1. 17 Oct, 2021 1 commit
    • str: introduce `git_str` for internal, `git_buf` is external · f0e693b1
      libgit2 has two distinct requirements that were previously solved by
      `git_buf`.  We require:
      
      1. A general purpose string class that provides a number of utility APIs
         for manipulating data (eg, concatenating, truncating, etc).
      2. A structure that we can use to return strings to callers that they
         can take ownership of.
      
      By using a single class (`git_buf`) for both of these purposes, we have
      confused the API to the point that refactorings are difficult and
      reasoning about correctness is also difficult.
      
      Move the utility class `git_buf` to be called `git_str`: this represents
      its general purpose, as an internal string buffer class.  The name also
      is an homage to Junio Hamano ("gitstr").
      
      The public API remains `git_buf`, and has a much smaller footprint.  It
      is generally only used as an "out" param with strict requirements that
      follow the documentation.  (Exceptions exist for some legacy APIs to
      avoid breaking callers unnecessarily.)
      
      Utility functions exist to convert a user-specified `git_buf` to a
      `git_str` so that we can call internal functions, then converting it
      back again.
      Edward Thomson committed
  2. 04 Sep, 2021 1 commit
    • common: support custom repository extensions · a24e656a
      Allow users to specify additional repository extensions that they want
      to support.  For example, callers can specify that they support
      `preciousObjects` and then may open repositories that support
      `extensions.preciousObjects`.
      
      Similarly, callers may opt out of supporting extensions that the library
      itself supports.
      Edward Thomson committed
  3. 30 Aug, 2021 1 commit
  4. 24 Aug, 2021 1 commit
    • openssl: dynamically load libssl and symbols (optionally) · 0903cac1
      Provide an interface around OpenSSL to dynamically load the libraries
      and symbols, so that users can distribute a libgit2 library that is not
      linked directly against OpenSSL.  This enables users to target multiple
      distributions with a single binary.
      
      This mechanism is optional and disabled by default.  Configure cmake
      with -DUSE_HTTPS=OpenSSL-Dynamic to use it.
      Edward Thomson committed
  5. 30 Jul, 2021 1 commit
    • odb: Implement option for overriding of default odb backend priority · cd460522
      Introduce GIT_OPT_SET_ODB_LOOSE_PRIORITY and GIT_OPT_SET_ODB_PACKED_PRIORITY
      to allow overriding the default priority values for the default ODB
      backends. Libgit2 has historically assumed that most objects for long-
      running operations will be packed, therefore GIT_LOOSE_PRIORITY is
      set to 1 by default, and GIT_PACKED_PRIORITY to 2.
      When a client allows libgit2 to set the default backends, they can
      specify an override for the two priority values in order to change
      the order in which each ODB backend is accessed.
      Tony De La Nuez committed
  6. 09 Dec, 2020 1 commit
  7. 06 Dec, 2020 1 commit
  8. 25 Nov, 2020 1 commit
  9. 21 Nov, 2020 2 commits
  10. 11 Oct, 2020 9 commits
  11. 08 Oct, 2020 1 commit
  12. 29 Nov, 2019 1 commit
    • global: convert to fiber-local storage to fix exit races · 5c6180b5
      On Windows platforms, we automatically clean up the thread-local storage
      upon detaching a thread via `DllMain()`. The thing is that this happens
      for every thread of applications that link against the libgit2 DLL, even
      those that don't have anything to do with libgit2 itself. As a result,
      we cannot assume that these unsuspecting threads make use of our
      `git_libgit2_init()` and `git_libgit2_shutdow()` reference counting,
      which may lead to racy situations:
      
          Thread 1                    Thread 2
      
          git_libgit2_shutdown()
                                      DllMain(DETACH_THREAD)
                                      git__free_tls_data()
          git_atomic_dec() == 0
          git__free_tls_data()
          TlsFree(_tls_index)
                                      TlsGetValue(_tls_index)
      
      Due to the second thread never having executed `git_libgit2_init()`, the
      first thread will clean up TLS data and as a result also free the
      `_tls_index` variable. When detaching the second thread, we
      unconditionally access the now-free'd `_tls_index` variable, which is
      obviously not going to work out well.
      
      Fix the issue by converting the code to use fiber-local storage instead
      of thread-local storage. While FLS will behave the exact same as TLS if
      no fibers are in use, it does allow us to specify a destructor similar
      to the one that is accepted by pthread_key_create(3P). Like this, we do
      not have to manually free indices anymore, but will let the FLS handle
      calling the destructor. This allows us to get rid of `DllMain()`
      completely, as we only used it to keep track of when threads were
      exiting and results in an overall simplification of TLS cleanup.
      Patrick Steinhardt committed
  13. 02 Jan, 2019 1 commit
    • global: move init callbacks into an array · b46c3594
      We currently have an explicit callchain of all the initialization
      callbacks in our `init_common` function. This is perfectly fine, but
      requires us to manually keep track of how many shutdown callbacks there
      may be installed: to avoid allocations before libgit2 is fully
      initialized, we assume that every initializer may register at most one
      shutdown function. These shutdown functions are stored in a static array
      of size `MAX_SHUTDOWN_CB`, which then needs to be updated manually
      whenever a new initializer function is being added.
      
      The situation can be easily fixed: convert the callchain of init
      functions into an array and iterate over it to initialize all
      subsystems. This allows us to define the `git__shutdown_callbacks` array
      with the same size as the initializer array and rids us of the need to
      always update `MAX_SHUTDOWN_CB`.
      Patrick Steinhardt committed
  14. 28 Nov, 2018 3 commits
    • stream: provide generic registration API · df2cc108
      Update the new stream registration API to be `git_stream_register`
      which takes a registration structure and a TLS boolean.  This allows
      callers to register non-TLS streams as well as TLS streams.
      
      Provide `git_stream_register_tls` that takes just the init callback for
      backward compatibliity.
      Edward Thomson committed
    • http: remove cURL · 21142c5a
      We previously used cURL to support HTTP proxies.  Now that we've added
      this support natively, we can remove the curl dependency.
      Edward Thomson committed
    • tls: introduce a wrap function · 43b592ac
      Introduce `git_tls_stream_wrap` which will take an existing `stream`
      with an already connected socket and begin speaking TLS on top of it.
      This is useful if you've built a connection to a proxy server and you
      wish to begin CONNECT over it to tunnel a TLS connection.
      
      Also update the pluggable TLS stream layer so that it can accept a
      registration structure that provides an `init` and `wrap` function,
      instead of a single initialization function.
      Edward Thomson committed
  15. 07 Jun, 2018 1 commit
    • alloc: make memory allocators use function pointers · 9865cd16
      Currently, our memory allocators are being redirected to the correct
      implementation at compile time by simply using macros. In order to make
      them swappable at runtime, this commit reshuffles that by instead making
      use of a global "git_allocator" structure, whose pointers are set up to
      reference the allocator functions. Like this, it becomes easy to swap
      out allocators by simply setting these function pointers.
      
      In order to initialize a "git_allocator", our provided allocators
      "stdalloc" and "crtdbg" both provide an init function. This is being
      called to initialize a passed in allocator struct and set up its members
      correctly.
      
      No support is yet included to enable users of libgit2 to switch out the
      memory allocator at a global level.
      Patrick Steinhardt committed
  16. 04 May, 2018 1 commit
    • global: adjust init count under lock · 0933fdc5
      Our global initialization functions `git_libgit2_init()` and
      `git_libgit2_shutdown()` both adjust a global init counter to determine
      whether we are the first respectively last user of libgit2. On
      Unix-systems do not do so under lock, though, which opens the
      possibility of a race between these two functions:
      
          Thread 1                            Thread 2
                                  git__n_inits = 0;
          git_libgit2_init();
          git_atomic_inc(&git__n_inits);
          /* git__n_inits == 1 */
                                              git_libgit2_shutdown();
                                              if (git_atomic_dec(&git__n_inits) != 0)
                                                  /* git__n_inits == 0, no early exit here */
                                              pthread_mutex_lock(&_init_mutex);
                                              shutdown_common();
                                              pthread_mutex_unlock(&_init_mutex);
          pthread_mutex_lock(&_init_mutex);
          init_once();
          pthread_mutex_unlock(&_init_mutex);
      
      So we can end up in a situation where we try to shutdown shared data
      structures before they have been initialized.
      
      Fix the race by always locking `_init_mutex` before incrementing or
      decrementing `git__n_inits`.
      Patrick Steinhardt committed
  17. 11 Apr, 2018 1 commit
  18. 28 Feb, 2018 1 commit
    • curl: explicitly initialize and cleanup global curl state · 2022b004
      Our curl-based streams make use of the easy curl interface. This
      interface automatically initializes and de-initializes the global curl
      state by calling out to `curl_global_init` and `curl_global_cleanup`.
      Thus, all global state will be repeatedly re-initialized when creating
      multiple curl streams in succession. Despite being inefficient, this is
      not thread-safe due to `curl_global_init` being not thread-safe itself.
      Thus a multi-threaded programing handling multiple curl streams at the
      same time is inherently racy.
      
      Fix the issue by globally initializing and cleaning up curl's state.
      Patrick Steinhardt committed
  19. 23 Oct, 2017 1 commit
  20. 03 Jul, 2017 1 commit
    • Make sure to always include "common.h" first · 0c7f49dd
      Next to including several files, our "common.h" header also declares
      various macros which are then used throughout the project. As such, we
      have to make sure to always include this file first in all
      implementation files. Otherwise, we might encounter problems or even
      silent behavioural differences due to macros or defines not being
      defined as they should be. So in fact, our header and implementation
      files should make sure to always include "common.h" first.
      
      This commit does so by establishing a common include pattern. Header
      files inside of "src" will now always include "common.h" as its first
      other file, separated by a newline from all the other includes to make
      it stand out as special. There are two cases for the implementation
      files. If they do have a matching header file, they will always include
      this one first, leading to "common.h" being transitively included as
      first file. If they do not have a matching header file, they instead
      include "common.h" as first file themselves.
      
      This fixes the outlined problems and will become our standard practice
      for header and source files inside of the "src/" from now on.
      Patrick Steinhardt committed
  21. 02 May, 2017 1 commit
  22. 02 Nov, 2016 1 commit
    • global: reset global state on shutdown without threading · 038f0e1b
      When threading is not enabled for libgit2, we keep global state
      in a simple static variable. When libgit2 is shut down, we clean
      up the global state by freeing the global state's dynamically
      allocated memory. When libgit2 is built with threading, we
      additionally free the thread-local storage and thus completely
      remove the global state. In a non-threaded build, though, we
      simply leave the global state as-is, which may result in an error
      upon reinitializing libgit2.
      
      Fix the issue by zeroing out the variable on a shutdown, thus
      returning it to its initial state.
      Patrick Steinhardt committed
  23. 01 Nov, 2016 1 commit
    • global: synchronize initialization and shutdown with pthreads · 59c6c286
      When trying to initialize and tear down global data structures
      from different threads at once with `git_libgit2_init` and
      `git_libgit2_shutdown`, we race around initializing data. While
      we use `pthread_once` to assert that we only initilize data a
      single time, we actually reset the `pthread_once_t` on the last
      call to `git_libgit2_shutdown`. As resetting this variable is not
      synchronized with other threads trying to access it, this is
      actually racy when one thread tries to do a complete shutdown of
      libgit2 while another thread tries to initialize it.
      
      Fix the issue by creating a mutex which synchronizes `init_once`
      and the library shutdown.
      Patrick Steinhardt committed
  24. 04 Aug, 2016 1 commit
  25. 20 Jun, 2016 1 commit
  26. 07 Jun, 2016 1 commit
    • global: clean up crt only after freeing tls data · 432af52b
      The thread local storage is used to hold some global state that
      is dynamically allocated and should be freed upon exit. On
      Windows, we clean up the C run-time right after execution of
      registered shutdown callbacks and before cleaning up the TLS.
      
      When we clean up the CRT, we also cause it to analyze for memory
      leaks. As we did not free the TLS yet this will lead to false
      positives.
      
      Fix the issue by first freeing the TLS and cleaning up the CRT
      only afterwards.
      Patrick Steinhardt committed
  27. 01 Jun, 2016 1 commit
  28. 18 Mar, 2016 1 commit
  29. 17 Mar, 2016 1 commit