| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| | |
Adjust the local transport for the common refspec parser
|
| | |
| |
| |
| |
| |
| |
| | |
We no longer have NULL strings, but empty ones and duplicate the sides
if necessar, so the first check will never do anything.
While in the area, remove unnecessary ifs and early returns.
|
| |/ |
|
| |
|
|
| |
Valgrind is now clean except for libssl and libgcrypt.
|
| |
|
|
|
|
|
|
|
|
|
| |
When we fetch twice with the same remote object, we did not properly
clear the connection flags, so we would leak state from the last
connection.
This can cause the second fetch with the same remote object to fail if
using a HTTP URL where the server redirects to HTTPS, as the second
fetch would see `use_ssl` set and think the initial connection wanted to
downgrade the connection.
|
| |
|
|
|
|
|
|
|
|
|
| |
There is one well-known and well-tested parser which we should use,
instead of implementing parsing a second time.
The common parser is also augmented to copy the LHS into the RHS if the
latter is empty.
The expressions test had to change a bit, as we now catch a bad RHS of a
refspec locally.
|
| |
|
|
| |
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| | |
|
| | |
|
| |
|
|
| |
Signed-off-by: Sven Strickroth <email@cs-ware.de>
|
| |\
| |
| | |
Factor 40 and 41 constants from source.
|
| | | |
|
| | |
| |
| |
| | |
This brings us back in line with the other transports.
|
| | |
| |
| |
| |
| | |
The user may have the data hashed as MD5 or SHA-1, so we should provide
both types for consumption.
|
| | |
| |
| |
| |
| | |
Instead of using the libssh2 defines, provide our own, which eases usage
as we do not need to check whether libgit2 was built with libssh2 or not.
|
| | |
| |
| |
| |
| |
| | |
Instead of spreading the data in function arguments, some of which
aren't used for ssh and having a struct only for ssh, use a struct for
both, using a common parent to pass to the callback.
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When the call to the agent fails, we must retrieve the error message
just after the function call, as other calls may overwrite it.
As the agent authentication is the only one which has a teardown and
there does not seem to be a way to get the error message from a stored
error number, this tries to introduce some small changes to store the
error from the agent.
Clearing the error at the beginning of the loop lets us know whether the
agent has already set the libgit2 error message and we should skip it,
or if we should set it.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This option make it easy to ignore anything about the server we're
connecting to, which is bad security practice. This was necessary as we
didn't use to expose detailed information about the certificate, but now
that we do, we should get rid of this.
If the user wants to ignore everything, they can still provide a
callback which ignores all the information passed.
|
| | |
| |
| |
| | |
If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.
|
| | |
| |
| |
| | |
We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.
|
| | |
| |
| |
| | |
If we're not using SSL, don't call the user's certificate check callback.
|
| | |
| |
| |
| | |
On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
|
| | |
| |
| |
| |
| | |
Returning 0 lets the certificate check succeed. An error code is bubbled
up to the user.
|
| | |
| |
| |
| |
| | |
We know the host's key as soon as we connect, so we should perform the
check as soon as we can, before we bother with the user's credentials.
|
| | |
| |
| |
| |
| |
| |
| | |
We should let the user decide whether to cancel the connection or not
regardless of whether our checks have decided that the certificate is
fine. We provide our own assessment to the callback to let the user fall
back to our checks if they so desire.
|
| | |
| |
| |
| |
| |
| | |
Instead of the parsed data, we can ask OpenSSL to give us the
DER-encoded version of the certificate, which the user can then parse
and validate.
|
| |/
|
|
|
|
|
|
|
| |
If the certificate validation fails (or always in the case of ssh),
let the user decide whether to allow the connection.
The data structure passed to the user is the native certificate
information from the underlying implementation, namely OpenSSL or
WinHTTP.
|
| |\
| |
| | |
winhttp: Prevent swallowing of url parsing error
|
| | | |
|
| |\ \
| |/
|/| |
Set timeout on remote (Add timeout for WinHttpReceiveResponse #2147)
|
| | |
| |
| |
| | |
Connection timeout set to 1 minute. Read/Write timeout remains set to infinite #2147
|
| | | |
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The recv buffer (parse_buffer) and the buffer have independent sizes and
offsets. We try to fill in parse_buffer as much as possible before
passing it to the http parser. This is fine most of the time, but fails
us when the buffer is almost full.
In those situations, parse_buffer can have more data than we would be
able to put into the buffer (which may be getting full if we're towards
the end of a data sideband packet).
To work around this, we check if the space we have left on our buffer is
smaller than what could come from the network. If this happens, we make
parse_buffer think that it has as much space left as our buffer, so it
won't try to retrieve more data than we can deal with.
As the start of the data may no longer be at the start of the buffer, we
need to keep track of where it really starts (data_offset) and use that
in our calculations for the real size of the data we received from the
network.
This fixes #2518.
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Decode base64-encoded text into a git_buf
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Move the transport registration mechanisms into a new header under
'sys/' because this is advanced stuff.
* Remove the 'priority' argument from the registration as it adds
unnecessary complexity. (Since transports cannot decline to operate,
only the highest priority transport is ever executed.) Users who
require per-priority transports can implement that in their custom
transport themselves.
* Simplify registration further by taking a scheme (eg "http") instead
of a prefix (eg "http://").
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
git allows you to set which paths to use for the git server programs
when connecting over ssh; and we want to provide something similar.
We do this by providing a factory function which can be set as the
remote's transport callback which will set the given paths upon
creation.
|
| | | |
|
| | |\
| | |
| | | |
ssh: libssh2_channel_write() behaves like send()
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When the stream writing function was written, it assume that
libssh2_channel_write() would always write all of the data to the
wire. This is only true for the first 32k of data, which it tries to
fit into one ssh packet.
Since it can perform short writes, call it in a loop like we do for
send(), advancing the buffer offset.
|
| | |/ |
|
