delta/libgit2.git/src/transports/auth_negotiate.c, branch ethomson/test_https

str: introduce `git_str` for internal, `git_buf` is external

2021-10-17T13:49:01+00:00

libgit2 has two distinct requirements that were previously solved by
`git_buf`.  We require:

1. A general purpose string class that provides a number of utility APIs
   for manipulating data (eg, concatenating, truncating, etc).
2. A structure that we can use to return strings to callers that they
   can take ownership of.

By using a single class (`git_buf`) for both of these purposes, we have
confused the API to the point that refactorings are difficult and
reasoning about correctness is also difficult.

Move the utility class `git_buf` to be called `git_str`: this represents
its general purpose, as an internal string buffer class.  The name also
is an homage to Junio Hamano ("gitstr").

The public API remains `git_buf`, and has a much smaller footprint.  It
is generally only used as an "out" param with strict requirements that
follow the documentation.  (Exceptions exist for some legacy APIs to
avoid breaking callers unnecessarily.)

Utility functions exist to convert a user-specified `git_buf` to a
`git_str` so that we can call internal functions, then converting it
back again.

Merge branch 'main' into http-use-eauth

2021-08-30T01:29:14+00:00

transports: use GIT_ASSERT

2020-11-27T11:09:21+00:00

transports: use GIT_EAUTH for authentication failures

2020-02-07T18:06:28+00:00

When the failure is clearly an auth failure
(as opposed to possibly an auth failure),
use the error code GIT_EAUTH instead of GIT_ERROR.

While we're here, fix a typo and improve an error message.

Fixes #5389.

credential: change git_cred to git_credential

2020-01-26T18:39:41+00:00

We avoid abbreviations where possible; rename git_cred to
git_credential.

In addition, we have standardized on a trailing `_t` for enum types,
instead of using "type" in the name.  So `git_credtype_t` has become
`git_credential_t` and its members have become `GIT_CREDENTIAL` instead
of `GIT_CREDTYPE`.

Finally, the source and header files have been renamed to `credential`
instead of `cred`.

Keep previous name and values as deprecated, and include the new header
files from the previous ones.

gssapi: validate that we were requested Negotiate

2020-01-24T15:54:29+00:00

gssapi: dispose after completion for retry

2020-01-24T15:54:29+00:00

Disposal pattern; dispose on completion, allowing us to retry
authentication, which may happen on web servers that close
connection-based authenticated sessions (NTLM/SPNEGO) unexpectedly.

gssapi: delete half-built security context so auth can continue

2020-01-24T15:54:28+00:00

gssapi: correct incorrect case in error message

2020-01-24T15:54:28+00:00

gssapi: protect GSS_ERROR macro

2020-01-24T15:54:28+00:00

The GSS_ERROR(x) macro may expand to `(x & value)` on some
implementations, instead of `((x) & value)`.  This is the case on macOS,
which means that if we attempt to wrap an expression in that macro, like
`a = b`, then that would expand to `(a = b & value)`.

Since `&` has a higher precedence, this is not at all what we want, and
will set our result code to an incorrect value.  Evaluate the expression
then test it with `GSS_ERROR` independently to avoid this.