- 03 Jul, 2017 1 commit
-
-
Next to including several files, our "common.h" header also declares various macros which are then used throughout the project. As such, we have to make sure to always include this file first in all implementation files. Otherwise, we might encounter problems or even silent behavioural differences due to macros or defines not being defined as they should be. So in fact, our header and implementation files should make sure to always include "common.h" first. This commit does so by establishing a common include pattern. Header files inside of "src" will now always include "common.h" as its first other file, separated by a newline from all the other includes to make it stand out as special. There are two cases for the implementation files. If they do have a matching header file, they will always include this one first, leading to "common.h" being transitively included as first file. If they do not have a matching header file, they instead include "common.h" as first file themselves. This fixes the outlined problems and will become our standard practice for header and source files inside of the "src/" from now on.
Patrick Steinhardt committed
-
- 29 Dec, 2016 1 commit
-
-
Error messages should be sentence fragments, and therefore: 1. Should not begin with a capital letter, 2. Should not conclude with punctuation, and 3. Should not end a sentence and begin a new one
Edward Thomson committed
-
- 19 Apr, 2016 1 commit
-
-
When we're dealing with proxy addresses, we only want a hostname and port, and the user would not provide a path, so make it optional so we can use this same function to parse git as well as proxy URLs.
Carlos Martín Nieto committed
-
- 18 Feb, 2016 1 commit
-
-
Patrick Steinhardt committed
-
- 29 May, 2015 1 commit
-
-
Some brain damaged tolower() implementations appear to want to take the locale into account, and this may require taking some insanely aggressive lock on the locale and slowing down what should be the most trivial of trivial calls for people who just want to downcase ASCII.
Edward Thomson committed
-
- 10 Dec, 2014 2 commits
-
-
Most of the network-facing facilities have been copied to the socket and openssl streams. No code now uses these functions directly anymore, so we can now remove them.
Carlos Martín Nieto committed -
Carlos Martín Nieto committed
-
- 02 Nov, 2014 1 commit
-
-
When we first ask OpenSSL to verify the certfiicate itself (rather than the HTTPS specifics), we should also return GIT_ECERTIFICATE. Otherwise, the caller would consider this as a failed operation rather than a failed validation and not call the user's own validation.
Carlos Martín Nieto committed
-
- 24 Sep, 2014 1 commit
-
-
The getaddrinfo function indicates failure with a non-zero return code, but this code is not necessarily negative. On platforms like Android where the code is positive, a failed call causes libgit2 to segfault.
William Swanson committed
-
- 16 Sep, 2014 2 commits
-
-
This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.
Carlos Martín Nieto committed -
If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.
Carlos Martín Nieto committed
-
- 06 Jul, 2014 1 commit
-
-
Jacques Germishuys committed
-
- 03 Jul, 2014 1 commit
-
-
In order to connect to a remote server, we need to provide a path to the repository we're interested in. Consider the lack of path in the url an error.
Carlos Martín Nieto committed
-
- 12 Jun, 2014 2 commits
-
-
Bring together all of the OpenSSL initialization to git_threads_init() so it's together and doesn't need locks. Moving it here also gives us libssh2 thread safety (when built against openssl).
Carlos Martín Nieto committed -
OpenSSL's tests init everything in the main thread, so let's do that.
Carlos Martín Nieto committed
-
- 11 Jun, 2014 2 commits
-
-
When using in a multithreaded context, OpenSSL needs to lock, and leaves it up to application to provide said locks. We were not doing this, and it's just luck that's kept us from crashing up to now.
Carlos Martín Nieto committed -
The OpenSSL init functions are not reentrant, which means that running multiple fetches in parallel can cause us to crash. Use a mutex to init OpenSSL, and since we're adding this extra checks, init it only once.
Carlos Martín Nieto committed
-
- 13 May, 2014 1 commit
-
-
The code doesn't use SSL and a test requires it.
Albert Meltzer committed
-
- 26 Apr, 2014 3 commits
-
-
It's possible for an encrypted connection not have a certificate. In this case, SSL_get_verify_result() will return OK because no error happened (as it never even tried to validate anything). SSL_get_peer_certificate() will return NULL in this case so we need to catch that. On the upside, the current code would segfault in this situation instead of letting it through as a valid cert.
Carlos Martín Nieto committed -
Specify what we do not like about the certificate. In this case, we do not like the name.
Carlos Martín Nieto committed -
This kind of stuff should have unit tests, even if it's just to show what we expect to match successfully.
Carlos Martín Nieto committed
-
- 18 Nov, 2013 1 commit
-
-
Carlos Martín Nieto committed
-
- 13 Nov, 2013 1 commit
-
-
Russell Belfer committed
-
- 12 Nov, 2013 1 commit
-
-
Linquize committed
-
- 05 Nov, 2013 3 commits
-
-
Ben Straub committed
-
Ben Straub committed
-
Ben Straub committed
-
- 04 Nov, 2013 2 commits
-
-
Ben Straub committed
-
Ben Straub committed
-
- 02 Nov, 2013 1 commit
-
-
Ben Straub committed
-
- 01 Nov, 2013 1 commit
-
-
Ben Straub committed
-
- 31 Oct, 2013 2 commits
-
-
Ben Straub committed
-
Ben Straub committed
-
- 02 Oct, 2013 1 commit
-
-
Ben Straub committed
-
- 26 Sep, 2013 3 commits
-
-
Ben Straub committed
-
...and have that call manage replaced memory in the output structure.
Ben Straub committed -
Ben Straub committed
-
- 24 Sep, 2013 2 commits
-
-
The subtransport path was relying on pointing to data owned by the remote which meant that after a redirect, the updated path was getting lost for future requests. This updates the http transport to strdup the path and maintain its own lifetime. This also pulls responsibility for parsing the URL back into the http transport and isolates the functions that parse and free that connection data so that they can be reused between the initial parsing and the redirect parsing.
Russell Belfer committed -
Ben Straub committed
-
- 24 Aug, 2013 1 commit
-
-
9e9aee67 added an include <netinet/in.h> to fix the build on FreeBSD. Sometime since then the same header is included ifndef _WIN32, so remove the duplicate include.
Fraser Tweedale committed
-