- 31 Jan, 2020 1 commit
-
-
To allow testing against a Kerberos instance, we have added variables for the Kerberos password to allow authentication against LIBGIT2.ORG in commit e5fb5fe5 (ci: perform SPNEGO tests, 2019-10-20). To set up the password, we assign "GITTEST_NEGOTIATE_PASSWORD=$(GITTEST_NEGOTIATE_PASSWORD)" in the environmentVariables section which is then passed through to a template. As the template does build-time expansion of the environment variables, it will expand the above line verbosely, and due to the envVar section not doing any further expansion the password variable will end up with the value "$(GITTEST_NEGOTIATE_PASSWORD)" in the container's environment. Fix this fixed by doing expansion of GITTEST_NEGOTIATE_PASSWORD at build-time, as well.
Patrick Steinhardt committed
-
- 30 Jan, 2020 3 commits
-
-
cred: change enum to git_credential_t and GIT_CREDENTIAL_*
Patrick Steinhardt committed -
Update link to libgit2 Julia language binding
Patrick Steinhardt committed -
ayush-1506 committed
-
- 26 Jan, 2020 1 commit
-
-
We avoid abbreviations where possible; rename git_cred to git_credential. In addition, we have standardized on a trailing `_t` for enum types, instead of using "type" in the name. So `git_credtype_t` has become `git_credential_t` and its members have become `GIT_CREDENTIAL` instead of `GIT_CREDTYPE`. Finally, the source and header files have been renamed to `credential` instead of `cred`. Keep previous name and values as deprecated, and include the new header files from the previous ones.
Edward Thomson committed
-
- 24 Jan, 2020 35 commits
-
-
Return int from non-free functions
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
Stop returning a void for functions, future-proofing them to allow them to fail.
Edward Thomson committed -
HTTP: Support Apache-based servers with Negotiate
Edward Thomson committed -
Disambiguate between general network problems and HTTP problems in error codes.
Edward Thomson committed -
Download poxygit, a debugging git server, and clone from it using NTLM, both IIS-style (with connection affinity) and Apache-style ("broken", requiring constant reauthentication).
Edward Thomson committed -
Edward Thomson committed
-
When tracing is disabled, don't let `git_trace__level` return a void, since that can't be compared against.
Edward Thomson committed -
When we're authenticating with a connection-based authentication scheme (NTLM, Negotiate), we need to make sure that we're still connected between the initial GET where we did the authentication and the POST that we're about to send. Our keep-alive session may have not kept alive, but more likely, some servers do not authenticate the entire keep-alive connection and may have "forgotten" that we were authenticated, namely Apache and nginx. Send a "probe" packet, that is an HTTP POST request to the upload-pack or receive-pack endpoint, that consists of an empty git pkt ("0000"). If we're authenticated, we'll get a 200 back. If we're not, we'll get a 401 back, and then we'll resend that probe packet with the first step of our authentication (asking to start authentication with the given scheme). We expect _yet another_ 401 back, with the authentication challenge. Finally, we will send our authentication response with the actual POST data. This will allow us to authenticate without draining the POST data in the initial request that gets us a 401.
Edward Thomson committed -
Untangle the notion of the http transport from the actual http implementation. The http transport now uses the httpclient.
Edward Thomson committed -
Edward Thomson committed
-
Allow users to opt-in to expect/continue handling when sending a POST and we're authenticated with a "connection-based" authentication mechanism like NTLM or Negotiate. If the response is a 100, return to the caller (to allow them to post their body). If the response is *not* a 100, buffer the response for the caller. HTTP expect/continue is generally safe, but some legacy servers have not implemented it correctly. Require it to be opt-in.
Edward Thomson committed -
Fully support HTTP proxies, in particular CONNECT proxies, that allow us to speak TLS through a proxy.
Edward Thomson committed -
Detect responses that are sent with Transfer-Encoding: chunked, and record that information so that we can consume the entire message body.
Edward Thomson committed -
Store the last-seen credential challenges (eg, all the 'WWW-Authenticate' headers in a response message). Given some credentials, find the best (first) challenge whose mechanism supports these credentials. (eg, 'Basic' supports username/password credentials, 'Negotiate' supports default credentials). Set up an authentication context for this mechanism and these credentials. Continue exchanging challenge/responses until we're authenticated.
Edward Thomson committed -
Edward Thomson committed
-
Introduce a function to format the path and query string for a URL, suitable for creating an HTTP request.
Edward Thomson committed -
When sending a new request, ensure that we got the entirety of the response body. Our caller may have decided that they were done reading. If we were not at the end of the message, this means that we need to tear down the connection and cannot do keep-alive. However, if the caller read all of the message, but we still have a final end-of-response chunk signifier (ie, "0\r\n\r\n") on the socket, then we should consider that the response was successfully copmleted. If we're asked to send a new request, try to read from the socket, just to clear out that end-of-chunk message, marking ourselves as disconnected on any errors.
Edward Thomson committed -
The CLAR_TRACE_LEVEL environment variable was supported when building with GIT_TRACE. Now we always build with GIT_TRACE, but that variable is not provided to tests. Simply support clar tracing always.
Edward Thomson committed -
Teach httpclient how to support chunking when POSTing request bodies.
Edward Thomson committed -
Introduce a new http client implementation that can GET and POST to remote URLs. Consumers can use `git_http_client_init` to create a new client, `git_http_client_send_request` to send a request to the remote server and `git_http_client_read_response` to read the response. The http client implementation will perform the I/O with the remote server (http or https) but does not understand the git smart transfer protocol. This allows us to split the concerns of the http subtransport from the actual http implementation.
Edward Thomson committed -
Edward Thomson committed
-
Allow users to consume a buffer by the number of bytes, not just to an ending pointer.
Edward Thomson committed -
Provide a mechanism to add a path and query string to an existing url so that we can easily append `/info/refs?...` type url segments to a url given to us by a user.
Edward Thomson committed -
Move the redirect handling into `git_net_url` for consistency.
Edward Thomson committed -
(Also, mark all the declarations as extern.)
Edward Thomson committed -
Clarify what it means to not send a length; this allows us to refactor requests further.
Edward Thomson committed
-