1. 10 Jun, 2019 2 commits
    • winhttp: support default credentials for proxies · 3d11b6c5
      We did not properly support default credentials for proxies, only for
      destination servers.  Refactor the credential handling to support sending
      either username/password _or_ default credentials to either the proxy or
      the destination server.
      
      This actually shares the authentication logic between proxy servers and
      destination servers.  Due to copy/pasta drift over time, they had
      diverged.  Now they share a common logic which is: first, use
      credentials specified in the URL (if there were any), treating empty
      username and password (ie, "http://:@foo.com/") as default credentials,
      for compatibility with git.  Next, call the credential callbacks.
      Finally, fallback to WinHTTP compatibility layers using built-in
      authentication like we always have.
      
      Allowing default credentials for proxies requires moving the security
      level downgrade into the credential setting routines themselves.
      We will update our security level to "high" by default which means that
      we will never send default credentials without prompting.  (A lower
      setting, like the WinHTTP default of "medium" would allow WinHTTP to
      handle credentials for us, despite what a user may have requested with
      their structures.)  Now we start with "high" and downgrade to "low" only
      after a user has explicitly requested default credentials.
      Edward Thomson committed
    • network: don't add arbitrary url rules · 757411a0
      There's no reason a git repository couldn't be at the root of a server,
      and URLs should have an implicit path of '/' when one is not specified.
      Edward Thomson committed
  2. 05 Jun, 2019 1 commit
    • online tests: use gitlab for auth failures · e66a4eb3
      GitHub recently changed their behavior from returning 401s for private
      or nonexistent repositories on a clone to returning 404s.  For our tests
      that require an auth failure (and 401), move to GitLab to request a
      missing repository.  This lets us continue to test our auth failure
      case, at least until they decide to mimic that decision.
      Edward Thomson committed
  3. 22 Feb, 2019 1 commit
  4. 22 Jan, 2019 1 commit
  5. 17 Jan, 2019 1 commit
  6. 14 Jan, 2019 1 commit
  7. 28 Nov, 2018 5 commits
  8. 22 Sep, 2018 1 commit
  9. 10 Jun, 2018 1 commit
  10. 20 Mar, 2018 1 commit
  11. 19 Mar, 2018 1 commit
    • online::clone: skip creds fallback test · 03c58778
      At present, we have three online tests against bitbucket: one which
      specifies the credentials in the payload, one which specifies the
      correct credentials in the URL and a final one that specifies the
      incorrect credentials in the URL.  Bitbucket has begun responding to the
      latter test with a 403, which causes us to fail.
      
      Break these three tests into separate tests so that we can skip the
      latter until this is resolved on Bitbucket's end or until we can change
      the test to a different provider.
      Edward Thomson committed
  12. 28 Feb, 2018 1 commit
  13. 18 Jan, 2018 1 commit
  14. 03 Jan, 2018 2 commits
    • tests: online::clone: inline creds-test with nonexistent URL · 54a1bf05
      Right now, we test our credential callback code twice, once via SSH on
      localhost and once via a non-existent GitHub repository. While the first
      URL makes sense to be configurable, it does not make sense to hard-code
      the non-existing repository, which requires us to call tests multiple
      times. Instead, we can just inline the URL into another set of tests.
      Patrick Steinhardt committed
    • tests: online::clone: construct credential-URL from environment · fea60920
      We support two types of passing credentials to the proxy, either via the
      URL or explicitly by specifying user and password. We test these types
      by modifying the proxy URL and executing the tests twice, which is
      in fact unnecessary and requires us to maintain the list of environment
      variables and test executions across multiple CI infrastructures.
      
      To fix the situation, we can just always pass the host, port, user and
      password to the tests. The tests can then assemble the complete URL
      either with or without included credentials, allowing us to test both
      cases in-process.
      Patrick Steinhardt committed
  15. 21 Jun, 2017 1 commit
    • tests: online::clone: use URL of test server · c2c95ad0
      All our tests running against a local SSH server usually read the
      server's URL from environment variables. But online::clone::ssh_cert
      test fails to do so and instead always connects to
      "ssh://localhost/foo". This assumption breaks whenever the SSH server is
      not running on the standard port, e.g. when it is running as a user.
      
      Fix the issue by using the URL provided by the environment.
      Patrick Steinhardt committed
  16. 21 Apr, 2016 1 commit
  17. 19 Apr, 2016 3 commits
  18. 10 Sep, 2015 1 commit
  19. 02 Jul, 2015 1 commit
  20. 12 Jun, 2015 1 commit
  21. 27 May, 2015 1 commit
  22. 13 May, 2015 3 commits
    • remote: remove live changing of refspecs · 77254990
      The base refspecs changing can be a cause of confusion as to what is the
      current base refspec set and complicate saving the remote's
      configuration.
      
      Change `git_remote_add_{fetch,push}()` to update the configuration
      instead of an instance.
      
      This finally makes `git_remote_save()` a no-op, it will be removed in a
      later commit.
      Carlos Martín Nieto committed
    • remote: move the transport ctor to the callbacks · 058b753c
      Instead of having it set in a different place from every other callback,
      put it the main structure. This removes some state from the remote and
      makes it behave more like clone, where the constructors are passed via
      the options.
      Carlos Martín Nieto committed
    • Remove the callbacks struct from the remote · 8f0104ec
      Having the setting be different from calling its actions was not a great
      idea and made for the sake of the wrong convenience.
      
      Instead of that, accept either fetch options, push options or the
      callbacks when dealing with the remote. The fetch options are currently
      only the callbacks, but more options will be moved from setters and
      getters on the remote to the options.
      
      This does mean passing the same struct along the different functions but
      the typical use-case will only call git_remote_fetch() or
      git_remote_push() and so won't notice much difference.
      Carlos Martín Nieto committed
  23. 16 Mar, 2015 1 commit
  24. 27 Feb, 2015 1 commit
  25. 08 Nov, 2014 1 commit
  26. 09 Oct, 2014 1 commit
  27. 22 Sep, 2014 1 commit
  28. 16 Sep, 2014 3 commits