summaryrefslogtreecommitdiff
path: root/src/netops.c
Commit message (Collapse)AuthorAgeFilesLines
* ssl: init everything all the timecmn/init-ssl-onceCarlos Martín Nieto2014-06-121-80/+3
| | | | | | | | Bring together all of the OpenSSL initialization to git_threads_init() so it's together and doesn't need locks. Moving it here also gives us libssh2 thread safety (when built against openssl).
* ssl: cargo-cult thread safetyCarlos Martín Nieto2014-06-121-22/+21
| | | | OpenSSL's tests init everything in the main thread, so let's do that.
* ssl: use lockingCarlos Martín Nieto2014-06-111-0/+42
| | | | | | | | When using in a multithreaded context, OpenSSL needs to lock, and leaves it up to application to provide said locks. We were not doing this, and it's just luck that's kept us from crashing up to now.
* netops: init OpenSSL once under lockCarlos Martín Nieto2014-06-111-2/+32
| | | | | | | | The OpenSSL init functions are not reentrant, which means that running multiple fetches in parallel can cause us to crash. Use a mutex to init OpenSSL, and since we're adding this extra checks, init it only once.
* Win32 fix for #2300.Albert Meltzer2014-05-121-0/+4
| | | | The code doesn't use SSL and a test requires it.
* netops: catch the server not sending a certificatecmn/match-host-testsCarlos Martín Nieto2014-04-261-0/+4
| | | | | | | | | | It's possible for an encrypted connection not have a certificate. In this case, SSL_get_verify_result() will return OK because no error happened (as it never even tried to validate anything). SSL_get_peer_certificate() will return NULL in this case so we need to catch that. On the upside, the current code would segfault in this situation instead of letting it through as a valid cert.
* netops: provide more specific error for cert failureCarlos Martín Nieto2014-04-261-5/+5
| | | | | Specify what we do not like about the certificate. In this case, we do not like the name.
* netops: unit-test the cert host-name pattern matchingCarlos Martín Nieto2014-04-261-4/+4
| | | | | This kind of stuff should have unit tests, even if it's just to show what we expect to match successfully.
* netops: fix leakCarlos Martín Nieto2013-11-181-2/+5
|
* Fix warningsRussell Belfer2013-11-131-1/+1
|
* Fix warningsLinquize2013-11-121-1/+1
|
* Make url decoding more bulletproofbetter-url-parsingBen Straub2013-11-051-12/+7
|
* Remove unnecessary checkBen Straub2013-11-051-1/+1
|
* Incorporate feedbackBen Straub2013-11-051-5/+5
|
* Unescape url-encoded usernames and passwordsBen Straub2013-11-041-2/+26
|
* Use http_parser_parse_url to parse urlsBen Straub2013-11-041-46/+43
|
* Clarify parsing issues and errorsBen Straub2013-11-011-2/+3
|
* Streamline url-parsing logic.Ben Straub2013-11-011-25/+25
|
* Prevent another segfault from bad URLBen Straub2013-10-311-1/+1
|
* Prevent segfault with a badly-formed URLBen Straub2013-10-311-3/+4
|
* HTTP: handle "relative" redirectsBen Straub2013-10-021-0/+10
|
* Tighten up url-connection utilityBen Straub2013-09-261-8/+2
|
* Deploy gitno_connection_data into transport (winhttp)Ben Straub2013-09-261-7/+15
| | | | ...and have that call manage replaced memory in the output structure.
* Migrate redirect URL handling to common utilityBen Straub2013-09-251-0/+75
|
* Disconnect path string to preserve after redirectRussell Belfer2013-09-241-5/+1
| | | | | | | | | | | | The subtransport path was relying on pointing to data owned by the remote which meant that after a redirect, the updated path was getting lost for future requests. This updates the http transport to strdup the path and maintain its own lifetime. This also pulls responsibility for parsing the URL back into the http transport and isolates the functions that parse and free that connection data so that they can be reused between the initial parsing and the redirect parsing.
* Properly parse urls that include protocol://Ben Straub2013-09-241-1/+4
|
* netops: remove duplicate includeFraser Tweedale2013-08-241-4/+0
| | | | | | 9e9aee6 added an include <netinet/in.h> to fix the build on FreeBSD. Sometime since then the same header is included ifndef _WIN32, so remove the duplicate include.
* Merge pull request #1298 from ben/user-atRussell Belfer2013-02-041-5/+32
|\ | | | | Handle "user@" prefix for credentials partially included in URLs
| * Introduce git__substrdupBen Straub2013-02-011-5/+5
| |
| * Enhance url parsing to include passwordsBen Straub2013-01-311-10/+28
| |
| * Stash username from url (but don't use it yet)Ben Straub2013-01-301-2/+7
| |
| * Skip "user@" when finding hostname in urlBen Straub2013-01-301-2/+6
| |
* | Deduplicate FormatMessage UTF-16 to UTF-8 conversion codeSven Strickroth2013-02-021-19/+6
| | | | | | | | Signed-off-by: Sven Strickroth <email@cs-ware.de>
* | Improved error handlingSven Strickroth2013-02-021-2/+10
| | | | | | | | Signed-off-by: Sven Strickroth <email@cs-ware.de>
* | Get utf8_size from WideCharToMultiByte instead of guessing itSven Strickroth2013-02-011-3/+3
| | | | | | | | Signed-off-by: Sven Strickroth <email@cs-ware.de>
* | Win32: Make sure error messages are consistently UTF-8 encodedSven Strickroth2013-02-011-6/+10
|/ | | | | | | | W/o this a libgit2 error message could have a mixed encoding: e.g. a filename in UTF-8 combined with a native Windows error message encoded with the local code page. Signed-off-by: Sven Strickroth <email@cs-ware.de>
* Fix 3 memory leaksPhilip Kelley2013-01-251-0/+1
|
* Fix compilation on OpenBSDCarlos Martín Nieto2013-01-201-0/+1
|
* update copyrightsEdward Thomson2013-01-081-1/+1
|
* netops: on SSL teardown only send shutdown alertMichael Schubert2012-12-171-4/+1
| | | | | | | | | | | | According to man 3 SSL_shutdown / TLS, "If a unidirectional shutdown is enough (the underlying connection shall be closed anyway), this first call to SSL_shutdown() is sufficient." Currently, an unidirectional shutdown is enough, since gitno_ssl_teardown is called by gitno_close only. Do so to avoid further errors (by misbehaving peers for example). Fixes #1129.
* netops: properly handle GITNO_CONNECT_SSL_NO_CHECK_CERTMichael Schubert2012-12-171-3/+3
| | | | | Don't return an error just because GITNO_CONNECT_SSL_NO_CHECK_CERT is set.
* fix build on FreeBSDFraser Tweedale2012-11-261-0/+4
| | | | | | | 3f9eb1e introduced support for SSL certificates issued for IP addresses, making use of in_addr and in_addr6 structs. On FreeBSD these are defined in (a file included in) <netinet/in.h>, so include that file on FreeBSD and get the build working again.
* Merge pull request #1048 from pwkelley/basic_authPhilip Kelley2012-11-081-3/+6
|\ | | | | Basic authentication for http and winhttp
| * Fix connection leak in http subtransportPhilip Kelley2012-11-061-3/+6
| |
* | Move inet_pton to posix platform-compatibility layerEduardo Bart2012-11-071-50/+2
| |
* | Fix compilation for mingw32 and cygwinEduardo Bart2012-11-061-2/+50
|/ | | | | inet_pton is available only in windows vista or later, fixed the issue by reimplementing it using WSAStringToAddress
* Reorganize transport architecture (squashed 3)Philip Kelley2012-11-011-80/+111
|
* gitno_buffer: callback on each packetBen Straub2012-10-191-1/+2
| | | | | The fetch code takes advantage of this to implement a progress callback every 100kb of transfer.
* netops: be more careful with SSL errorsMichael Schubert2012-09-041-1/+37
| | | | | | | | SSL_get_error() allows to receive a result code for various SSL operations. Depending on the return value (see man (3) SSL_get_error) there might be additional information in the OpenSSL error queue. Return the queued message if available, otherwise set an error message corresponding to the return code.
* netops: continue writing on SSL_ERROR_WANT_WRITEMichael Schubert2012-09-041-1/+1
|
View Lorry Controller Status