1. 23 Feb, 2022 1 commit
  2. 03 Feb, 2022 1 commit
  3. 30 Aug, 2021 1 commit
  4. 27 Nov, 2020 1 commit
  5. 11 Oct, 2020 1 commit
  6. 31 Jan, 2019 4 commits
    • mbedtls: fix potential size overflow when reading or writing data · 0ceac0d0
      The mbedtls library uses a callback mechanism to allow downstream users
      to plug in their own receive and send functions. We implement `bio_read`
      and `bio_write` functions, which simply wrap the `git_stream_read` and
      `git_stream_write` functions, respectively.
      
      The problem arises due to the return value of the callback functions:
      mbedtls expects us to return an `int` containing the actual number of
      bytes that were read or written. But this is in fact completely
      misdesigned, as callers are allowed to pass in a buffer with length
      `SIZE_MAX`. We thus may be unable to represent the number of bytes
      written via the return value.
      
      Fix this by only ever reading or writing at most `INT_MAX` bytes.
      Patrick Steinhardt committed
    • mbedtls: make global variables static · 75918aba
      The mbedtls stream implementation makes use of some global variables
      which are not marked as `static`, even though they're only used in this
      compilation unit. Fix this and remove a duplicate declaration.
      Patrick Steinhardt committed
    • streams: handle short writes only in generic stream · 7613086d
      Now that the function `git_stream__write_full` exists and callers of
      `git_stream_write` have been adjusted, we can lift logic for short
      writes out of the stream implementations. Instead, this is now handled
      either by `git_stream__write_full` or by callers of `git_stream_write`
      directly.
      Patrick Steinhardt committed
    • streams: make file-local functions static · 193e7ce9
      The callback functions that implement the `git_stream` structure are
      only used inside of their respective implementation files, but they are
      not marked as `static`. Fix this.
      Patrick Steinhardt committed
  7. 25 Jan, 2019 1 commit
    • streams: don't write more than SSIZE_MAX · f1986a23
      Our streams implementation takes a `size_t` that indicates the length of
      the data buffer to be written, and returns an `ssize_t` that indicates
      the length that _was_ written.  Clearly no such implementation can write
      more than `SSIZE_MAX` bytes.  Ensure that each TLS stream implementation
      does not try to write more than `SSIZE_MAX` bytes (or smaller; if the
      given implementation takes a smaller size).
      Edward Thomson committed
  8. 22 Jan, 2019 1 commit
  9. 28 Nov, 2018 3 commits
    • http: remove cURL · 21142c5a
      We previously used cURL to support HTTP proxies.  Now that we've added
      this support natively, we can remove the curl dependency.
      Edward Thomson committed
    • streams: remove unused tls functions · 2878ad08
      The implementations of git_openssl_stream_new and
      git_mbedtls_stream_new have callers protected by #ifdefs and
      are never called unless compiled in.  There's no need for a
      dummy implementation.  Remove them.
      Edward Thomson committed
    • tls: introduce a wrap function · 43b592ac
      Introduce `git_tls_stream_wrap` which will take an existing `stream`
      with an already connected socket and begin speaking TLS on top of it.
      This is useful if you've built a connection to a proxy server and you
      wish to begin CONNECT over it to tunnel a TLS connection.
      
      Also update the pluggable TLS stream layer so that it can accept a
      registration structure that provides an `init` and `wrap` function,
      instead of a single initialization function.
      Edward Thomson committed
  10. 26 Jul, 2018 1 commit
    • mbedtls: remove unused variable "cacert" · d4198d4d
      In commit 382ed1e8 (mbedtls: load default CA certificates, 2018-03-29),
      the function `git_mbedtls_stream_global_init` was refactored to call out
      to `git_mbedtls__set_cert_location` instead of setting up the
      certificates itself. The conversion forgot to remove the now-unused
      "cacert" variable, which is now only getting declared to be free'd at
      the end of the function. Remove it.
      Patrick Steinhardt committed
  11. 21 Jul, 2018 4 commits
  12. 13 Jul, 2018 1 commit
    • mbedtls: fix `inline` being used in mbedtls headers · d19381e2
      The mbedtls headers make direct use of the `inline` attribute to
      instruct the compiler to inline functions. As this function is not C90
      compliant, this can cause the compiler to error as soon as any of these
      files is included and the `-std=c90` flag is being added.
      
      The mbedtls headers declaring functions as inline always have a prelude
      which define `inline` as a macro in case it is not yet defined. Thus, we
      can easily replace their define with our own define, which simply copies
      the logic of our own `GIT_INLINE` macro.
      Patrick Steinhardt committed
  13. 11 Apr, 2018 9 commits