- 04 Dec, 2018 1 commit
-
-
If the routine exits with error before stream or hash_ctx is initialized, the program will segfault when trying to free them.
Joe Rabinoff committed
-
- 29 Nov, 2018 2 commits
-
-
revwalk: Allow changing hide_cb
Patrick Steinhardt committed -
Unused function warnings
Patrick Steinhardt committed
-
- 28 Nov, 2018 37 commits
-
-
Add builtin proxy support for the http transport
Edward Thomson committed -
Reset the replay_count upon a successful connection. It's possible that we could encounter a situation where we connect successfully but need to replay a request - for example, a connection and initial request succeeds without authentication but a subsequent call does require authentication. Reset the replay count upon any successful request to afford subsequent replays room to manuever.
Edward Thomson committed -
Accept an enum (`git_stream_t`) during custom stream registration that indicates whether the registration structure should be used for standard (non-TLS) streams or TLS streams.
Edward Thomson committed -
Temporarily disallow SSL connections to a proxy until we can understand the valgrind warnings when tunneling OpenSSL over OpenSSL.
Edward Thomson committed -
Only load the proxy configuration during connection; we need this data when we're going to connect to the server, however we may mutate it after connection (connecting through a CONNECT proxy means that we should send requests like normal). If we reload the proxy configuration but do not actually reconnect (because we're in a keep-alive session) then we will reload the proxy configuration that we should have mutated. Thus, only load the proxy configuration when we know that we're going to reconnect.
Edward Thomson committed -
Update the new stream registration API to be `git_stream_register` which takes a registration structure and a TLS boolean. This allows callers to register non-TLS streams as well as TLS streams. Provide `git_stream_register_tls` that takes just the init callback for backward compatibliity.
Edward Thomson committed -
Don't allow servers to send us multiple Content-Type, Content-Length or Location headers.
Edward Thomson committed -
The `-Wdocumentation-deprecated-sync` option will warn when there is a doxygen `\deprecated` tag but there is no corresponding deprecation attribute on the function. We want to encourage users to not use particular APIs by marking them deprecated in the documentation without necessarily raising a compiler warning by marking an item as deprecated.
Edward Thomson committed -
For testing, we may wish to use a man-in-the-middle proxy that can inspect the CONNECT traffic to our test endpoints. For this, we will need to accept the proxy's certificate, which will not be valid for the true endpoint. Add a new environment variable, GITTEST_REMOTE_SSL_NOVERIFY to disable https certificate validation for the tests.
Edward Thomson committed -
We previously used cURL to support HTTP proxies. Now that we've added this support natively, we can remove the curl dependency.
Edward Thomson committed -
The implementations of git_openssl_stream_new and git_mbedtls_stream_new have callers protected by #ifdefs and are never called unless compiled in. There's no need for a dummy implementation. Remove them.
Edward Thomson committed -
Natively support HTTPS connections through proxies by speaking CONNECT to the proxy and then adding a TLS connection on top of the socket.
Edward Thomson committed -
Introduce `git_tls_stream_wrap` which will take an existing `stream` with an already connected socket and begin speaking TLS on top of it. This is useful if you've built a connection to a proxy server and you wish to begin CONNECT over it to tunnel a TLS connection. Also update the pluggable TLS stream layer so that it can accept a registration structure that provides an `init` and `wrap` function, instead of a single initialization function.
Edward Thomson committed -
Rename credential callback to proxy_cred_cb to match new cert callback.
Edward Thomson committed -
Give the proxy tests a proxy certificate callback, and allow self-signed certificates when the `GITTEST_REMOTE_PROXY_SELFSIGNED` environment variable is set (to anything). In that case, simply compare the hostname from the callback to the hostname that we connected to.
Edward Thomson committed -
Store the error message from the underlying TLS library before calling the certificate callback. If it refuses to act (demonstrated by returning GIT_PASSTHROUGH) then restore the error message. Otherwise, if the callback does not set an error message, set a sensible default that implicates the callback itself.
Edward Thomson committed -
Refactor certificate checking so that it can easily be called for proxies or the remote server.
Edward Thomson committed -
Edward Thomson committed
-
Create a simple data structure that contains information about the server being connected to, whether that's the actual remote endpoint (git server) or an intermediate proxy. This allows for organization of streams, authentication state, etc.
Edward Thomson committed -
Put a limit on the number of authentication replays in the HTTP transport. Standardize on 7 replays for authentication or redirects, which matches the behavior of the WinHTTP transport.
Edward Thomson committed -
Teach the HTTP transport how to prompt for proxy credentials.
Edward Thomson committed -
Prepare credential handling to understand both git server and proxy server authentication.
Edward Thomson committed -
Factor credential handling into its own function. Additionally, add safety checks to ensure that we are in a valid state - that we have received a valid challenge from the server and that we have configuration to respond to that challenge.
Edward Thomson committed -
The HTTP transport should understand how to apply proxies when configured with `GIT_PROXY_SPECIFIED` and `GIT_PROXY_SPECIFIED`. When a proxy is configured, the HTTP transport will now connect to the proxy (instead of directly to the git server), and will request the properly-formed URL of the git server endpoint.
Edward Thomson committed -
Rename `http_subtransport->io` to `http_subtransport->gitserver_stream` to clarify its use, especially as we might have additional streams (eg for a proxy) in the future.
Edward Thomson committed -
As we want to support HTTPS proxies, support an optional `GITTEST_REMOTE_PROXY_SCHEME` environment variable for tests that will allow for HTTPS support. (When unset, the tests default to HTTP proxies.)
Edward Thomson committed -
Change the `GITTEST_REMOTE_PROXY_URL` environment variable to be `GITTEST_REMOTE_PROXY_HOST`, since it is a host:port combination, not an actual URL. (We cannot use a URL here since we may want to include the username:password combination in the constructed URL.)
Edward Thomson committed -
Rename the `connection_data` struct member to `gitserver_data`, to disambiguate future `connection_data`s that apply to the proxy, not the final server endpoint.
Edward Thomson committed -
Edward Thomson committed
-
config: fix adding files if their parent directory is a file
Edward Thomson committed -
Together with the warnings for unused warnings, we always had warnings for unused constant variables disabled since commit 823c0e9c (Fix broken logic for attr cache invalidation, 2014-04-17). As we have now fixed all occurrences of such variables, we can safely enable those warnings again.
Patrick Steinhardt committed -
The mailmap testdata header contains a set of static variable definitions. As these variables aren't used in all places where they are used, they trigger the unused-const-variable warnings. As we have currently disabled those warnings explicitly, they are never triggered, but we intend to enable them. Avoid the issue by only keeping variable definitions that are actually used in all locations. Move the others to where they are used.
Patrick Steinhardt committed -
The current map implementations directly include the "khash.h" headers into their own headers to make available a set of static functions, defines et cetera. Besides leaking the complete khash namespace into files wherever khashes are used, this also triggers Clang's -Wunused-function warnings when some of the static functions are not being used at all. Fix the issue by moving the includes into the respective map implementation files. Add forward declares for all the map types to make them known.
Patrick Steinhardt committed -
Instead of using the `khiter_t`, `git_strmap_iter` and `khint_t` types, simply use `size_t` instead. This decouples code from the khash stuff and makes it possible to move the khash includes into the implementation files.
Patrick Steinhardt committed -
The current foreach map macros simply redirect to the type-indifferent `kh_foreach` macro. As this type-indifferent macro directly accesses the structures, the current implementation makes it impossible to make the stuctures private to the implementation only. And making them private is required to move out the khash include into the implementations to decrease the namespace leak.
Patrick Steinhardt committed -
Right now, the `git_*map_begin()` and `git_*map_end()` helpers are implemented via macros which simply redirect to `kh_begin` and `kh_end`. As these macros refer to members of the map structures, they make it impossible to move the khash include into the implementation files. Implement these helpers as real functions instead to further decouple the headers from implementations.
Patrick Steinhardt committed -
The submodule code currently has its own implementation of a string map, which overrides the hashing and hash equals functions with functions that ignore potential trailing slashes. These functions aren't actually used by our code, making them useless.
Patrick Steinhardt committed
-