1. 06 Oct, 2020 1 commit
  2. 01 Jun, 2020 2 commits
  3. 07 Feb, 2020 1 commit
    • transports: http: fix custom headers not being applied · 46228d86
      In commit b9c5b15a (http: use the new httpclient, 2019-12-22), the HTTP
      code got refactored to extract a generic HTTP client that operates
      independently of the Git protocol. Part of refactoring was the creation
      of a new `git_http_request` struct that encapsulates the generation of
      requests. Our Git-specific HTTP transport was converted to use that in
      `generate_request`, but during the process we forgot to set up custom
      headers for the `git_http_request` and as a result we do not send out
      these headers anymore.
      
      Fix the issue by correctly setting up the request's custom headers and
      add a test to verify we correctly send them.
      Patrick Steinhardt committed
  4. 31 Jan, 2020 1 commit
    • fetchhead: strip credentials from remote URL · 93a9044f
      If fetching from an anonymous remote via its URL, then the URL gets
      written into the FETCH_HEAD reference. This is mainly done to give
      valuable context to some commands, like for example git-merge(1), which
      will put the URL into the generated MERGE_MSG. As a result, what gets
      written into FETCH_HEAD may become public in some cases. This is
      especially important considering that URLs may contain credentials, e.g.
      when cloning 'https://foo:bar@example.com/repo' we persist the complete
      URL into FETCH_HEAD and put it without any kind of sanitization into the
      MERGE_MSG. This is obviously bad, as your login data has now just leaked
      as soon as you do git-push(1).
      
      When writing the URL into FETCH_HEAD, upstream git does strip
      credentials first. Let's do the same by trying to parse the remote URL
      as a "real" URL, removing any credentials and then re-formatting the
      URL. In case this fails, e.g. when it's a file path or not a valid URL,
      we just fall back to using the URL as-is without any sanitization. Add
      tests to verify our behaviour.
      Patrick Steinhardt committed
  5. 26 Jan, 2020 1 commit
    • credential: change git_cred to git_credential · 3f54ba8b
      We avoid abbreviations where possible; rename git_cred to
      git_credential.
      
      In addition, we have standardized on a trailing `_t` for enum types,
      instead of using "type" in the name.  So `git_credtype_t` has become
      `git_credential_t` and its members have become `GIT_CREDENTIAL` instead
      of `GIT_CREDTYPE`.
      
      Finally, the source and header files have been renamed to `credential`
      instead of `cred`.
      
      Keep previous name and values as deprecated, and include the new header
      files from the previous ones.
      Edward Thomson committed
  6. 24 Jan, 2020 2 commits
  7. 24 Nov, 2019 1 commit
    • test: add an azure repos test · 0005c77a
      We currently talk to Azure Repos for executing an online test
      (online::clone::path_whitespace).  Add a simpler test to talk to Azure
      Repos to make it obvious that strange test failures are not likely the
      whitespace in the path, but actually a function of talking to Azure
      Repos itself.
      Edward Thomson committed
  8. 13 Aug, 2019 1 commit
  9. 12 Aug, 2019 1 commit
  10. 25 Jul, 2019 1 commit
  11. 24 Jul, 2019 1 commit
  12. 20 Jul, 2019 1 commit
  13. 24 Jun, 2019 1 commit
  14. 10 Jun, 2019 2 commits
    • winhttp: support default credentials for proxies · 3d11b6c5
      We did not properly support default credentials for proxies, only for
      destination servers.  Refactor the credential handling to support sending
      either username/password _or_ default credentials to either the proxy or
      the destination server.
      
      This actually shares the authentication logic between proxy servers and
      destination servers.  Due to copy/pasta drift over time, they had
      diverged.  Now they share a common logic which is: first, use
      credentials specified in the URL (if there were any), treating empty
      username and password (ie, "http://:@foo.com/") as default credentials,
      for compatibility with git.  Next, call the credential callbacks.
      Finally, fallback to WinHTTP compatibility layers using built-in
      authentication like we always have.
      
      Allowing default credentials for proxies requires moving the security
      level downgrade into the credential setting routines themselves.
      We will update our security level to "high" by default which means that
      we will never send default credentials without prompting.  (A lower
      setting, like the WinHTTP default of "medium" would allow WinHTTP to
      handle credentials for us, despite what a user may have requested with
      their structures.)  Now we start with "high" and downgrade to "low" only
      after a user has explicitly requested default credentials.
      Edward Thomson committed
    • network: don't add arbitrary url rules · 757411a0
      There's no reason a git repository couldn't be at the root of a server,
      and URLs should have an implicit path of '/' when one is not specified.
      Edward Thomson committed
  15. 05 Jun, 2019 1 commit
    • online tests: use gitlab for auth failures · e66a4eb3
      GitHub recently changed their behavior from returning 401s for private
      or nonexistent repositories on a clone to returning 404s.  For our tests
      that require an auth failure (and 401), move to GitLab to request a
      missing repository.  This lets us continue to test our auth failure
      case, at least until they decide to mimic that decision.
      Edward Thomson committed
  16. 21 May, 2019 1 commit
  17. 22 Feb, 2019 1 commit
  18. 22 Jan, 2019 1 commit
  19. 17 Jan, 2019 1 commit
  20. 14 Jan, 2019 1 commit
  21. 28 Nov, 2018 5 commits
  22. 22 Sep, 2018 1 commit
  23. 20 Jul, 2018 2 commits
  24. 10 Jun, 2018 1 commit
  25. 20 Mar, 2018 1 commit
  26. 19 Mar, 2018 1 commit
    • online::clone: skip creds fallback test · 03c58778
      At present, we have three online tests against bitbucket: one which
      specifies the credentials in the payload, one which specifies the
      correct credentials in the URL and a final one that specifies the
      incorrect credentials in the URL.  Bitbucket has begun responding to the
      latter test with a 403, which causes us to fail.
      
      Break these three tests into separate tests so that we can skip the
      latter until this is resolved on Bitbucket's end or until we can change
      the test to a different provider.
      Edward Thomson committed
  27. 28 Feb, 2018 1 commit
  28. 18 Jan, 2018 1 commit
  29. 03 Jan, 2018 2 commits
    • tests: online::clone: inline creds-test with nonexistent URL · 54a1bf05
      Right now, we test our credential callback code twice, once via SSH on
      localhost and once via a non-existent GitHub repository. While the first
      URL makes sense to be configurable, it does not make sense to hard-code
      the non-existing repository, which requires us to call tests multiple
      times. Instead, we can just inline the URL into another set of tests.
      Patrick Steinhardt committed
    • tests: online::clone: construct credential-URL from environment · fea60920
      We support two types of passing credentials to the proxy, either via the
      URL or explicitly by specifying user and password. We test these types
      by modifying the proxy URL and executing the tests twice, which is
      in fact unnecessary and requires us to maintain the list of environment
      variables and test executions across multiple CI infrastructures.
      
      To fix the situation, we can just always pass the host, port, user and
      password to the tests. The tests can then assemble the complete URL
      either with or without included credentials, allowing us to test both
      cases in-process.
      Patrick Steinhardt committed
  30. 21 Jun, 2017 1 commit
  31. 05 May, 2017 1 commit