- 26 Sep, 2014 1 commit
-
-
Jacques Germishuys committed
-
- 24 Sep, 2014 2 commits
-
-
Jacques Germishuys committed
-
Carlos Martín Nieto committed
-
- 17 Sep, 2014 13 commits
-
-
Factor 40 and 41 constants from source.
Vicent Marti committed -
It looks like what Travis wants is a list of hashes, rather than a hash with a list.
Carlos Martín Nieto committed -
Fix `git_path_walk_up` to work with non-rooted paths
Vicent Marti committed -
The rugged tests are fragile committed
-
Carlos Martín Nieto committed
-
Replace void casts with GIT_UNUSED.
Vicent Marti committed -
The rugged tests are fragile committed
-
The rugged tests are fragile committed
-
Ciro Santilli committed
-
The rugged tests are fragile committed
-
The rugged tests are fragile committed
-
Provide a callback for certificate validation
Vicent Marti committed -
Carlos Martín Nieto committed
-
- 16 Sep, 2014 24 commits
-
-
travis: run valgrind only once
Vicent Marti committed -
Instead of running valgrind on each job, half of which are in release mode and don't have much usable information for valgrind, perform an debug build as part of allowed_failures and run valgrind on that one, which should speed up the feedback we get from the builds.
Carlos Martín Nieto committed -
Skip it before we attempt to clone, as we would exit with -1 on systems which do not have sshd running.
Carlos Martín Nieto committed -
This brings us back in line with the other transports.
Carlos Martín Nieto committed -
The user may have the data hashed as MD5 or SHA-1, so we should provide both types for consumption.
Carlos Martín Nieto committed -
Instead of using the libssh2 defines, provide our own, which eases usage as we do not need to check whether libgit2 was built with libssh2 or not.
Carlos Martín Nieto committed -
Carlos Martín Nieto committed
-
Instead of spreading the data in function arguments, some of which aren't used for ssh and having a struct only for ssh, use a struct for both, using a common parent to pass to the callback.
Carlos Martín Nieto committed -
Carlos Martín Nieto committed
-
Test that the certificate check callback gets the right fingerprint from the host we're connecting to.
Carlos Martín Nieto committed -
This option make it easy to ignore anything about the server we're connecting to, which is bad security practice. This was necessary as we didn't use to expose detailed information about the certificate, but now that we do, we should get rid of this. If the user wants to ignore everything, they can still provide a callback which ignores all the information passed.
Carlos Martín Nieto committed -
This should make the mingw compiler happy.
Carlos Martín Nieto committed -
If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.
Carlos Martín Nieto committed -
We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.
Carlos Martín Nieto committed -
If we're not using SSL, don't call the user's certificate check callback.
Carlos Martín Nieto committed -
On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
Carlos Martín Nieto committed -
Returning 0 lets the certificate check succeed. An error code is bubbled up to the user.
Carlos Martín Nieto committed -
We know the host's key as soon as we connect, so we should perform the check as soon as we can, before we bother with the user's credentials.
Carlos Martín Nieto committed -
We should let the user decide whether to cancel the connection or not regardless of whether our checks have decided that the certificate is fine. We provide our own assessment to the callback to let the user fall back to our checks if they so desire.
Carlos Martín Nieto committed -
Carlos Martín Nieto committed
-
Instead of the parsed data, we can ask OpenSSL to give us the DER-encoded version of the certificate, which the user can then parse and validate.
Carlos Martín Nieto committed -
If the certificate validation fails (or always in the case of ssh), let the user decide whether to allow the connection. The data structure passed to the user is the native certificate information from the underlying implementation, namely OpenSSL or WinHTTP.
Carlos Martín Nieto committed -
Fix typo
Vicent Marti committed -
No files merged may result in bogus merge conflict error
Vicent Marti committed
-