1. 09 Sep, 2021 1 commit
  2. 02 Sep, 2021 2 commits
  3. 30 Aug, 2021 2 commits
    • Set Host Header to match CONNECT authority target · fc5d0e80
      Prior to this change, for CONNECT requests, the Host header was set to
      the host and port of the target http proxy. However, per the rfc7230 for
      HTTP/1.1 this is incorrect as the Host header should match the target of
      the CONNECT request, as detailed in section 5.3.3 & 5.4.
      
        5.3.3.  authority-form
      
         The authority-form of request-target is only used for CONNECT
         requests (Section 4.3.6 of [RFC7231]).
      
           authority-form = authority
      
         When making a CONNECT request to establish a tunnel through one or
         more proxies, a client MUST send only the target URI's authority
         component (excluding any userinfo and its "@" delimiter) as the
         request-target.  For example,
      
           CONNECT www.example.com:80 HTTP/1.1
      
        5.4.  Host
      
         <snip>
      
         A client MUST send a Host header field in all HTTP/1.1 request
         messages.  If the target URI includes an authority component, then a
         client MUST send a field-value for Host that is identical to that
         authority component, excluding any userinfo subcomponent and its "@"
         delimiter (Section 2.7.1).  If the authority component is missing or
         undefined for the target URI, then a client MUST send a Host header
         field with an empty field-value.
      
      This issue was noticed when proxying requests through HAProxy 2.2 which
      rejects these invalid http requests.
      Jesse Hathaway committed
  4. 24 Aug, 2021 1 commit
  5. 05 Aug, 2021 1 commit
  6. 15 Jul, 2021 1 commit
  7. 26 Jun, 2021 1 commit
  8. 04 Jun, 2021 1 commit
  9. 03 Jun, 2021 1 commit
  10. 12 May, 2021 2 commits
  11. 06 May, 2021 1 commit
  12. 18 Apr, 2021 1 commit
  13. 02 Mar, 2021 1 commit
    • winhttp: skip certificate check if unable to send request · edffea15
      In some circumstances (e.g. when proxies are involved), winhttp will fail to reach the WINHTTP_CALLBACK_STATUS_SENDING_REQUEST phase. If this occurs, we'll error with ERROR_WINHTTP_INCORRECT_HANDLE_STATE when attempting to query the server certificate context (see https://docs.microsoft.com/en-us/windows/win32/api/winhttp/nf-winhttp-winhttpsendrequest#remarks).
      
      To avoid this, verify that WinHttpSendRequest has reached the WINHTTP_CALLBACK_STATUS_SENDING_REQUEST phase before checking the certificate. Since we're using WinHTTP in synchronous mode, we know for sure that once WinHttpSendRequest returns we've either sent it successfully or not.
      
      NOTE: WINHTTP_CALLBACK_STATUS_SENDING_REQUEST appears to be deprecated with no direct replacement. WINHTTP_CALLBACK_STATUS_SENDREQUEST_COMPLETE is only available in async mode, and there doesn't appear to be a method of querying this flag outside of the status callback.
      Ian Hattendorf committed
  14. 15 Feb, 2021 1 commit
  15. 23 Dec, 2020 2 commits
  16. 22 Dec, 2020 2 commits
  17. 06 Dec, 2020 1 commit
  18. 27 Nov, 2020 3 commits
  19. 11 Oct, 2020 2 commits
  20. 14 Sep, 2020 1 commit
  21. 10 Sep, 2020 1 commit
  22. 08 Sep, 2020 1 commit
    • Don't fail if a HTTP server announces he supports a protocol upgrade · 2dea3eb4
      cf. RFC7230 section 6.7, an Upgrade header in a normal response merely informs the client that the server supports upgrading to other protocols, and the client can ask for such an upgrade in a later request. The server requiring an upgrade is via the 426 Upgrade Required response code, not the mere presence of the Upgrade response header.
      
      (closes issue #5573)
      
      Signed-off-by: Sven Strickroth <email@cs-ware.de>
      Sven Strickroth committed
  23. 10 Jul, 2020 1 commit
    • httpclient: only free challenges for current_server type · bd346313
      Prior to this commit we freed both the server and proxy auth challenges
      in git_http_client_read_response. This works when the proxy needs auth
      or when the server needs auth, but it does not work when both the proxy
      and the server need auth as we erroneously remove the server auth
      challenge before we have added them as server credentials. Instead only
      remove the challenges for the current_server type.
      
      Co-authored-by: Stephen Gelman <ssgelm@gmail.com>
      Jesse Hathaway committed
  24. 24 Jun, 2020 1 commit
  25. 09 Jun, 2020 2 commits
    • tree-wide: do not compile deprecated functions with hard deprecation · c6184f0c
      When compiling libgit2 with -DDEPRECATE_HARD, we add a preprocessor
      definition `GIT_DEPRECATE_HARD` which causes the "git2/deprecated.h"
      header to be empty. As a result, no function declarations are made
      available to callers, but the implementations are still available to
      link against. This has the problem that function declarations also
      aren't visible to the implementations, meaning that the symbol's
      visibility will not be set up correctly. As a result, the resulting
      library may not expose those deprecated symbols at all on some platforms
      and thus cause linking errors.
      
      Fix the issue by conditionally compiling deprecated functions, only.
      While it becomes impossible to link against such a library in case one
      uses deprecated functions, distributors of libgit2 aren't expected to
      pass -DDEPRECATE_HARD anyway. Instead, users of libgit2 should manually
      define GIT_DEPRECATE_HARD to hide deprecated functions. Using "real"
      hard deprecation still makes sense in the context of CI to test we don't
      use deprecated symbols ourselves and in case a dependant uses libgit2 in
      a vendored way and knows it won't ever use any of the deprecated symbols
      anyway.
      Patrick Steinhardt committed
    • tree-wide: mark local functions as static · a6c9e0b3
      We've accumulated quite some functions which are never used outside of
      their respective code unit, but which are lacking the `static` keyword.
      Add it to reduce their linkage scope and allow the compiler to optimize
      better.
      Patrick Steinhardt committed
  26. 01 Jun, 2020 4 commits
    • httpclient: clear the read_buf on new requests · 04c7bdb4
      The httpclient implementation keeps a `read_buf` that holds the data
      in the body of the response after the headers have been written.  We
      store that data for subsequent calls to `git_http_client_read_body`.  If
      we want to stop reading body data and send another request, we need to
      clear that cached data.
      
      Clear the cached body data on new requests, just like we read any
      outstanding data from the socket.
      Edward Thomson committed
    • httpclient: don't read more than the client wants · aa8b2c0f
      When `git_http_client_read_body` is invoked, it provides the size of the
      buffer that can be read into.  This will be set as the parser context's
      `output_size` member.  Use this as an upper limit on our reads, and
      ensure that we do not read more than the client requests.
      Edward Thomson committed
    • strarray: we should `dispose` instead of `free` · 51eff5a5
      We _dispose_ the contents of objects; we _free_ objects (and their
      contents).  Update `git_strarray_free` to be `git_strarray_dispose`.
      `git_strarray_free` remains as a deprecated proxy function.
      Edward Thomson committed
    • httpclient: read_body should return 0 at EOF · 570f0340
      When users call `git_http_client_read_body`, it should return 0 at the
      end of a message.  When the `on_message_complete` callback is called,
      this will set `client->state` to `DONE`.  In our read loop, we look for
      this condition and exit.
      
      Without this, when there is no data left except the end of message chunk
      (`0\r\n`) in the http stream, we would block by reading the three bytes
      off the stream but not making progress in any `on_body` callbacks.
      Listening to the `on_message_complete` callback allows us to stop trying
      to read from the socket when we've read the end of message chunk.
      Edward Thomson committed
  27. 26 Mar, 2020 1 commit
  28. 05 Mar, 2020 1 commit
    • httpclient: use a 16kb read buffer for macOS · 502e5d51
      Use a 16kb read buffer for compatibility with macOS SecureTransport.
      
      SecureTransport `SSLRead` has the following behavior:
      
      1. It will return _at most_ one TLS packet's worth of data, and
      2. It will try to give you as much data as you asked for
      
      This means that if you call `SSLRead` with a buffer size that is smaller
      than what _it_ reads (in other words, the maximum size of a TLS packet),
      then it will buffer that data for subsequent calls.  However, it will
      also attempt to give you as much data as you requested in your SSLRead
      call.  This means that it will guarantee a network read in the event
      that it has buffered data.
      
      Consider our 8kb buffer and a server sending us 12kb of data on an HTTP
      Keep-Alive session.  Our first `SSLRead` will read the TLS packet off
      the network.  It will return us the 8kb that we requested and buffer the
      remaining 4kb.  Our second `SSLRead` call will see the 4kb that's
      buffered and decide that it could give us an additional 4kb.  So it will
      do a network read.
      
      But there's nothing left to read; that was the end of the data.  The
      HTTP server is waiting for us to provide a new request.  The server will
      eventually time out, our `read` system call will return, `SSLRead` can
      return back to us and we can make progress.
      
      While technically correct, this is wildly ineffecient.  (Thanks, Tim
      Apple!)
      
      Moving us to use an internal buffer that is the maximum size of a TLS
      packet (16kb) ensures that `SSLRead` will never buffer and it will
      always return everything that it read (albeit decrypted).
      Edward Thomson committed