from a remote with a trailing colon with libgit2, though, the fetch actually fails while it works when the trailing colon is left out. So obviously, libgit2 does _not_ treat these two refspec formats the same for fetches. The problem results from parsing refspecs, where the resulting refspec has its destination set to an empty string in the case of a trailing colon and to a `NULL` pointer in the case of no trailing colon. When passing this to our DWIM machinery, the empty string gets translated to "refs/heads/", which is simply wrong. Fix the problem by having the parsing machinery treat both cases the same for fetch refspecs.
0bd77401	2016-04-21T11:05:21	clone test: annotate unused vars
0d72f67f	2016-03-14T17:36:04	proxy: don't specify the protocol in the type We leave this up to the scheme in the url field. The type should only tell us about whether we want a proxy and whether we want to auto-detect it.
b117721d	2015-07-29T21:23:56	proxy: use poxy to test our Windows proxy support
07bd3e57	2015-05-07T12:57:56	proxy: ask the user for credentials if necessary
c577efbb	2016-03-14T12:41:41	Use general cl_git_fail because the error is generic
fa72d6da	2016-03-14T12:02:00	Setup better defaults for OpenSSL ciphers This ensures that when using OpenSSL a safe default set of ciphers is selected. This is done so that the client communicates securely and we don't accidentally enable unsafe ciphers like RC4, or even worse some old export ciphers. Implements the first part of https://github.com/libgit2/libgit2/issues/3682
505e4531	2015-10-30T13:53:53	Fix build for unit test If none of GIT_OPENSSL, GIT_WINHTTP or GIT_SECURE_TRANSPORT is defined we should also be able to build the unit test.
72b7c570	2015-09-30T09:17:18	Merge pull request #3411 from spraints/custom-push-headers Include custom HTTP headers
53a28705	2015-09-27T22:48:39	net: add tests against badssl.com These provide bad X.509 certificates, which we should refuse to connect to by default.
dfe2856d	2015-09-18T12:06:55	Fix a couple of warnings
1af5aecb	2015-09-13T05:38:29	push: put the git_oid inline in the test structure These are small pieces of data, so there is no advantage to allocating them separately. Include the two ids inline in the struct we use to check that the expected and actual ids match.
3245896b	2015-09-10T13:18:26	Add a test for custom header validation Also, some custom headers actually are valid.
4f2b6093	2015-09-08T13:53:41	Tell the git_transport about the custom_headers
e069c621	2015-07-02T09:25:48	git__getenv: utf-8 aware env reader Introduce `git__getenv` which is a UTF-8 aware `getenv` everywhere. Make `cl_getenv` use this to keep consistent memory handling around return values (free everywhere, as opposed to only some platforms).
352ee171	2015-06-12T12:45:49	clone: set the credentials callback during testing
0f69b41d	2015-06-12T12:25:25	push: pass the callbacks during setup as well We need to pass these options in order to have the credentials callback set.
2c8550f0	2015-05-29T19:38:11	Merge pull request #3157 from mgorny/ssh_memory_auth Support getting SSH keys from memory, pt. 2
8085adf8	2015-05-27T18:44:40	test: Add a test for in-memory SSH private key cred_cb
7b5ce2e5	2015-05-14T09:33:54	clone: don't rely on auto-saving for single-branch The code used to rely on the clone code calling the remote's save, which does not happen anymore, meaning that the configuration settings the remote expected were not being written to disk. The run-time configuration was still being affected, so the right branch was being cloned. The tests continued to pass as we did not check for the configuration entires. Fix this by creating the remote with the single-branch refspec we want and checking for its existence in the configuration.
77254990	2015-04-23T06:51:34	remote: remove live changing of refspecs The base refspecs changing can be a cause of confusion as to what is the current base refspec set and complicate saving the remote's configuration. Change `git_remote_add_{fetch,push}()` to update the configuration instead of an instance. This finally makes `git_remote_save()` a no-op, it will be removed in a later commit.
35a8a8c5	2015-04-22T17:29:20	remote: move the tagopt setting to the fetch options This is another option which we should not be keeping in the remote, but is specific to each particular operation.
3eff2a57	2015-04-22T16:11:10	remote: move the update_fetchhead setting to the options While this will rarely be different from the default, having it in the remote adds yet another setting it has to keep around and can affect its behaviour. Move it to the options.
058b753c	2015-04-22T15:45:21	remote: move the transport ctor to the callbacks Instead of having it set in a different place from every other callback, put it the main structure. This removes some state from the remote and makes it behave more like clone, where the constructors are passed via the options.
8f0104ec	2015-04-21T22:10:36	Remove the callbacks struct from the remote Having the setting be different from calling its actions was not a great idea and made for the sake of the wrong convenience. Instead of that, accept either fetch options, push options or the callbacks when dealing with the remote. The fetch options are currently only the callbacks, but more options will be moved from setters and getters on the remote to the options. This does mean passing the same struct along the different functions but the typical use-case will only call git_remote_fetch() or git_remote_push() and so won't notice much difference.
cbe8a61d	2015-05-01T11:28:54	Merge pull request #3059 from libgit2/cmn/negotiation-notify [WIP/RFC] push: report the update plan to the caller
fc6f044e	2015-04-21T20:02:24	Fix for Issue #3023 tests fail with no network Moved offending tests from network to online so they will get skipped when there is a lack of network connectivity: -test_online_remotes__single_branch -test_online_remotes__restricted_refspecs
efc2fec5	2015-04-19T00:55:00	push: report the update plan to the caller It can be useful for the caller to know which update commands will be sent to the server before the packfile is pushed up. git does this via the pre-push hook. We don't have hooks, but as it adds introspection into what is happening, we can add a callback which performs the same function.
29e7ae5d	2015-03-16T19:39:05	Add failing test for cert callback with non-ecrypted stream When we have an HTTP stream and have set the certificatre check callback, we currently fail as we ask the unencrypted stream for its certificate.
e5e2c11d	2015-03-13T17:52:07	Put back the number of expected references to 6 from the test repo This was but down to 5 when GitHub made a change to their server which made them stop honouring the include-tag request. This has recently been corrected, so we can bring it back up to six.
412a3808	2015-01-15T15:31:23	push: remove reflog message override We always use "update by push".
659cf202	2015-01-07T12:23:05	Remove the signature from ref-modifying functions The signature for the reflog is not something which changes dynamically. Almost all uses will be NULL, since we want for the repository's default identity to be used, making it noise. In order to allow for changing the identity, we instead provide git_repository_set_ident() and git_repository_ident() which allow a user to override the choice of signature.
6c9e86ad	2015-02-14T10:46:41	clone: drop now unnecessary SAFE_CREATE
fe794b2e	2014-12-16T08:57:05	remote: remove git_push from the public API Instead we provide git_remote_upload() and git_remote_update_tips() in order to have a parallel API for fetching and pushing.
21083a71	2014-12-06T03:12:04	notes: move the notes name argument Make it consistent between git_note_create() and git_note_remote() by putting it after the repository.
1ca61bdc	2014-11-19T20:53:25	fetch: clear the connection data on close When we fetch twice with the same remote object, we did not properly clear the connection flags, so we would leak state from the last connection. This can cause the second fetch with the same remote object to fail if using a HTTP URL where the server redirects to HTTPS, as the second fetch would see `use_ssl` set and think the initial connection wanted to downgrade the connection.
45301cca	2014-11-18T11:44:59	Merge pull request #2608 from libgit2/cmn/remote-push Provide a convenience function `git_remote_push()`
7f1b73b7	2014-11-17T17:03:55	Merge pull request #2693 from libgit2/cmn/push-refspec-refactor push: use the common refspec parser
aad638f3	2014-11-07T15:00:11	push: use the common refspec parser There is one well-known and well-tested parser which we should use, instead of implementing parsing a second time. The common parser is also augmented to copy the LHS into the RHS if the latter is empty. The expressions test had to change a bit, as we now catch a bad RHS of a refspec locally.

f0e693b1

2021-09-07T17:53:49

str: introduce `git_str` for internal, `git_buf` is external libgit2 has two distinct requirements that were previously solved by `git_buf`. We require: 1. A general purpose string class that provides a number of utility APIs for manipulating data (eg, concatenating, truncating, etc). 2. A structure that we can use to return strings to callers that they can take ownership of. By using a single class (`git_buf`) for both of these purposes, we have confused the API to the point that refactorings are difficult and reasoning about correctness is also difficult. Move the utility class `git_buf` to be called `git_str`: this represents its general purpose, as an internal string buffer class. The name also is an homage to Junio Hamano ("gitstr"). The public API remains `git_buf`, and has a much smaller footprint. It is generally only used as an "out" param with strict requirements that follow the documentation. (Exceptions exist for some legacy APIs to avoid breaking callers unnecessarily.) Utility functions exist to convert a user-specified `git_buf` to a `git_str` so that we can call internal functions, then converting it back again.

3c0f14cc

2021-09-01T20:34:28

remote: refactor proxy detection Update the proxy detection for a remote. 1. Honor `http.<url>.proxy` syntax for a remote's direct URL and parent URLs. 2. Honor an empty configuration URL to override a proxy configuration. Add tests to ensure that configuration specificity is honored.

e5a32774

2021-02-11T22:53:16

Add NO_PROXY env support Item 2 of 3 from #4164 Signed-off-by: Mathieu Parent <math.parent@gmail.com>

16a2e667

2021-08-29T22:53:28

Merge pull request #6012 from libgit2/ethomson/custom_url remote: introduce remote_ready_cb, deprecate resolve_url callback

0e047268

2021-08-25T18:01:34

opts: test GIT_OPT_SET_SSL_CERT_LOCATIONS Include a self-signed certificate for test.libgit2.org:1443 that we can use to verify that GIT_OPT_SET_SSL_CERT_LOCATIONS works.

72df17c6

2021-08-27T10:59:51

remote: introduce git_remote_ready_cb Introduce a new callback that fires when the remote is ready to connect.

bea1b024

2021-06-16T10:32:46

Add test for fetch proxy memleak

592a3252

2021-03-01T11:00:37

winhttp: test proxy https clone

589b8129

2020-12-14T10:43:07

badssl: RC4 should not fail with ECERTIFICATE Using RC4 is not a _certificate_ problem, it's a cipher problem. The SSL implementation should and will fail with an unrecoverable error (-1). There's no opportunity to accept/continue.

89ffa98e

2017-11-18T15:51:08

badssl: re-enable RC4 test This used to fail with an error indicating a mis-use of OpenSSL on platforms using it due to poor error handling. Re-enable it even if this isn't the right error code to use for now.

b52bb4d4

2020-10-11T13:20:52

refs: use git_reference_name_is_valid

c837bff1

2020-10-05T11:03:39

clone: test that the origin HEAD is created Ensure that we created `refs/remotes/origin/HEAD` when cloning, a symbolic link pointing to `refs/remotes/origin/<default>`

53a8f463

2020-06-03T07:40:59

Merge pull request #5536 from libgit2/ethomson/http httpclient: support googlesource

51eff5a5

2020-05-29T13:13:19

strarray: we should `dispose` instead of `free` We _dispose_ the contents of objects; we _free_ objects (and their contents). Update `git_strarray_free` to be `git_strarray_dispose`. `git_strarray_free` remains as a deprecated proxy function.

b7bdb071

2020-05-30T15:21:48

online::clone: test a googlesource URL Google Git (googlesource.com) behaves differently than git proper. Test that we can communicate with it.

46228d86

2020-02-06T11:10:27

transports: http: fix custom headers not being applied In commit b9c5b15a7 (http: use the new httpclient, 2019-12-22), the HTTP code got refactored to extract a generic HTTP client that operates independently of the Git protocol. Part of refactoring was the creation of a new `git_http_request` struct that encapsulates the generation of requests. Our Git-specific HTTP transport was converted to use that in `generate_request`, but during the process we forgot to set up custom headers for the `git_http_request` and as a result we do not send out these headers anymore. Fix the issue by correctly setting up the request's custom headers and add a test to verify we correctly send them.

93a9044f

2020-01-31T08:49:34

fetchhead: strip credentials from remote URL If fetching from an anonymous remote via its URL, then the URL gets written into the FETCH_HEAD reference. This is mainly done to give valuable context to some commands, like for example git-merge(1), which will put the URL into the generated MERGE_MSG. As a result, what gets written into FETCH_HEAD may become public in some cases. This is especially important considering that URLs may contain credentials, e.g. when cloning 'https://foo:bar@example.com/repo' we persist the complete URL into FETCH_HEAD and put it without any kind of sanitization into the MERGE_MSG. This is obviously bad, as your login data has now just leaked as soon as you do git-push(1). When writing the URL into FETCH_HEAD, upstream git does strip credentials first. Let's do the same by trying to parse the remote URL as a "real" URL, removing any credentials and then re-formatting the URL. In case this fails, e.g. when it's a file path or not a valid URL, we just fall back to using the URL as-is without any sanitization. Add tests to verify our behaviour.

3f54ba8b

2020-01-18T13:51:40

credential: change git_cred to git_credential We avoid abbreviations where possible; rename git_cred to git_credential. In addition, we have standardized on a trailing `_t` for enum types, instead of using "type" in the name. So `git_credtype_t` has become `git_credential_t` and its members have become `GIT_CREDENTIAL` instead of `GIT_CREDTYPE`. Finally, the source and header files have been renamed to `credential` instead of `cred`. Keep previous name and values as deprecated, and include the new header files from the previous ones.

bf55facf

2019-10-25T12:24:34

tests: allow users to use expect/continue

fe4efe2e

2019-12-03T10:17:30

tests: test that clone returns 4321 This conditional was backwards. We should instead test that clone returns 4321, not that 4321 returns clone.

0005c77a

2019-11-24T15:49:49

test: add an azure repos test We currently talk to Azure Repos for executing an online test (online::clone::path_whitespace). Add a simpler test to talk to Azure Repos to make it obvious that strange test failures are not likely the whitespace in the path, but actually a function of talking to Azure Repos itself.

62b80138

2019-08-13T09:10:10

clone: Remove whitespace ssh test Will add later when infrastructure is configured

b15e7f2d

2019-08-12T09:56:51

clone: Update whitespace test url

42ea2f95

2019-07-25T13:15:10

clone: whitespace in url ssh test

1748f92c

2019-07-24T16:36:45

clone: whitespace in url test

e54343a4

2019-06-29T09:17:32

fileops: rename to "futils.h" to match function signatures Our file utils functions all have a "futils" prefix, e.g. `git_futils_touch`. One would thus naturally guess that their definitions and implementation would live in files "futils.h" and "futils.c", respectively, but in fact they live in "fileops.h". Rename the files to match expectations.

e48dbdf9

2019-05-20T05:51:44

fetchhead: use size_t in tests

3d11b6c5

2019-03-11T20:36:09

winhttp: support default credentials for proxies We did not properly support default credentials for proxies, only for destination servers. Refactor the credential handling to support sending either username/password _or_ default credentials to either the proxy or the destination server. This actually shares the authentication logic between proxy servers and destination servers. Due to copy/pasta drift over time, they had diverged. Now they share a common logic which is: first, use credentials specified in the URL (if there were any), treating empty username and password (ie, "http://:@foo.com/") as default credentials, for compatibility with git. Next, call the credential callbacks. Finally, fallback to WinHTTP compatibility layers using built-in authentication like we always have. Allowing default credentials for proxies requires moving the security level downgrade into the credential setting routines themselves. We will update our security level to "high" by default which means that we will never send default credentials without prompting. (A lower setting, like the WinHTTP default of "medium" would allow WinHTTP to handle credentials for us, despite what a user may have requested with their structures.) Now we start with "high" and downgrade to "low" only after a user has explicitly requested default credentials.

757411a0

2019-03-11T12:56:09

network: don't add arbitrary url rules There's no reason a git repository couldn't be at the root of a server, and URLs should have an implicit path of '/' when one is not specified.

e66a4eb3

2019-06-05T14:19:14

online tests: use gitlab for auth failures GitHub recently changed their behavior from returning 401s for private or nonexistent repositories on a clone to returning 404s. For our tests that require an auth failure (and 401), move to GitLab to request a missing repository. This lets us continue to test our auth failure case, at least until they decide to mimic that decision.

59647e1a

2019-04-08T15:54:25

remote: add callback to resolve URLs before connecting Since libssh2 doesn't read host configuration from the config file, this callback can be used to hand over URL resolving to the client without touching the SSH implementation itself.

a1ef995d

2019-02-21T10:33:30

indexer: use git_indexer_progress throughout Update internal usage of `git_transfer_progress` to `git_indexer_progreses`.

f673e232

2018-12-27T13:47:34

git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.

ed8cfbf0

2019-01-17T00:32:31

references: use new names in internal usage Update internal usage to use the `git_reference` names for constants.

35d86c77

2019-01-14T10:14:36

proxy: fix crash on remote connection with GIT_PROXY_AUTO but no proxy is detected

45054732

2018-10-29T10:45:59

tests: optionally ignore https cert validation For testing, we may wish to use a man-in-the-middle proxy that can inspect the CONNECT traffic to our test endpoints. For this, we will need to accept the proxy's certificate, which will not be valid for the true endpoint. Add a new environment variable, GITTEST_REMOTE_SSL_NOVERIFY to disable https certificate validation for the tests.

6ba3e6af

2018-11-18T21:53:48

proxy tests: rename credential callback Rename credential callback to proxy_cred_cb to match new cert callback.

394ae7e1

2018-10-22T17:35:35

proxy tests: support self-signed proxy cert Give the proxy tests a proxy certificate callback, and allow self-signed certificates when the `GITTEST_REMOTE_PROXY_SELFSIGNED` environment variable is set (to anything). In that case, simply compare the hostname from the callback to the hostname that we connected to.

4ecc14cd

2018-10-21T23:47:53

tests: support optional PROXY_SCHEME As we want to support HTTPS proxies, support an optional `GITTEST_REMOTE_PROXY_SCHEME` environment variable for tests that will allow for HTTPS support. (When unset, the tests default to HTTP proxies.)

de60d9b4

2018-10-21T21:00:37

tests: PROXY_URL is more accurately PROXY_HOST Change the `GITTEST_REMOTE_PROXY_URL` environment variable to be `GITTEST_REMOTE_PROXY_HOST`, since it is a host:port combination, not an actual URL. (We cannot use a URL here since we may want to include the username:password combination in the constructed URL.)

e84914fd

2018-09-20T20:11:36

online::clone: free url and username before resetting Before resetting the url and username, ensure that we free them in case they were set by environment variables.

d285de73

2018-07-20T21:52:24

push tests: deeply free the specs Don't just free the spec vector, also free the specs themselves.

dad99881

2018-07-20T21:51:36

push tests: deeply free the push status Don't just free the push status structure, actually free the strings that were strdup'd into the struct as well.

ecf4f33a

2018-02-08T11:14:48

Convert usage of `git_buf_free` to new `git_buf_dispose`

fd634019

2018-04-16T15:42:35

Merge pull request #4556 from libgit2/ethomson/proxy_pass_in_env online::clone: validate user:pass in HTTP_PROXY

54bf4d14

2018-03-20T07:47:27

online tests: update auth for bitbucket test Update the settings to use a specific read-only token for accessing our test repositories in Bitbucket.

03c58778

2018-03-19T09:20:35

online::clone: skip creds fallback test At present, we have three online tests against bitbucket: one which specifies the credentials in the payload, one which specifies the correct credentials in the URL and a final one that specifies the incorrect credentials in the URL. Bitbucket has begun responding to the latter test with a 403, which causes us to fail. Break these three tests into separate tests so that we can skip the latter until this is resolved on Bitbucket's end or until we can change the test to a different provider.

e380eae0

2018-02-28T16:10:53

online::clone: validate user:pass in HTTP_PROXY Validate using the http://user:pass@host/ format in HTTP_PROXY and HTTPS_PROXY environment variables.

820fb712

2018-01-18T07:48:28

tests: online::clone: fix memory leak due to not freeing URL

54a1bf05

2017-06-07T13:06:53

tests: online::clone: inline creds-test with nonexistent URL Right now, we test our credential callback code twice, once via SSH on localhost and once via a non-existent GitHub repository. While the first URL makes sense to be configurable, it does not make sense to hard-code the non-existing repository, which requires us to call tests multiple times. Instead, we can just inline the URL into another set of tests.

fea60920

2017-06-07T12:48:48

tests: online::clone: construct credential-URL from environment We support two types of passing credentials to the proxy, either via the URL or explicitly by specifying user and password. We test these types by modifying the proxy URL and executing the tests twice, which is in fact unnecessary and requires us to maintain the list of environment variables and test executions across multiple CI infrastructures. To fix the situation, we can just always pass the host, port, user and password to the tests. The tests can then assemble the complete URL either with or without included credentials, allowing us to test both cases in-process.

fb585d01

2017-07-31T00:58:58

Merge branch '4233'

c2c95ad0

2017-04-26T13:16:18

tests: online::clone: use URL of test server All our tests running against a local SSH server usually read the server's URL from environment variables. But online::clone::ssh_cert test fails to do so and instead always connects to "ssh://localhost/foo". This assumption breaks whenever the SSH server is not running on the standard port, e.g. when it is running as a user. Fix the issue by using the URL provided by the environment.

9364f274

2017-05-05T09:40:38

remote: test creating and fetching detached remotes

34b79391

2017-05-05T09:14:20

tests: online::remotes: add defines for URL and refspec The repository URL is duplicated several times and can be de-duplicated like this. Furthermore, exchange the static refspec variable with a define to reduce BSS size.

8897f8fe

2017-05-05T09:47:54

remote: reject various actions for detached remotes There are only few actions which actually make sense for a detached remote, like e.g. `git_remote_ls`, `git_remote_prune`. For all the other actions, we have to report an error when the remote has no repository attached to it. This commit does so and implements some tests.

a4de1ae3

2017-04-25T10:14:19

cmake: define GIT_HTTPS when HTTPS is supported

2ac57aa8

2017-01-09T17:53:21

https: don't test that RC4 is invalid None of our crypto backends actually reject RC4 as a cipher so don't test for it and instead keep it as something we'd like to do.

3829ba2e

2017-01-09T17:50:17

http: correct the expected error for RC4 We must make sure that we're getting a certificate error from the library so we know that we're testing the right thing.

98d66240

2017-01-06T10:51:31

http: perform 'badssl' check also via certificate callback Make sure that the callbacks do also get a 'valid' value of zero when the certificate we're looking at is in valid and assert that within the test.

30a876cd

2016-10-27T11:29:15

tests: fetchhead: fix memory leak

1eee631d

2016-08-04T13:45:28

refspec: do not set empty rhs for fetch refspecs According to git-fetch(1), "[t]he colon can be omitted when <dst> is empty." So according to git, the refspec "refs/heads/master" is the same as the refspec "refs/heads/master:" when fetching changes. When trying to fetch from a remote with a trailing colon with libgit2, though, the fetch actually fails while it works when the trailing colon is left out. So obviously, libgit2 does _not_ treat these two refspec formats the same for fetches. The problem results from parsing refspecs, where the resulting refspec has its destination set to an empty string in the case of a trailing colon and to a `NULL` pointer in the case of no trailing colon. When passing this to our DWIM machinery, the empty string gets translated to "refs/heads/", which is simply wrong. Fix the problem by having the parsing machinery treat both cases the same for fetch refspecs.

0bd77401

2016-04-21T11:05:21

clone test: annotate unused vars

0d72f67f

2016-03-14T17:36:04

proxy: don't specify the protocol in the type We leave this up to the scheme in the url field. The type should only tell us about whether we want a proxy and whether we want to auto-detect it.

b117721d

2015-07-29T21:23:56

proxy: use poxy to test our Windows proxy support

07bd3e57

2015-05-07T12:57:56

proxy: ask the user for credentials if necessary

c577efbb

2016-03-14T12:41:41

Use general cl_git_fail because the error is generic

fa72d6da

2016-03-14T12:02:00

Setup better defaults for OpenSSL ciphers This ensures that when using OpenSSL a safe default set of ciphers is selected. This is done so that the client communicates securely and we don't accidentally enable unsafe ciphers like RC4, or even worse some old export ciphers. Implements the first part of https://github.com/libgit2/libgit2/issues/3682

505e4531

2015-10-30T13:53:53

Fix build for unit test If none of GIT_OPENSSL, GIT_WINHTTP or GIT_SECURE_TRANSPORT is defined we should also be able to build the unit test.

72b7c570

2015-09-30T09:17:18

Merge pull request #3411 from spraints/custom-push-headers Include custom HTTP headers

53a28705

2015-09-27T22:48:39

net: add tests against badssl.com These provide bad X.509 certificates, which we should refuse to connect to by default.

dfe2856d

2015-09-18T12:06:55

Fix a couple of warnings

1af5aecb

2015-09-13T05:38:29

push: put the git_oid inline in the test structure These are small pieces of data, so there is no advantage to allocating them separately. Include the two ids inline in the struct we use to check that the expected and actual ids match.

3245896b

2015-09-10T13:18:26

Add a test for custom header validation Also, *some* custom headers actually are valid.

4f2b6093

2015-09-08T13:53:41

Tell the git_transport about the custom_headers

e069c621

2015-07-02T09:25:48

git__getenv: utf-8 aware env reader Introduce `git__getenv` which is a UTF-8 aware `getenv` everywhere. Make `cl_getenv` use this to keep consistent memory handling around return values (free everywhere, as opposed to only some platforms).

352ee171

2015-06-12T12:45:49

clone: set the credentials callback during testing

0f69b41d

2015-06-12T12:25:25

push: pass the callbacks during setup as well We need to pass these options in order to have the credentials callback set.

2c8550f0

2015-05-29T19:38:11

Merge pull request #3157 from mgorny/ssh_memory_auth Support getting SSH keys from memory, pt. 2

8085adf8

2015-05-27T18:44:40

test: Add a test for in-memory SSH private key cred_cb

7b5ce2e5

2015-05-14T09:33:54

clone: don't rely on auto-saving for single-branch The code used to rely on the clone code calling the remote's save, which does not happen anymore, meaning that the configuration settings the remote expected were not being written to disk. The run-time configuration was still being affected, so the right branch was being cloned. The tests continued to pass as we did not check for the configuration entires. Fix this by creating the remote with the single-branch refspec we want and checking for its existence in the configuration.

77254990

2015-04-23T06:51:34

remote: remove live changing of refspecs The base refspecs changing can be a cause of confusion as to what is the current base refspec set and complicate saving the remote's configuration. Change `git_remote_add_{fetch,push}()` to update the configuration instead of an instance. This finally makes `git_remote_save()` a no-op, it will be removed in a later commit.

35a8a8c5

2015-04-22T17:29:20

remote: move the tagopt setting to the fetch options This is another option which we should not be keeping in the remote, but is specific to each particular operation.

3eff2a57

2015-04-22T16:11:10

remote: move the update_fetchhead setting to the options While this will rarely be different from the default, having it in the remote adds yet another setting it has to keep around and can affect its behaviour. Move it to the options.

058b753c

2015-04-22T15:45:21

remote: move the transport ctor to the callbacks Instead of having it set in a different place from every other callback, put it the main structure. This removes some state from the remote and makes it behave more like clone, where the constructors are passed via the options.

8f0104ec

2015-04-21T22:10:36

Remove the callbacks struct from the remote Having the setting be different from calling its actions was not a great idea and made for the sake of the wrong convenience. Instead of that, accept either fetch options, push options or the callbacks when dealing with the remote. The fetch options are currently only the callbacks, but more options will be moved from setters and getters on the remote to the options. This does mean passing the same struct along the different functions but the typical use-case will only call git_remote_fetch() or git_remote_push() and so won't notice much difference.

cbe8a61d

2015-05-01T11:28:54

Merge pull request #3059 from libgit2/cmn/negotiation-notify [WIP/RFC] push: report the update plan to the caller

fc6f044e

2015-04-21T20:02:24

Fix for Issue #3023 tests fail with no network Moved offending tests from network to online so they will get skipped when there is a lack of network connectivity: -test_online_remotes__single_branch -test_online_remotes__restricted_refspecs

efc2fec5

2015-04-19T00:55:00

push: report the update plan to the caller It can be useful for the caller to know which update commands will be sent to the server before the packfile is pushed up. git does this via the pre-push hook. We don't have hooks, but as it adds introspection into what is happening, we can add a callback which performs the same function.

29e7ae5d

2015-03-16T19:39:05

Add failing test for cert callback with non-ecrypted stream When we have an HTTP stream and have set the certificatre check callback, we currently fail as we ask the unencrypted stream for its certificate.

e5e2c11d

2015-03-13T17:52:07

Put back the number of expected references to 6 from the test repo This was but down to 5 when GitHub made a change to their server which made them stop honouring the include-tag request. This has recently been corrected, so we can bring it back up to six.

412a3808

2015-01-15T15:31:23

push: remove reflog message override We always use "update by push".

659cf202

2015-01-07T12:23:05

Remove the signature from ref-modifying functions The signature for the reflog is not something which changes dynamically. Almost all uses will be NULL, since we want for the repository's default identity to be used, making it noise. In order to allow for changing the identity, we instead provide git_repository_set_ident() and git_repository_ident() which allow a user to override the choice of signature.

6c9e86ad

2015-02-14T10:46:41

clone: drop now unnecessary SAFE_CREATE

fe794b2e

2014-12-16T08:57:05

remote: remove git_push from the public API Instead we provide git_remote_upload() and git_remote_update_tips() in order to have a parallel API for fetching and pushing.

21083a71

2014-12-06T03:12:04

notes: move the notes name argument Make it consistent between git_note_create() and git_note_remote() by putting it after the repository.

1ca61bdc

2014-11-19T20:53:25

fetch: clear the connection data on close When we fetch twice with the same remote object, we did not properly clear the connection flags, so we would leak state from the last connection. This can cause the second fetch with the same remote object to fail if using a HTTP URL where the server redirects to HTTPS, as the second fetch would see `use_ssl` set and think the initial connection wanted to downgrade the connection.

45301cca

2014-11-18T11:44:59

Merge pull request #2608 from libgit2/cmn/remote-push Provide a convenience function `git_remote_push()`

7f1b73b7

2014-11-17T17:03:55

Merge pull request #2693 from libgit2/cmn/push-refspec-refactor push: use the common refspec parser

aad638f3

2014-11-07T15:00:11

push: use the common refspec parser There is one well-known and well-tested parser which we should use, instead of implementing parsing a second time. The common parser is also augmented to copy the LHS into the RHS if the latter is empty. The expressions test had to change a bit, as we now catch a bad RHS of a refspec locally.

thodg/libgit2/tests/online

tests/online

Log