| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
| |
Introduce `git_fs_path`, which operates on generic filesystem paths.
`git_path` will be kept for only git-specific path functionality (for
example, checking for `.git` in a path).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libgit2 has two distinct requirements that were previously solved by
`git_buf`. We require:
1. A general purpose string class that provides a number of utility APIs
for manipulating data (eg, concatenating, truncating, etc).
2. A structure that we can use to return strings to callers that they
can take ownership of.
By using a single class (`git_buf`) for both of these purposes, we have
confused the API to the point that refactorings are difficult and
reasoning about correctness is also difficult.
Move the utility class `git_buf` to be called `git_str`: this represents
its general purpose, as an internal string buffer class. The name also
is an homage to Junio Hamano ("gitstr").
The public API remains `git_buf`, and has a much smaller footprint. It
is generally only used as an "out" param with strict requirements that
follow the documentation. (Exceptions exist for some legacy APIs to
avoid breaking callers unnecessarily.)
Utility functions exist to convert a user-specified `git_buf` to a
`git_str` so that we can call internal functions, then converting it
back again.
|
| |
|
|
| |
Make some syntax change to follow coding style.
|
| |
|
|
|
|
|
|
|
|
| |
Update the proxy detection for a remote.
1. Honor `http.<url>.proxy` syntax for a remote's direct URL and
parent URLs.
2. Honor an empty configuration URL to override a proxy configuration.
Add tests to ensure that configuration specificity is honored.
|
| |
|
|
|
|
| |
Item 2 of 3 from #4164
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
|
| |\
| |
| | |
Set Host Header to match CONNECT authority target
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Prior to this change, for CONNECT requests, the Host header was set to
the host and port of the target http proxy. However, per the rfc7230 for
HTTP/1.1 this is incorrect as the Host header should match the target of
the CONNECT request, as detailed in section 5.3.3 & 5.4.
5.3.3. authority-form
The authority-form of request-target is only used for CONNECT
requests (Section 4.3.6 of [RFC7231]).
authority-form = authority
When making a CONNECT request to establish a tunnel through one or
more proxies, a client MUST send only the target URI's authority
component (excluding any userinfo and its "@" delimiter) as the
request-target. For example,
CONNECT www.example.com:80 HTTP/1.1
5.4. Host
<snip>
A client MUST send a Host header field in all HTTP/1.1 request
messages. If the target URI includes an authority component, then a
client MUST send a field-value for Host that is identical to that
authority component, excluding any userinfo subcomponent and its "@"
delimiter (Section 2.7.1). If the authority component is missing or
undefined for the target URI, then a client MUST send a Host header
field with an empty field-value.
This issue was noticed when proxying requests through HAProxy 2.2 which
rejects these invalid http requests.
|
| | | |
|
| |\ \
| |/ |
|
| | |
| |
| |
| | |
The ntlmclient dependency can now dynamically load OpenSSL.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Attempt authentication when a username is presented but a password is
not; this can happen in particular when users are doing token
authentication and specifying the token in the URL itself. For example,
`https://token@host/` is a valid URI and should be treated as a username
of `token` with an empty password.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Makes usage of CLOCK_MONOTONIC conditional and makes functions that uses
git__timer handle clock resynchronization.
Call gettimeofday with tzp set to NULL as required by
https://pubs.opengroup.org/onlinepubs/9699919799/functions/gettimeofday.html
|
| | |\
| | |
| | | |
Fix memory leak in git_smart__connect
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The call to git_proxy_options_dup will replace the url pointer of the
proxy.
But if the url pointer is already set, the old address will be lost
forever and will never be free.
|
| | |/ |
|
| | |\
| | |
| | | |
Fix issues with Proxy Authentication after httpclient refactor
|
| | | | |
|
| | | | |
|
| | |/ |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
In some circumstances (e.g. when proxies are involved), winhttp will fail to reach the WINHTTP_CALLBACK_STATUS_SENDING_REQUEST phase. If this occurs, we'll error with ERROR_WINHTTP_INCORRECT_HANDLE_STATE when attempting to query the server certificate context (see https://docs.microsoft.com/en-us/windows/win32/api/winhttp/nf-winhttp-winhttpsendrequest#remarks).
To avoid this, verify that WinHttpSendRequest has reached the WINHTTP_CALLBACK_STATUS_SENDING_REQUEST phase before checking the certificate. Since we're using WinHTTP in synchronous mode, we know for sure that once WinHttpSendRequest returns we've either sent it successfully or not.
NOTE: WINHTTP_CALLBACK_STATUS_SENDING_REQUEST appears to be deprecated with no direct replacement. WINHTTP_CALLBACK_STATUS_SENDREQUEST_COMPLETE is only available in async mode, and there doesn't appear to be a method of querying this flag outside of the status callback.
|
| | | |
|
| | |\
| | |
| | | |
Handle ipv6 addresses
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
This allows the library to be built using a pre-1.9.0 version of libssh2.
|
| | |/
| |
| |
| | |
Specifically: ECDSA_256, ECDSA_384, ECDSA_521 and ED25519.
|
| | |\
| | |
| | | |
winhttp: support optional client cert
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
Clarify the `git_atomic` type and functions now that we have a 64 bit
version as well (`git_atomic64`).
|
| | | |
| | |
| | |
| | |
| | | |
`git_cert_x509` has the raw encoded certificate. Let's do the same for
the SSH certificate for symmetry.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
Provide a mechanism for system components to register for initialization
and shutdown of the libgit2 runtime.
|
| | | |
| | |
| | |
| | |
| | | |
Move the settings global data teardown into its own separate function,
instead of intermingled with the global state.
|
| | |\ \
| | | |
| | | | |
httpclient: only free challenges for current_server type
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Prior to this commit we freed both the server and proxy auth challenges
in git_http_client_read_response. This works when the proxy needs auth
or when the server needs auth, but it does not work when both the proxy
and the server need auth as we erroneously remove the server auth
challenge before we have added them as server credentials. Instead only
remove the challenges for the current_server type.
Co-authored-by: Stephen Gelman <ssgelm@gmail.com>
|
| | |\ \ \
| | | | |
| | | | | |
Fix typo: Make ifndef macroname the same as the define name
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| | |/ / /
| | | |
| | | |
| | | | |
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
cf. RFC7230 section 6.7, an Upgrade header in a normal response merely informs the client that the server supports upgrading to other protocols, and the client can ask for such an upgrade in a later request. The server requiring an upgrade is via the 426 Upgrade Required response code, not the mere presence of the Upgrade response header.
(closes issue #5573)
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When compiling libgit2 with -DDEPRECATE_HARD, we add a preprocessor
definition `GIT_DEPRECATE_HARD` which causes the "git2/deprecated.h"
header to be empty. As a result, no function declarations are made
available to callers, but the implementations are still available to
link against. This has the problem that function declarations also
aren't visible to the implementations, meaning that the symbol's
visibility will not be set up correctly. As a result, the resulting
library may not expose those deprecated symbols at all on some platforms
and thus cause linking errors.
Fix the issue by conditionally compiling deprecated functions, only.
While it becomes impossible to link against such a library in case one
uses deprecated functions, distributors of libgit2 aren't expected to
pass -DDEPRECATE_HARD anyway. Instead, users of libgit2 should manually
define GIT_DEPRECATE_HARD to hide deprecated functions. Using "real"
hard deprecation still makes sense in the context of CI to test we don't
use deprecated symbols ourselves and in case a dependant uses libgit2 in
a vendored way and knows it won't ever use any of the deprecated symbols
anyway.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
We've accumulated quite some functions which are never used outside of
their respective code unit, but which are lacking the `static` keyword.
Add it to reduce their linkage scope and allow the compiler to optimize
better.
|
| | |\ \
| | | |
| | | | |
httpclient: support googlesource
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The httpclient implementation keeps a `read_buf` that holds the data
in the body of the response after the headers have been written. We
store that data for subsequent calls to `git_http_client_read_body`. If
we want to stop reading body data and send another request, we need to
clear that cached data.
Clear the cached body data on new requests, just like we read any
outstanding data from the socket.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When `git_http_client_read_body` is invoked, it provides the size of the
buffer that can be read into. This will be set as the parser context's
`output_size` member. Use this as an upper limit on our reads, and
ensure that we do not read more than the client requests.
|
