kmx git

Commit	Date	Message
19475924	2015-08-25T00:39:58	Merge pull request #3355 from palmin/palmin/fix-2830 Include the 4 characters not recognised as hex-number in parse_len
57af0b92	2015-08-19T00:46:28	cred: add a free function wrapper
47ed7e5a	2015-08-18T20:55:59	transport: provide a way to get the callbacks libgit2 implementations of smart subtransports can simply reach through the structure, but external implementors cannot. Add these two functions as a way for the smart subtransports to get the callbacks as set by the user.
2d1d2bb5	2015-08-05T18:50:25	Include the 4 characters not recognised as hex-number when setting error in parse_len
252f86e1	2015-08-15T13:46:32	Merge pull request #3377 from dleehr/fix-push-cb Fix bug in git_smart__push: push_transfer_progress cb is only called at end
11bca2d2	2015-08-15T18:15:23	http: propagate the credentials callback's error code When we ask for credentials, the user may choose to return EUSER to indicate that an error has happened on its end and it wants to be given back control. We must therefore pass that back to the user instead of mentioning that it was on_headers_complete() that returned an error code. Since we can, we return the exact error code from the user (other than PASSTHROUGH) since it doesn't cost anything, though using other error codes aren't recommended.
b0b2c722	2015-08-13T22:52:52	Fix bug in git_smart__push: push_transfer_progress cb is never called The conditional checked cbs->transfer_progress then used the value in cbs->push_transfer_progress. In both cases it should be push_transfer_progress
ac728c24	2015-08-03T07:38:07	Handle ssh:// and git:// urls containing a '~' character. For such a path '/~/...' the leading '/' is stripped so the server will get a path starting with '~' and correctly handle it.
31a76374	2015-07-29T22:23:00	case-insensitive check for WWW-Authenticate header Fixes issue #3338
f861abad	2015-07-12T19:56:19	Merge branch 'portable-zu'
768f8be3	2015-06-30T19:00:41	Fix #3094 - improve use of portable size_t/ssize_t format specifiers. The header src/cc-compat.h defines portable format specifiers PRIuZ, PRIdZ, and PRIxZ. The original report highlighted the need to use these specifiers in examples/network/fetch.c. For this commit, I checked all C source and header files not in deps/ and transitioned to the appropriate format specifier where appropriate.
79698030	2015-06-29T22:51:18	git_cert: child types use proper base type
2f60073d	2015-06-30T21:40:20	Merge pull request #3273 from ethomson/warnings3 More warnings
1630981e	2015-06-30T09:03:23	http: fixed leak when asking for credentials again t->cred might have been allocated the previous time and needs to be freed before asking caller for credentials again.
0305721c	2015-06-30T14:23:41	winhttp: remove unused var
8b380060	2015-06-29T21:12:44	http: don't give up on auth on the first try When the server rejects an authentication request, ask the caller for the credentials again, instead of giving up on the first try.
8443f492	2015-06-11T16:57:04	curl: remove the encrypted param to the constructor We do not want libcurl to perform the TLS negotiation for us, so we don't need to pass this option.
f97d5d09	2015-06-11T16:54:48	http: ask for the curl stream for non-encrypted connections The TLS streams talk over the curl stream themselves, so we don't need to ask for it explicitly. Do so in the case of the non-encrypted one so we can still make use proxies in that case.
8762d721	2015-06-07T14:51:10	http: set the proxy if the stream supports it Of the built-in ones, only cURL support it, but there's no reason a user-provided stream wouldn't support it.
8dea1c21	2015-06-05T11:02:11	Implement a curl stream cURL has a mode in which it acts a lot like our streams, providing send and recv functions and taking care of the TLS and proxy setup for us. Implement a new stream which uses libcurl instead of raw sockets or the TLS libraries directly. This version does not support reporting certificates or proxies yet.
a166466c	2015-06-09T17:06:28	Merge pull request #3198 from libgit2/cmn/coverity A few fixes from Coverity
81be2f46	2015-06-09T16:01:29	ssh: move NULL check to the free function Let `ssh_stream_free()` take a NULL stream, as free functions should, and remove the check from the connection setup. The connection setup would not need the check anyhow, as we always have a stream by the time we reach this code.
fdb82dcd	2015-06-07T15:10:13	Merge pull request #3175 from git-up/build_warnings Fixed build warnings on Xcode 6.1
9f3c18e2	2015-06-02T08:36:15	Fixed build warnings on Xcode 6.1
d71e3b25	2015-06-02T10:23:54	Change error when running out of ssh agent keys
2629fc87	2015-05-24T22:33:55	cred: Check for null values when getting key from memory The public key field is optional and as such can take NULL. Account for that and do not call strlen() on NULL values. Also assert() for non-NULL values of username & private key.
f7142b5e	2015-05-24T18:38:47	cred: Declare GIT_CREDTYPE_SSH_MEMORY unconditionally Declare GIT_CREDTYPE_SSH_MEMORY to have consistent API independently of whether libgit2 was built with or without in-memory key passing support. Or rather, to have it at all since build-time definitions are not stored in headers.
08e6b875	2015-03-19T14:57:15	Return an error when ssh memory credentials are not supported. To not modify the external api.
7a8b8503	2015-03-17T09:19:15	Add support to read ssh keys from memory.
1396c381	2015-05-18T16:04:55	errors: add GIT_EEOF to indicate early EOF This can be used by tools to show mesages about failing to communicate with the server. The error message in this case will often contain the server's error message, as far as it managed to send anything.
e3435673	2015-05-18T15:51:55	ssh: read from stderr if stdout is empty When we fail to read from stdout, it's typically because the URL was wrong and the server process has sent some output over its stderr output. Read that output and set the error message to whatever we read from it.
7e9a240e	2015-05-14T21:33:55	Make "Early EOF" message start with lowercase
542a7de0	2015-05-14T17:26:09	local: plug a leak in the progress reporting
cd430bc7	2015-05-13T14:26:20	Merge pull request #3103 from libgit2/cmn/local-push-message Use the packbuilder in local push
8cec2b8a	2015-05-06T12:28:01	local: send the packbuilder progress via the sideband Set a callback for the packbuilder so we can send the sideband messages to the caller, formatting them as git would.
4a5b781a	2015-05-07T13:44:28	local: use the packbuilder to push Instead of copying each object individually, as we'd been doing, use the packbuilder which should be faster and give us some feedback. While performing this change, we can hook up the packbuilder's writing to the push progress so the caller knows how far along we are.
81c0fb08	2015-05-07T13:28:51	local: add clarification for non-bare push restriction
8f0104ec	2015-04-21T22:10:36	Remove the callbacks struct from the remote Having the setting be different from calling its actions was not a great idea and made for the sake of the wrong convenience. Instead of that, accept either fetch options, push options or the callbacks when dealing with the remote. The fetch options are currently only the callbacks, but more options will be moved from setters and getters on the remote to the options. This does mean passing the same struct along the different functions but the typical use-case will only call git_remote_fetch() or git_remote_push() and so won't notice much difference.
05259114	2015-04-21T20:16:48	push: remove own copy of callbacks The push object knows which remote it's associated with, and therefore does not need to keep its own copy of the callbacks stored in the remote. Remove the copy and simply access the callbacks struct within the remote.
7dd22538	2015-05-11T10:19:25	centralizing all IO buffer size values
24e53d2f	2015-03-19T09:55:20	Rename GIT_SSL to GIT_OPENSSL This is what it's meant all along, but now we actually have multiple implementations, it's clearer to use the name of the library.
6946a3be	2015-03-19T00:18:03	Abstract away the TLS stream implementation Instead, provide git_tls_stream_new() to ask for the most appropriate encrypted stream and use it in our HTTP transport.
6bb54cbf	2014-11-02T13:23:32	Add a SecureTransport TLS channel As an alternative to OpenSSL when we're on OS X. This one can actually take advantage of stacking the streams.
623fbd93	2015-04-10T11:38:07	Merge pull request #2974 from libgit2/cmn/clone-everything Make sure to pack referenced objects for non-branches
c5e07187	2015-03-24T14:03:51	Merge pull request #2990 from leoyanggit/custom_param Add a custom param to git_smart_subtransport_definition
aa7a4a50	2015-03-24T09:06:20	Merge pull request #2986 from tkelman/mingw_winhttp WinHTTP for MinGW
2a0f67f0	2015-03-21T21:48:03	git: make sure to close the network stream In case of a bad url or other error during the connection setup, we close the stream via free.
b631e0d9	2015-03-19T07:25:25	Use swprintf_s everywhere except mingw.org
142e5379	2015-03-17T12:49:33	Add a custom param to git_smart_subtransport_definition The smart transport has already take the payload param. For the sub transport a payload param is useful for the implementer.
c84a9dd2	2015-03-12T01:52:15	local: recusrively insert non-branch objects into the packfile When we insert e.g. a tag or tagged object into the packfile, we must make sure to insert any referenced objects as well, or we will have broken links. Use the recursive version of packfile insertion to make sure we send over not just the tagged object but also the objects it references.
7800048a	2015-03-17T10:06:50	Merge pull request #2972 from libgit2/cmn/pack-objects-walk [WIP] Smarter pack-building
3066026b	2014-08-26T11:18:33	Fix build on mingw-w64
8f426d7d	2014-06-09T11:43:25	Win32: Enable WinHTTP for MinGW
84d83b8e	2015-03-16T19:41:50	http: do not try to use the cert callback on unencrypted streams When the user has a certificate check callback set, we still have to check whether the stream we're using is even capable of providing a certificate. In the case of an unencrypted certificate, do not ask for it from the stream, and do not call the callback.
0ef54a63	2015-03-11T17:16:39	local: create pack with multiple threads The default behaviour for the packbuilder is to perform the work in a single thread, which is fine for the public API, but we currently have no way for a user to determine the number of threads to use when creating the packfile, which makes our clone behaviour over the filesystem quite a bit slower than what git offers. This is a very particular scenario, in which we avoid spawning git by being ourselves the server-side, so it's probably ok to auto-set the threading, as the upload-pack process would do if we were talking to git.
e68b31a1	2015-03-04T20:57:52	local: let the packbuilder perform smarter object insertion Currently we use the most naïve and inefficient method for figuring out which objects to send to the remote whereby we end up trying to insert subdirs which have not changed multiple times. Instead, make use of the packbuilder's built-in more efficient method which uses the walk to feed the object list and avoids inserting an object and its descendants.
e892b6a9	2015-03-03T17:23:01	http: enforce the credential types The user may decide to return any type of credential, including ones we did not say we support. Add a check to make sure the user returned an object of the right type and error out if not.
659cf202	2015-01-07T12:23:05	Remove the signature from ref-modifying functions The signature for the reflog is not something which changes dynamically. Almost all uses will be NULL, since we want for the repository's default identity to be used, making it noise. In order to allow for changing the identity, we instead provide git_repository_set_ident() and git_repository_ident() which allow a user to override the choice of signature.
f1453c59	2015-02-12T12:19:37	Make our overflow check look more like gcc/clang's Make our overflow checking look more like gcc and clang's, so that we can substitute it out with the compiler instrinsics on platforms that support it. This means dropping the ability to pass `NULL` as an out parameter. As a result, the macros also get updated to reflect this as well.
ec3b4d35	2015-02-11T11:20:05	Use `size_t` to hold size of arrays Use `size_t` to hold the size of arrays to ease overflow checking, lest we check for overflow of a `size_t` then promptly truncate by packing the length into a smaller type.
4aa664ae	2015-02-10T23:55:07	git_buf_grow_by: increase buf asize incrementally Introduce `git_buf_grow_by` to incrementally increase the size of a `git_buf`, performing an overflow calculation on the growth.
392702ee	2015-02-09T23:41:13	allocations: test for overflow of requested size Introduce some helper macros to test integer overflow from arithmetic and set error message appropriately.
6f73e026	2014-12-24T11:42:50	Plug some leaks
4fd2bda9	2014-12-16T10:25:45	local: send 'counting objects' output Pretend we have a git process at the other end by creating a similar progress output when inserting objects into the packbuilder.
cd305c2f	2014-12-10T11:30:28	Merge pull request #2678 from libgit2/cmn/io-stream Introduce stackable IO streams
a2fd56ab	2014-12-10T16:22:50	Fix a couple of compiler warnings
1b75c29e	2014-11-02T11:17:01	gitno: remove code which is no longer needed Most of the network-facing facilities have been copied to the socket and openssl streams. No code now uses these functions directly anymore, so we can now remove them.
4fd4341f	2014-11-02T10:52:03	ssh: use socket_stream to perform the connection Having an ssh stream would require extra work for stream capabilities we don't need anywhere else (oob auth and command execution) so for now let's move away from the gitno connection to use socket_stream. We can introduce an ssh stream interface if and as we need it.
b6f5464e	2014-11-01T21:35:06	Port HTTP(S) to the new stream API
02b4c1e2	2014-11-01T16:58:20	Port the TCP transport to the new stream API
ad2bf40a	2014-12-08T17:31:34	winhttp: plug some leaks
013924c1	2014-12-05T23:44:34	Merge pull request #2730 from libgit2/cmn/local-push Adjust the local transport for the common refspec parser
70d21742	2014-12-03T00:41:46	win32: clear connection data on close
d5c84f67	2014-11-23T21:34:45	local: adjust to the common refspec parser We no longer have NULL strings, but empty ones and duplicate the sides if necessar, so the first check will never do anything. While in the area, remove unnecessary ifs and early returns.
f7fcb18f	2014-11-23T14:12:54	Plug leaks Valgrind is now clean except for libssl and libgcrypt.
1ca61bdc	2014-11-19T20:53:25	fetch: clear the connection data on close When we fetch twice with the same remote object, we did not properly clear the connection flags, so we would leak state from the last connection. This can cause the second fetch with the same remote object to fail if using a HTTP URL where the server redirects to HTTPS, as the second fetch would see `use_ssl` set and think the initial connection wanted to downgrade the connection.
aad638f3	2014-11-07T15:00:11	push: use the common refspec parser There is one well-known and well-tested parser which we should use, instead of implementing parsing a second time. The common parser is also augmented to copy the LHS into the RHS if the latter is empty. The expressions test had to change a bit, as we now catch a bad RHS of a refspec locally.
334a0696	2014-10-26T17:36:14	Minor cleanup: Use defined no_check_cert_flags instead of C&P them again Signed-off-by: Sven Strickroth <email@cs-ware.de>
bc42479a	2014-10-13T15:43:03	Cleanup memory leak in ssh transport
369b0217	2014-10-13T13:34:15	Clean up various compiler warnings
e6e834a1	2014-09-18T12:23:07	Provide host name to certificate_check_cb Signed-off-by: Sven Strickroth <email@cs-ware.de>
14556cbf	2014-09-17T17:13:25	Merge pull request #2567 from cirosantilli/factor-41 Factor 40 and 41 constants from source.
4fe5b771	2014-09-16T13:35:36	winhttp: get rid of the cert ignore flag This brings us back in line with the other transports.
1e0aa105	2014-09-16T03:22:09	ssh: expose both hashes The user may have the data hashed as MD5 or SHA-1, so we should provide both types for consumption.
286369a8	2014-09-16T02:27:16	ssh: provide our own types for host key lengths Instead of using the libssh2 defines, provide our own, which eases usage as we do not need to check whether libgit2 was built with libssh2 or not.
0782fc43	2014-09-16T01:47:30	net: use only structs to pass information about cert Instead of spreading the data in function arguments, some of which aren't used for ssh and having a struct only for ssh, use a struct for both, using a common parent to pass to the callback.
0fef3899	2014-09-16T01:25:53	Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info
41698f22	2014-09-11T10:04:05	net: remove support for outright ignoring certificates This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.
7c8acc54	2014-08-30T14:26:57	winhttp: set ignore security flags on user command If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.
67c84e06	2014-08-30T14:04:57	winhttp: bring together request sending We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.
5f2cf732	2014-08-30T13:12:33	winhttp: only do certificate check for SSL If we're not using SSL, don't call the user's certificate check callback.
08545d36	2014-08-30T00:40:37	winhttp: credential check on successful connect On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
23ca0ad5	2014-08-29T21:25:13	Bring certificate check back to the normal return code Returning 0 lets the certificate check succeed. An error code is bubbled up to the user.
2f5864c5	2014-08-29T21:15:36	ssh: do ssh cert info before asking for credentials We know the host's key as soon as we connect, so we should perform the check as soon as we can, before we bother with the user's credentials.
17491f6e	2014-08-29T17:18:23	transport: always call the certificate check callback We should let the user decide whether to cancel the connection or not regardless of whether our checks have decided that the certificate is fine. We provide our own assessment to the callback to let the user fall back to our checks if they so desire.
ec1ce458	2014-08-10T17:06:53	http: send the DER-encoded cert to the callback Instead of the parsed data, we can ask OpenSSL to give us the DER-encoded version of the certificate, which the user can then parse and validate.
9b940586	2014-07-04T12:45:43	Provide a callback for certificate validation If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.
3b2cb2c9	2014-09-16T11:49:25	Factor 40 and 41 constants from source.
2dc399a8	2014-09-04T16:46:14	ssh: store error message immediately after a failed agent call When the call to the agent fails, we must retrieve the error message just after the function call, as other calls may overwrite it. As the agent authentication is the only one which has a teardown and there does not seem to be a way to get the error message from a stored error number, this tries to introduce some small changes to store the error from the agent. Clearing the error at the beginning of the loop lets us know whether the agent has already set the libgit2 error message and we should skip it, or if we should set it.
5cd81bb3	2014-09-03T01:01:25	Several CppCat warnings fixed

19475924

2015-08-25T00:39:58

Merge pull request #3355 from palmin/palmin/fix-2830 Include the 4 characters not recognised as hex-number in parse_len

57af0b92

2015-08-19T00:46:28

cred: add a free function wrapper

47ed7e5a

2015-08-18T20:55:59

transport: provide a way to get the callbacks libgit2 implementations of smart subtransports can simply reach through the structure, but external implementors cannot. Add these two functions as a way for the smart subtransports to get the callbacks as set by the user.

2d1d2bb5

2015-08-05T18:50:25

Include the 4 characters not recognised as hex-number when setting error in parse_len

252f86e1

2015-08-15T13:46:32

Merge pull request #3377 from dleehr/fix-push-cb Fix bug in git_smart__push: push_transfer_progress cb is only called at end

11bca2d2

2015-08-15T18:15:23

http: propagate the credentials callback's error code When we ask for credentials, the user may choose to return EUSER to indicate that an error has happened on its end and it wants to be given back control. We must therefore pass that back to the user instead of mentioning that it was on_headers_complete() that returned an error code. Since we can, we return the exact error code from the user (other than PASSTHROUGH) since it doesn't cost anything, though using other error codes aren't recommended.

b0b2c722

2015-08-13T22:52:52

Fix bug in git_smart__push: push_transfer_progress cb is never called The conditional checked cbs->transfer_progress then used the value in cbs->push_transfer_progress. In both cases it should be push_transfer_progress

ac728c24

2015-08-03T07:38:07

Handle ssh:// and git:// urls containing a '~' character. For such a path '/~/...' the leading '/' is stripped so the server will get a path starting with '~' and correctly handle it.

31a76374

2015-07-29T22:23:00

case-insensitive check for WWW-Authenticate header Fixes issue #3338

f861abad

2015-07-12T19:56:19

Merge branch 'portable-zu'

768f8be3

2015-06-30T19:00:41

Fix #3094 - improve use of portable size_t/ssize_t format specifiers. The header src/cc-compat.h defines portable format specifiers PRIuZ, PRIdZ, and PRIxZ. The original report highlighted the need to use these specifiers in examples/network/fetch.c. For this commit, I checked all C source and header files not in deps/ and transitioned to the appropriate format specifier where appropriate.

79698030

2015-06-29T22:51:18

git_cert: child types use proper base type

2f60073d

2015-06-30T21:40:20

Merge pull request #3273 from ethomson/warnings3 More warnings

1630981e

2015-06-30T09:03:23

http: fixed leak when asking for credentials again t->cred might have been allocated the previous time and needs to be freed before asking caller for credentials again.

0305721c

2015-06-30T14:23:41

winhttp: remove unused var

8b380060

2015-06-29T21:12:44

http: don't give up on auth on the first try When the server rejects an authentication request, ask the caller for the credentials again, instead of giving up on the first try.

8443f492

2015-06-11T16:57:04

curl: remove the encrypted param to the constructor We do not want libcurl to perform the TLS negotiation for us, so we don't need to pass this option.

f97d5d09

2015-06-11T16:54:48

http: ask for the curl stream for non-encrypted connections The TLS streams talk over the curl stream themselves, so we don't need to ask for it explicitly. Do so in the case of the non-encrypted one so we can still make use proxies in that case.

8762d721

2015-06-07T14:51:10

http: set the proxy if the stream supports it Of the built-in ones, only cURL support it, but there's no reason a user-provided stream wouldn't support it.

8dea1c21

2015-06-05T11:02:11

Implement a curl stream cURL has a mode in which it acts a lot like our streams, providing send and recv functions and taking care of the TLS and proxy setup for us. Implement a new stream which uses libcurl instead of raw sockets or the TLS libraries directly. This version does not support reporting certificates or proxies yet.

a166466c

2015-06-09T17:06:28

Merge pull request #3198 from libgit2/cmn/coverity A few fixes from Coverity

81be2f46

2015-06-09T16:01:29

ssh: move NULL check to the free function Let `ssh_stream_free()` take a NULL stream, as free functions should, and remove the check from the connection setup. The connection setup would not need the check anyhow, as we always have a stream by the time we reach this code.

fdb82dcd

2015-06-07T15:10:13

Merge pull request #3175 from git-up/build_warnings Fixed build warnings on Xcode 6.1

9f3c18e2

2015-06-02T08:36:15

Fixed build warnings on Xcode 6.1

d71e3b25

2015-06-02T10:23:54

Change error when running out of ssh agent keys

2629fc87

2015-05-24T22:33:55

cred: Check for null values when getting key from memory The public key field is optional and as such can take NULL. Account for that and do not call strlen() on NULL values. Also assert() for non-NULL values of username & private key.

f7142b5e

2015-05-24T18:38:47

cred: Declare GIT_CREDTYPE_SSH_MEMORY unconditionally Declare GIT_CREDTYPE_SSH_MEMORY to have consistent API independently of whether libgit2 was built with or without in-memory key passing support. Or rather, to have it at all since build-time definitions are not stored in headers.

08e6b875

2015-03-19T14:57:15

Return an error when ssh memory credentials are not supported. To not modify the external api.

7a8b8503

2015-03-17T09:19:15

Add support to read ssh keys from memory.

1396c381

2015-05-18T16:04:55

errors: add GIT_EEOF to indicate early EOF This can be used by tools to show mesages about failing to communicate with the server. The error message in this case will often contain the server's error message, as far as it managed to send anything.

e3435673

2015-05-18T15:51:55

ssh: read from stderr if stdout is empty When we fail to read from stdout, it's typically because the URL was wrong and the server process has sent some output over its stderr output. Read that output and set the error message to whatever we read from it.

7e9a240e

2015-05-14T21:33:55

Make "Early EOF" message start with lowercase

542a7de0

2015-05-14T17:26:09

local: plug a leak in the progress reporting

cd430bc7

2015-05-13T14:26:20

Merge pull request #3103 from libgit2/cmn/local-push-message Use the packbuilder in local push

8cec2b8a

2015-05-06T12:28:01

local: send the packbuilder progress via the sideband Set a callback for the packbuilder so we can send the sideband messages to the caller, formatting them as git would.

4a5b781a

2015-05-07T13:44:28

local: use the packbuilder to push Instead of copying each object individually, as we'd been doing, use the packbuilder which should be faster and give us some feedback. While performing this change, we can hook up the packbuilder's writing to the push progress so the caller knows how far along we are.

81c0fb08

2015-05-07T13:28:51

local: add clarification for non-bare push restriction

8f0104ec

2015-04-21T22:10:36

Remove the callbacks struct from the remote Having the setting be different from calling its actions was not a great idea and made for the sake of the wrong convenience. Instead of that, accept either fetch options, push options or the callbacks when dealing with the remote. The fetch options are currently only the callbacks, but more options will be moved from setters and getters on the remote to the options. This does mean passing the same struct along the different functions but the typical use-case will only call git_remote_fetch() or git_remote_push() and so won't notice much difference.

05259114

2015-04-21T20:16:48

push: remove own copy of callbacks The push object knows which remote it's associated with, and therefore does not need to keep its own copy of the callbacks stored in the remote. Remove the copy and simply access the callbacks struct within the remote.

7dd22538

2015-05-11T10:19:25

centralizing all IO buffer size values

24e53d2f

2015-03-19T09:55:20

Rename GIT_SSL to GIT_OPENSSL This is what it's meant all along, but now we actually have multiple implementations, it's clearer to use the name of the library.

6946a3be

2015-03-19T00:18:03

Abstract away the TLS stream implementation Instead, provide git_tls_stream_new() to ask for the most appropriate encrypted stream and use it in our HTTP transport.

6bb54cbf

2014-11-02T13:23:32

Add a SecureTransport TLS channel As an alternative to OpenSSL when we're on OS X. This one can actually take advantage of stacking the streams.

623fbd93

2015-04-10T11:38:07

Merge pull request #2974 from libgit2/cmn/clone-everything Make sure to pack referenced objects for non-branches

c5e07187

2015-03-24T14:03:51

Merge pull request #2990 from leoyanggit/custom_param Add a custom param to git_smart_subtransport_definition

aa7a4a50

2015-03-24T09:06:20

Merge pull request #2986 from tkelman/mingw_winhttp WinHTTP for MinGW

2a0f67f0

2015-03-21T21:48:03

git: make sure to close the network stream In case of a bad url or other error during the connection setup, we close the stream via free.

b631e0d9

2015-03-19T07:25:25

Use swprintf_s everywhere except mingw.org

142e5379

2015-03-17T12:49:33

Add a custom param to git_smart_subtransport_definition The smart transport has already take the payload param. For the sub transport a payload param is useful for the implementer.

c84a9dd2

2015-03-12T01:52:15

local: recusrively insert non-branch objects into the packfile When we insert e.g. a tag or tagged object into the packfile, we must make sure to insert any referenced objects as well, or we will have broken links. Use the recursive version of packfile insertion to make sure we send over not just the tagged object but also the objects it references.

7800048a

2015-03-17T10:06:50

Merge pull request #2972 from libgit2/cmn/pack-objects-walk [WIP] Smarter pack-building

3066026b

2014-08-26T11:18:33

Fix build on mingw-w64

8f426d7d

2014-06-09T11:43:25

Win32: Enable WinHTTP for MinGW

84d83b8e

2015-03-16T19:41:50

http: do not try to use the cert callback on unencrypted streams When the user has a certificate check callback set, we still have to check whether the stream we're using is even capable of providing a certificate. In the case of an unencrypted certificate, do not ask for it from the stream, and do not call the callback.

0ef54a63

2015-03-11T17:16:39

local: create pack with multiple threads The default behaviour for the packbuilder is to perform the work in a single thread, which is fine for the public API, but we currently have no way for a user to determine the number of threads to use when creating the packfile, which makes our clone behaviour over the filesystem quite a bit slower than what git offers. This is a very particular scenario, in which we avoid spawning git by being ourselves the server-side, so it's probably ok to auto-set the threading, as the upload-pack process would do if we were talking to git.

e68b31a1

2015-03-04T20:57:52

local: let the packbuilder perform smarter object insertion Currently we use the most naïve and inefficient method for figuring out which objects to send to the remote whereby we end up trying to insert subdirs which have not changed multiple times. Instead, make use of the packbuilder's built-in more efficient method which uses the walk to feed the object list and avoids inserting an object and its descendants.

e892b6a9

2015-03-03T17:23:01

http: enforce the credential types The user may decide to return any type of credential, including ones we did not say we support. Add a check to make sure the user returned an object of the right type and error out if not.

659cf202

2015-01-07T12:23:05

Remove the signature from ref-modifying functions The signature for the reflog is not something which changes dynamically. Almost all uses will be NULL, since we want for the repository's default identity to be used, making it noise. In order to allow for changing the identity, we instead provide git_repository_set_ident() and git_repository_ident() which allow a user to override the choice of signature.

f1453c59

2015-02-12T12:19:37

Make our overflow check look more like gcc/clang's Make our overflow checking look more like gcc and clang's, so that we can substitute it out with the compiler instrinsics on platforms that support it. This means dropping the ability to pass `NULL` as an out parameter. As a result, the macros also get updated to reflect this as well.

ec3b4d35

2015-02-11T11:20:05

Use `size_t` to hold size of arrays Use `size_t` to hold the size of arrays to ease overflow checking, lest we check for overflow of a `size_t` then promptly truncate by packing the length into a smaller type.

4aa664ae

2015-02-10T23:55:07

git_buf_grow_by: increase buf asize incrementally Introduce `git_buf_grow_by` to incrementally increase the size of a `git_buf`, performing an overflow calculation on the growth.

392702ee

2015-02-09T23:41:13

allocations: test for overflow of requested size Introduce some helper macros to test integer overflow from arithmetic and set error message appropriately.

6f73e026

2014-12-24T11:42:50

Plug some leaks

4fd2bda9

2014-12-16T10:25:45

local: send 'counting objects' output Pretend we have a git process at the other end by creating a similar progress output when inserting objects into the packbuilder.

cd305c2f

2014-12-10T11:30:28

Merge pull request #2678 from libgit2/cmn/io-stream Introduce stackable IO streams

a2fd56ab

2014-12-10T16:22:50

Fix a couple of compiler warnings

1b75c29e

2014-11-02T11:17:01

gitno: remove code which is no longer needed Most of the network-facing facilities have been copied to the socket and openssl streams. No code now uses these functions directly anymore, so we can now remove them.

4fd4341f

2014-11-02T10:52:03

ssh: use socket_stream to perform the connection Having an ssh stream would require extra work for stream capabilities we don't need anywhere else (oob auth and command execution) so for now let's move away from the gitno connection to use socket_stream. We can introduce an ssh stream interface if and as we need it.

b6f5464e

2014-11-01T21:35:06

Port HTTP(S) to the new stream API

02b4c1e2

2014-11-01T16:58:20

Port the TCP transport to the new stream API

ad2bf40a

2014-12-08T17:31:34

winhttp: plug some leaks

013924c1

2014-12-05T23:44:34

Merge pull request #2730 from libgit2/cmn/local-push Adjust the local transport for the common refspec parser

70d21742

2014-12-03T00:41:46

win32: clear connection data on close

d5c84f67

2014-11-23T21:34:45

local: adjust to the common refspec parser We no longer have NULL strings, but empty ones and duplicate the sides if necessar, so the first check will never do anything. While in the area, remove unnecessary ifs and early returns.

f7fcb18f

2014-11-23T14:12:54

Plug leaks Valgrind is now clean except for libssl and libgcrypt.

1ca61bdc

2014-11-19T20:53:25

fetch: clear the connection data on close When we fetch twice with the same remote object, we did not properly clear the connection flags, so we would leak state from the last connection. This can cause the second fetch with the same remote object to fail if using a HTTP URL where the server redirects to HTTPS, as the second fetch would see `use_ssl` set and think the initial connection wanted to downgrade the connection.

aad638f3

2014-11-07T15:00:11

push: use the common refspec parser There is one well-known and well-tested parser which we should use, instead of implementing parsing a second time. The common parser is also augmented to copy the LHS into the RHS if the latter is empty. The expressions test had to change a bit, as we now catch a bad RHS of a refspec locally.

334a0696

2014-10-26T17:36:14

Minor cleanup: Use defined no_check_cert_flags instead of C&P them again Signed-off-by: Sven Strickroth <email@cs-ware.de>

bc42479a

2014-10-13T15:43:03

Cleanup memory leak in ssh transport

369b0217

2014-10-13T13:34:15

Clean up various compiler warnings

e6e834a1

2014-09-18T12:23:07

Provide host name to certificate_check_cb Signed-off-by: Sven Strickroth <email@cs-ware.de>

14556cbf

2014-09-17T17:13:25

Merge pull request #2567 from cirosantilli/factor-41 Factor 40 and 41 constants from source.

4fe5b771

2014-09-16T13:35:36

winhttp: get rid of the cert ignore flag This brings us back in line with the other transports.

1e0aa105

2014-09-16T03:22:09

ssh: expose both hashes The user may have the data hashed as MD5 or SHA-1, so we should provide both types for consumption.

286369a8

2014-09-16T02:27:16

ssh: provide our own types for host key lengths Instead of using the libssh2 defines, provide our own, which eases usage as we do not need to check whether libgit2 was built with libssh2 or not.

0782fc43

2014-09-16T01:47:30

net: use only structs to pass information about cert Instead of spreading the data in function arguments, some of which aren't used for ssh and having a struct only for ssh, use a struct for both, using a common parent to pass to the callback.

0fef3899

2014-09-16T01:25:53

Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info

41698f22

2014-09-11T10:04:05

net: remove support for outright ignoring certificates This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.

7c8acc54

2014-08-30T14:26:57

winhttp: set ignore security flags on user command If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.

67c84e06

2014-08-30T14:04:57

winhttp: bring together request sending We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.

5f2cf732

2014-08-30T13:12:33

winhttp: only do certificate check for SSL If we're not using SSL, don't call the user's certificate check callback.

08545d36

2014-08-30T00:40:37

winhttp: credential check on successful connect On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.

23ca0ad5

2014-08-29T21:25:13

Bring certificate check back to the normal return code Returning 0 lets the certificate check succeed. An error code is bubbled up to the user.

2f5864c5

2014-08-29T21:15:36

ssh: do ssh cert info before asking for credentials We know the host's key as soon as we connect, so we should perform the check as soon as we can, before we bother with the user's credentials.

17491f6e

2014-08-29T17:18:23

transport: always call the certificate check callback We should let the user decide whether to cancel the connection or not regardless of whether our checks have decided that the certificate is fine. We provide our own assessment to the callback to let the user fall back to our checks if they so desire.

ec1ce458

2014-08-10T17:06:53

http: send the DER-encoded cert to the callback Instead of the parsed data, we can ask OpenSSL to give us the DER-encoded version of the certificate, which the user can then parse and validate.

9b940586

2014-07-04T12:45:43

Provide a callback for certificate validation If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.

3b2cb2c9

2014-09-16T11:49:25

Factor 40 and 41 constants from source.

2dc399a8

2014-09-04T16:46:14

ssh: store error message immediately after a failed agent call When the call to the agent fails, we must retrieve the error message just after the function call, as other calls may overwrite it. As the agent authentication is the only one which has a teardown and there does not seem to be a way to get the error message from a stored error number, this tries to introduce some small changes to store the error from the agent. Clearing the error at the beginning of the loop lets us know whether the agent has already set the libgit2 error message and we should skip it, or if we should set it.

5cd81bb3

2014-09-03T01:01:25

Several CppCat warnings fixed

thodg/libgit2/src/transports

src/transports

Log