- 13 Feb, 2015 4 commits
-
-
Make our overflow checking look more like gcc and clang's, so that we can substitute it out with the compiler instrinsics on platforms that support it. This means dropping the ability to pass `NULL` as an out parameter. As a result, the macros also get updated to reflect this as well.
Edward Thomson committed -
Use `size_t` to hold the size of arrays to ease overflow checking, lest we check for overflow of a `size_t` then promptly truncate by packing the length into a smaller type.
Edward Thomson committed -
Introduce `git_buf_grow_by` to incrementally increase the size of a `git_buf`, performing an overflow calculation on the growth.
Edward Thomson committed -
Introduce some helper macros to test integer overflow from arithmetic and set error message appropriately.
Edward Thomson committed
-
- 29 Dec, 2014 1 commit
-
-
Jacques Germishuys committed
-
- 16 Dec, 2014 1 commit
-
-
Pretend we have a git process at the other end by creating a similar progress output when inserting objects into the packbuilder.
Carlos Martín Nieto committed
-
- 10 Dec, 2014 5 commits
-
-
Carlos Martín Nieto committed
-
Most of the network-facing facilities have been copied to the socket and openssl streams. No code now uses these functions directly anymore, so we can now remove them.
Carlos Martín Nieto committed -
Having an ssh stream would require extra work for stream capabilities we don't need anywhere else (oob auth and command execution) so for now let's move away from the gitno connection to use socket_stream. We can introduce an ssh stream interface if and as we need it.
Carlos Martín Nieto committed -
Carlos Martín Nieto committed
-
Carlos Martín Nieto committed
-
- 09 Dec, 2014 1 commit
-
-
Edward Thomson committed
-
- 03 Dec, 2014 1 commit
-
-
Edward Thomson committed
-
- 23 Nov, 2014 2 commits
-
-
We no longer have NULL strings, but empty ones and duplicate the sides if necessar, so the first check will never do anything. While in the area, remove unnecessary ifs and early returns.
Carlos Martín Nieto committed -
Valgrind is now clean except for libssl and libgcrypt.
Carlos Martín Nieto committed
-
- 19 Nov, 2014 1 commit
-
-
When we fetch twice with the same remote object, we did not properly clear the connection flags, so we would leak state from the last connection. This can cause the second fetch with the same remote object to fail if using a HTTP URL where the server redirects to HTTPS, as the second fetch would see `use_ssl` set and think the initial connection wanted to downgrade the connection.
Carlos Martín Nieto committed
-
- 09 Nov, 2014 1 commit
-
-
There is one well-known and well-tested parser which we should use, instead of implementing parsing a second time. The common parser is also augmented to copy the LHS into the RHS if the latter is empty. The expressions test had to change a bit, as we now catch a bad RHS of a refspec locally.
Carlos Martín Nieto committed
-
- 27 Oct, 2014 3 commits
-
-
Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth committed -
Edward Thomson committed
-
Edward Thomson committed
-
- 22 Sep, 2014 1 commit
-
-
Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth committed
-
- 16 Sep, 2014 15 commits
-
-
This brings us back in line with the other transports.
Carlos Martín Nieto committed -
The user may have the data hashed as MD5 or SHA-1, so we should provide both types for consumption.
Carlos Martín Nieto committed -
Instead of using the libssh2 defines, provide our own, which eases usage as we do not need to check whether libgit2 was built with libssh2 or not.
Carlos Martín Nieto committed -
Instead of spreading the data in function arguments, some of which aren't used for ssh and having a struct only for ssh, use a struct for both, using a common parent to pass to the callback.
Carlos Martín Nieto committed -
This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.
Carlos Martín Nieto committed -
If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.
Carlos Martín Nieto committed -
We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.
Carlos Martín Nieto committed -
If we're not using SSL, don't call the user's certificate check callback.
Carlos Martín Nieto committed -
On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
Carlos Martín Nieto committed -
Returning 0 lets the certificate check succeed. An error code is bubbled up to the user.
Carlos Martín Nieto committed -
We know the host's key as soon as we connect, so we should perform the check as soon as we can, before we bother with the user's credentials.
Carlos Martín Nieto committed -
We should let the user decide whether to cancel the connection or not regardless of whether our checks have decided that the certificate is fine. We provide our own assessment to the callback to let the user fall back to our checks if they so desire.
Carlos Martín Nieto committed -
Instead of the parsed data, we can ask OpenSSL to give us the DER-encoded version of the certificate, which the user can then parse and validate.
Carlos Martín Nieto committed -
If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.
Carlos Martín Nieto committed -
Ciro Santilli committed
-
- 04 Sep, 2014 1 commit
-
-
When the call to the agent fails, we must retrieve the error message just after the function call, as other calls may overwrite it. As the agent authentication is the only one which has a teardown and there does not seem to be a way to get the error message from a stored error number, this tries to introduce some small changes to store the error from the agent. Clearing the error at the beginning of the loop lets us know whether the agent has already set the libgit2 error message and we should skip it, or if we should set it.
Carlos Martín Nieto committed
-
- 02 Sep, 2014 1 commit
-
-
Arkady Shapkin committed
-
- 27 Aug, 2014 2 commits
-
-
nulltoken committed
-
Set timeout on remote (WinHTTP) should return error in case of failure. Connection timeout set to 1 minute. Read/Write timeout remains set to infinite #2147
Rafal Nowosielski committed
-