| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
When failing to initialize a new stransport stream, we try to
release already allocated memory by calling out to
`git_stream_free`, which in turn called out to the stream's
`free` function pointer. As we only initialize the function
pointer later on, this leads to a `NULL` pointer exception.
Furthermore, plug another memory leak when failing to create the
SSL context.
|
| |\
| |
| | |
stransport: make internal functions static
|
| | | |
|
| |/
|
|
|
|
|
|
|
| |
The `SSLCopyPeerTrust` call can succeed but fail to return a trust
object if it can't load the certificate chain and thus cannot check the
validity of a certificate. This can lead to us calling `CFRelease` on a
`NULL` trust object, causing a crash.
Handle this by returning ECERTIFICATE.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
If the libcurl stream is available, use that as the underlying stream
instead of the socket stream. This allows us to set a proxy for HTTPS
connections.
|
| |
|
|
| |
is unavailable to iOS targets.
|
| |
|
|
|
|
|
|
|
| |
The read and write callbacks passed to SSLSetIOFuncs() have been
rewritten to match the implementation used on opensource.apple.com and
other open source projects like VLC.
This change also fixes a bug where the read callback could get into
an infinite loop when 0 bytes were read.
|
| |
|
|
|
| |
On close, we might get a return code which looks like an error but just
means that the other side closed gracefully. Handle that.
|
| |
|
|
|
| |
Anything SSL is deprecated. Let's make sure we don't try to use SSL v3
when talking to the server.
|
| |
|
|
|
|
| |
Do not automatically fail on a bad certificate, but let the caller
decide. This means we don't need our switch on errors anymore but can
return a string representation from the security framework.
|
|
|
As an alternative to OpenSSL when we're on OS X. This one can actually
take advantage of stacking the streams.
|
