summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* git_libgit2_version: return an intethomson/no_voidEdward Thomson2020-01-242-2/+5
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* error functions: return an intEdward Thomson2020-01-242-6/+13
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* revwalk functions: return an intEdward Thomson2020-01-242-6/+15
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* mempack functions: return an intEdward Thomson2020-01-242-2/+5
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* repository functions: return an intEdward Thomson2020-01-242-10/+23
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* index functions: return an intEdward Thomson2020-01-242-8/+21
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* remote functions: return an intEdward Thomson2020-01-242-4/+10
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* tree functions: return an intEdward Thomson2020-01-242-4/+10
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* oid functions: return an intEdward Thomson2020-01-242-12/+23
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* git_attr_cache_flush: return an intEdward Thomson2020-01-242-2/+7
| | | | | Stop returning a void for functions, future-proofing them to allow them to fail.
* Merge pull request #5286 from libgit2/ethomson/gssapiEdward Thomson2020-01-2428-1576/+2846
|\ | | | | HTTP: Support Apache-based servers with Negotiate
| * http: introduce GIT_ERROR_HTTPethomson/gssapiEdward Thomson2020-01-244-57/+58
| | | | | | | | | | Disambiguate between general network problems and HTTP problems in error codes.
| * ci: add NTLM testsEdward Thomson2020-01-242-9/+51
| | | | | | | | | | | | Download poxygit, a debugging git server, and clone from it using NTLM, both IIS-style (with connection affinity) and Apache-style ("broken", requiring constant reauthentication).
| * httpclient: use defines for status codesEdward Thomson2020-01-243-14/+25
| |
| * trace: compare against an int valueEdward Thomson2020-01-241-1/+1
| | | | | | | | | | When tracing is disabled, don't let `git_trace__level` return a void, since that can't be compared against.
| * http: send probe packetsEdward Thomson2020-01-242-2/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we're authenticating with a connection-based authentication scheme (NTLM, Negotiate), we need to make sure that we're still connected between the initial GET where we did the authentication and the POST that we're about to send. Our keep-alive session may have not kept alive, but more likely, some servers do not authenticate the entire keep-alive connection and may have "forgotten" that we were authenticated, namely Apache and nginx. Send a "probe" packet, that is an HTTP POST request to the upload-pack or receive-pack endpoint, that consists of an empty git pkt ("0000"). If we're authenticated, we'll get a 200 back. If we're not, we'll get a 401 back, and then we'll resend that probe packet with the first step of our authentication (asking to start authentication with the given scheme). We expect _yet another_ 401 back, with the authentication challenge. Finally, we will send our authentication response with the actual POST data. This will allow us to authenticate without draining the POST data in the initial request that gets us a 401.
| * http: use the new httpclientEdward Thomson2020-01-242-1374/+407
| | | | | | | | | | Untangle the notion of the http transport from the actual http implementation. The http transport now uses the httpclient.
| * tests: allow users to use expect/continueEdward Thomson2020-01-243-0/+26
| |
| * httpclient: support expect/continueEdward Thomson2020-01-247-10/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | Allow users to opt-in to expect/continue handling when sending a POST and we're authenticated with a "connection-based" authentication mechanism like NTLM or Negotiate. If the response is a 100, return to the caller (to allow them to post their body). If the response is *not* a 100, buffer the response for the caller. HTTP expect/continue is generally safe, but some legacy servers have not implemented it correctly. Require it to be opt-in.
| * httpclient: support CONNECT proxiesEdward Thomson2020-01-242-76/+251
| | | | | | | | | | Fully support HTTP proxies, in particular CONNECT proxies, that allow us to speak TLS through a proxy.
| * httpclient: handle chunked responsesEdward Thomson2020-01-242-7/+15
| | | | | | | | | | Detect responses that are sent with Transfer-Encoding: chunked, and record that information so that we can consume the entire message body.
| * httpclient: support authenticationEdward Thomson2020-01-242-8/+373
| | | | | | | | | | | | | | | | | | | | | | | | Store the last-seen credential challenges (eg, all the 'WWW-Authenticate' headers in a response message). Given some credentials, find the best (first) challenge whose mechanism supports these credentials. (eg, 'Basic' supports username/password credentials, 'Negotiate' supports default credentials). Set up an authentication context for this mechanism and these credentials. Continue exchanging challenge/responses until we're authenticated.
| * net: free the url's query componentEdward Thomson2020-01-241-0/+1
| |
| * net: introduce path formatting functionEdward Thomson2020-01-242-0/+15
| | | | | | | | | | Introduce a function to format the path and query string for a URL, suitable for creating an HTTP request.
| * httpclient: consume final chunk messageEdward Thomson2020-01-241-111/+153
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When sending a new request, ensure that we got the entirety of the response body. Our caller may have decided that they were done reading. If we were not at the end of the message, this means that we need to tear down the connection and cannot do keep-alive. However, if the caller read all of the message, but we still have a final end-of-response chunk signifier (ie, "0\r\n\r\n") on the socket, then we should consider that the response was successfully copmleted. If we're asked to send a new request, try to read from the socket, just to clear out that end-of-chunk message, marking ourselves as disconnected on any errors.
| * tests: support CLAR_TRACE_LEVELEdward Thomson2020-01-241-15/+0
| | | | | | | | | | | | The CLAR_TRACE_LEVEL environment variable was supported when building with GIT_TRACE. Now we always build with GIT_TRACE, but that variable is not provided to tests. Simply support clar tracing always.
| * httpclient: add chunk support to POSTEdward Thomson2020-01-241-11/+44
| | | | | | | | Teach httpclient how to support chunking when POSTing request bodies.
| * httpclient: introduce a simple http implementationEdward Thomson2020-01-242-0/+1045
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce a new http client implementation that can GET and POST to remote URLs. Consumers can use `git_http_client_init` to create a new client, `git_http_client_send_request` to send a request to the remote server and `git_http_client_read_response` to read the response. The http client implementation will perform the I/O with the remote server (http or https) but does not understand the git smart transfer protocol. This allows us to split the concerns of the http subtransport from the actual http implementation.
| * net: introduce url formatting functionEdward Thomson2020-01-242-0/+36
| |
| * buf: add consume_bytesEdward Thomson2020-01-242-0/+6
| | | | | | | | | | Allow users to consume a buffer by the number of bytes, not just to an ending pointer.
| * net: introduce git_net_url_joinpathEdward Thomson2020-01-243-0/+270
| | | | | | | | | | | | Provide a mechanism to add a path and query string to an existing url so that we can easily append `/info/refs?...` type url segments to a url given to us by a user.
| * net: refactor gitno redirect handlingEdward Thomson2020-01-247-132/+124
| | | | | | | | Move the redirect handling into `git_net_url` for consistency.
| * net: add an isvalid functionEdward Thomson2020-01-242-4/+12
| | | | | | | | (Also, mark all the declarations as extern.)
| * winhttp: refactor request sendingEdward Thomson2020-01-241-8/+8
| | | | | | | | | | Clarify what it means to not send a length; this allows us to refactor requests further.
| * ci: enable GSSAPI for Ubuntu buildsEdward Thomson2020-01-241-4/+4
| |
| * docker build: add krb5 libraries and command-line toolsEdward Thomson2020-01-241-1/+3
| |
| * ci: don't do negotiate tests on windowsEdward Thomson2020-01-241-4/+4
| | | | | | | | We can't get a kerberos TGT easily on Windows; skip the negotiate tests.
| * tests: test that clone returns 4321Edward Thomson2020-01-241-2/+2
| | | | | | | | | | This conditional was backwards. We should instead test that clone returns 4321, not that 4321 returns clone.
| * smart protocol: correct case in error messagesEdward Thomson2020-01-241-4/+4
| |
| * gssapi: validate that we were requested NegotiateEdward Thomson2020-01-241-3/+5
| |
| * gssapi: dispose after completion for retryEdward Thomson2020-01-241-13/+19
| | | | | | | | | | | | Disposal pattern; dispose on completion, allowing us to retry authentication, which may happen on web servers that close connection-based authenticated sessions (NTLM/SPNEGO) unexpectedly.
| * gssapi: show information about disabled GSSAPIEdward Thomson2020-01-241-1/+1
| | | | | | | | | | | | When USE_GSSAPI=OFF, still show information about what SPNEGO is, even though it's disabled. This is for parity with other disabled features like SSH and debugpool that still show details about what is disabled.
| * gssapi: delete half-built security context so auth can continueJonathan Turcotte2020-01-241-3/+3
| |
| * gssapi: correct incorrect case in error messageEdward Thomson2020-01-241-1/+1
| |
| * gssapi: protect GSS_ERROR macroEdward Thomson2020-01-241-4/+7
| | | | | | | | | | | | | | | | | | | | | | The GSS_ERROR(x) macro may expand to `(x & value)` on some implementations, instead of `((x) & value)`. This is the case on macOS, which means that if we attempt to wrap an expression in that macro, like `a = b`, then that would expand to `(a = b & value)`. Since `&` has a higher precedence, this is not at all what we want, and will set our result code to an incorrect value. Evaluate the expression then test it with `GSS_ERROR` independently to avoid this.
| * gssapi: protect against empty messagesEdward Thomson2020-01-241-0/+6
| |
| * ci: perform SPNEGO testsEdward Thomson2020-01-243-6/+37
|/ | | | | Attempt to obtain a Kerberos ticket from LIBGIT2.ORG and then clone the Negotiate-protected site at test.libgit2.org with that ticket.
* Merge pull request #5364 from libgit2/ethomson/typetPatrick Steinhardt2020-01-2417-87/+87
|\ | | | | internal types: change enums from `type_t` to `_t`
| * auth: update enum type name for consistencyethomson/typetEdward Thomson2020-01-185-13/+13
| | | | | | | | | | libgit2 does not use `type_t` suffixes as it's redundant; thus, rename `git_http_authtype_t` to `git_http_auth_t` for consistency.
| * iterator: update enum type name for consistencyEdward Thomson2020-01-189-50/+50
| | | | | | | | | | libgit2 does not use `type_t` suffixes as it's redundant; thus, rename `git_iterator_type_t` to `git_iterator_t` for consistency.
View Lorry Controller Status