- 29 May, 2015 1 commit
-
-
Some brain damaged tolower() implementations appear to want to take the locale into account, and this may require taking some insanely aggressive lock on the locale and slowing down what should be the most trivial of trivial calls for people who just want to downcase ASCII.
Edward Thomson committed
-
- 10 Dec, 2014 2 commits
-
-
Most of the network-facing facilities have been copied to the socket and openssl streams. No code now uses these functions directly anymore, so we can now remove them.
Carlos Martín Nieto committed -
Carlos Martín Nieto committed
-
- 02 Nov, 2014 1 commit
-
-
When we first ask OpenSSL to verify the certfiicate itself (rather than the HTTPS specifics), we should also return GIT_ECERTIFICATE. Otherwise, the caller would consider this as a failed operation rather than a failed validation and not call the user's own validation.
Carlos Martín Nieto committed
-
- 24 Sep, 2014 1 commit
-
-
The getaddrinfo function indicates failure with a non-zero return code, but this code is not necessarily negative. On platforms like Android where the code is positive, a failed call causes libgit2 to segfault.
William Swanson committed
-
- 16 Sep, 2014 2 commits
-
-
This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.
Carlos Martín Nieto committed -
If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.
Carlos Martín Nieto committed
-
- 06 Jul, 2014 1 commit
-
-
Jacques Germishuys committed
-
- 03 Jul, 2014 1 commit
-
-
In order to connect to a remote server, we need to provide a path to the repository we're interested in. Consider the lack of path in the url an error.
Carlos Martín Nieto committed
-
- 12 Jun, 2014 2 commits
-
-
Bring together all of the OpenSSL initialization to git_threads_init() so it's together and doesn't need locks. Moving it here also gives us libssh2 thread safety (when built against openssl).
Carlos Martín Nieto committed -
OpenSSL's tests init everything in the main thread, so let's do that.
Carlos Martín Nieto committed
-
- 11 Jun, 2014 2 commits
-
-
When using in a multithreaded context, OpenSSL needs to lock, and leaves it up to application to provide said locks. We were not doing this, and it's just luck that's kept us from crashing up to now.
Carlos Martín Nieto committed -
The OpenSSL init functions are not reentrant, which means that running multiple fetches in parallel can cause us to crash. Use a mutex to init OpenSSL, and since we're adding this extra checks, init it only once.
Carlos Martín Nieto committed
-
- 13 May, 2014 1 commit
-
-
The code doesn't use SSL and a test requires it.
Albert Meltzer committed
-
- 26 Apr, 2014 3 commits
-
-
It's possible for an encrypted connection not have a certificate. In this case, SSL_get_verify_result() will return OK because no error happened (as it never even tried to validate anything). SSL_get_peer_certificate() will return NULL in this case so we need to catch that. On the upside, the current code would segfault in this situation instead of letting it through as a valid cert.
Carlos Martín Nieto committed -
Specify what we do not like about the certificate. In this case, we do not like the name.
Carlos Martín Nieto committed -
This kind of stuff should have unit tests, even if it's just to show what we expect to match successfully.
Carlos Martín Nieto committed
-
- 18 Nov, 2013 1 commit
-
-
Carlos Martín Nieto committed
-
- 13 Nov, 2013 1 commit
-
-
Russell Belfer committed
-
- 12 Nov, 2013 1 commit
-
-
Linquize committed
-
- 05 Nov, 2013 3 commits
-
-
Ben Straub committed
-
Ben Straub committed
-
Ben Straub committed
-
- 04 Nov, 2013 2 commits
-
-
Ben Straub committed
-
Ben Straub committed
-
- 02 Nov, 2013 1 commit
-
-
Ben Straub committed
-
- 01 Nov, 2013 1 commit
-
-
Ben Straub committed
-
- 31 Oct, 2013 2 commits
-
-
Ben Straub committed
-
Ben Straub committed
-
- 02 Oct, 2013 1 commit
-
-
Ben Straub committed
-
- 26 Sep, 2013 3 commits
-
-
Ben Straub committed
-
...and have that call manage replaced memory in the output structure.
Ben Straub committed -
Ben Straub committed
-
- 24 Sep, 2013 2 commits
-
-
The subtransport path was relying on pointing to data owned by the remote which meant that after a redirect, the updated path was getting lost for future requests. This updates the http transport to strdup the path and maintain its own lifetime. This also pulls responsibility for parsing the URL back into the http transport and isolates the functions that parse and free that connection data so that they can be reused between the initial parsing and the redirect parsing.
Russell Belfer committed -
Ben Straub committed
-
- 24 Aug, 2013 1 commit
-
-
9e9aee67 added an include <netinet/in.h> to fix the build on FreeBSD. Sometime since then the same header is included ifndef _WIN32, so remove the duplicate include.
Fraser Tweedale committed
-
- 01 Feb, 2013 4 commits
-
-
Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth committed -
Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth committed -
Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth committed -
W/o this a libgit2 error message could have a mixed encoding: e.g. a filename in UTF-8 combined with a native Windows error message encoded with the local code page. Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth committed
-