Refactor the file ownership checks so that callers can provide discrete
information about the ownership expectations to a single function.

The file ownership concepts can reflect the actual file ownership, they
are not necessarily limited to mocking the interface. Rename them so
that they can be more broadly applicable.

Ensure that we test opening a bare repository with odd permissions.

Update the new URL for mbedTLS.

Originally introduced in: 776a6a8e

This test case has recently been fixed in bdab2238, but that fix will only last for a year. Next year the same problem will crop up and the test will need to be re-edited.

This is not ideal as
- This test case becomes an unnecessary burden for developers
- Downstream distros or even just users who want to build older versions of libgit2 are guaranteed to have this test fail

Furthermore, this test case is entirely unnecessary, as the functionality that was originally (see 776a6a8e) intended to be tested is well-covered by subsequent tests which specify a date instead of a "x ago" specification.

Bug #6272 - fix crash in git_describe_commit.

Co-authored-by: Edward Thomson <ethomson@github.com>

When the passed object fails to be peeled into a commit pointer,
the cleanup code still tries to free the (uninitialized) pointer.

v1.4.3 release

Backports to v1.4

This fixes a crash in test cases
test_diff_parse__new_file_with_space_and_regenerate_patch
and
test_diff_parse__delete_file_with_space_and_regenerate_patch

This currently crashes, proposed fix in subsequent commit.

There was a missing check to ensure that the `off64_t` (which is a
signed value) didn't overflow when parsing it from the midx file. This
shouldn't have huge repercusions since the parsed value is immediately
validated afterwards, but then again, there is no such thing as "benign"
undefined behavior.

This change makes all the bitwise arithmetic happen with unsigned types
and is only casted to `off64_t` until the very end.

Thanks to Taotao Gu for finding and reporting this!

Support the ability to create a refspec that is a single object ID
without a destination.

Validate repository directory ownership (v1.4)

Introduce the `GIT_OPT_SET_OWNER_VALIDATION` option, so that users can
disable repository ownership validation.

Obey the `safe.directory` configuration variable if it is set in the
global or system configuration. (Do not try to load this from the
repository configuration - to avoid malicious repositories that then
mark themselves as safe.)

Pull the global configuration loader out of the symlink check so that it
can be re-used.

Test that we prevent opening directories that are not owned by
ourselves.

Provide a mock for file ownership for testability.

Ensure that the repository directory is owned by the current user; this
prevents us from opening configuration files that may have been created
by an attacker.

Provide individual file ownership checks for both the current user and
the system user, as well as a combined current user and system user
check.

v1.4.2

Allow for no Git for Windows installation.  When there is no GfW found
in the path or registry, `git_win32__find_system_dirs` would return a
`GIT_ENOTFOUND`.  Callers were not expecting this.  Since this is no
error, we simply return `0` so that callers can move on with their
lives.

We use `git_error_set_after_callback_function` to determine whether
`update_tips` returned an error but do not store its return value making us
think it always returns 0.

Fix it by adding the common patter of storing it inside the `if` when calling it.

v1.4.1

We've added a lovely abstraction layer in xdiff so that it can call our
allocation functions.  But it also needs to call our free functions.  We
missed some `free` calls in `xmerge.c`.  Update them to use `xdl_free`.
Without this, we will pass a pointer allocated with a custom allocator
to the system free function.  💣

Fix building against system http-parser library by fixing
the find_package() argument.  It seems to have been accidentally changed
from HTTPParser to HTTP_Parser in de178d36, effectively making
the build against system library fail to find it:

```
CMake Warning at cmake/SelectHTTPParser.cmake:3 (find_package):
  By not providing "FindHTTP_Parser.cmake" in CMAKE_MODULE_PATH this project
  has asked CMake to find a package configuration file provided by
  "HTTP_Parser", but CMake did not find one.

  Could not find a package configuration file provided by "HTTP_Parser" with
  any of the following names:

    HTTP_ParserConfig.cmake
    http_parser-config.cmake

  Add the installation prefix of "HTTP_Parser" to CMAKE_PREFIX_PATH or set
  "HTTP_Parser_DIR" to a directory containing one of the above files.  If
  "HTTP_Parser" provides a separate development package or SDK, be sure it
  has been installed.
Call Stack (most recent call first):
  src/CMakeLists.txt:97 (include)

CMake Error at cmake/SelectHTTPParser.cmake:11 (message):
  http-parser support was requested but not found
Call Stack (most recent call first):
  src/CMakeLists.txt:97 (include)
```