1. 31 Jan, 2020 1 commit
    • fetchhead: strip credentials from remote URL · 93a9044f
      If fetching from an anonymous remote via its URL, then the URL gets
      written into the FETCH_HEAD reference. This is mainly done to give
      valuable context to some commands, like for example git-merge(1), which
      will put the URL into the generated MERGE_MSG. As a result, what gets
      written into FETCH_HEAD may become public in some cases. This is
      especially important considering that URLs may contain credentials, e.g.
      when cloning 'https://foo:bar@example.com/repo' we persist the complete
      URL into FETCH_HEAD and put it without any kind of sanitization into the
      MERGE_MSG. This is obviously bad, as your login data has now just leaked
      as soon as you do git-push(1).
      
      When writing the URL into FETCH_HEAD, upstream git does strip
      credentials first. Let's do the same by trying to parse the remote URL
      as a "real" URL, removing any credentials and then re-formatting the
      URL. In case this fails, e.g. when it's a file path or not a valid URL,
      we just fall back to using the URL as-is without any sanitization. Add
      tests to verify our behaviour.
      Patrick Steinhardt committed
  2. 20 Jul, 2019 1 commit
  3. 22 Jan, 2019 1 commit
  4. 10 Jun, 2018 1 commit
  5. 06 Apr, 2018 1 commit
    • transports: local: fix assert when fetching into repo with symrefs · 6c55fbf3
      When fetching into a repository which has symbolic references via the
      "local" transport we run into an assert. The assert is being triggered
      while we negotiate the packfile between the two repositories. When
      hiding known revisions from the packbuilder revwalk, we unconditionally
      hide all references of the local refdb. In case one of these references
      is a symbolic reference, though, this means we're trying to hide a
      `NULL` OID, which triggers the assert.
      
      Fix the issue by only hiding OID references from the revwalk. Add a test
      to catch this issue in the future.
      Patrick Steinhardt committed
  6. 26 Dec, 2017 2 commits
  7. 19 Nov, 2017 1 commit
  8. 29 Dec, 2016 1 commit
  9. 26 Jun, 2015 1 commit
  10. 25 Jun, 2015 1 commit
  11. 13 May, 2015 2 commits
    • remote: remove url and pushurl from the save logic · 22261344
      As a first step in removing the repository-saving logic, don't allow
      chaning the url or push url from a remote object, but change the
      configuration on the configuration immediately.
      Carlos Martín Nieto committed
    • Remove the callbacks struct from the remote · 8f0104ec
      Having the setting be different from calling its actions was not a great
      idea and made for the sake of the wrong convenience.
      
      Instead of that, accept either fetch options, push options or the
      callbacks when dealing with the remote. The fetch options are currently
      only the callbacks, but more options will be moved from setters and
      getters on the remote to the options.
      
      This does mean passing the same struct along the different functions but
      the typical use-case will only call git_remote_fetch() or
      git_remote_push() and so won't notice much difference.
      Carlos Martín Nieto committed
  12. 03 Mar, 2015 1 commit
    • Remove the signature from ref-modifying functions · 659cf202
      The signature for the reflog is not something which changes
      dynamically. Almost all uses will be NULL, since we want for the
      repository's default identity to be used, making it noise.
      
      In order to allow for changing the identity, we instead provide
      git_repository_set_ident() and git_repository_ident() which allow a user
      to override the choice of signature.
      Carlos Martín Nieto committed
  13. 08 Nov, 2014 1 commit
  14. 30 Sep, 2014 1 commit
  15. 01 Jul, 2014 1 commit
  16. 24 Apr, 2014 1 commit
    • fetchhead: deal with quotes in branch names · bdc82e1c
      The current FETCH_HEAD parsing code assumes that a quote must end the
      branch name. Git however allows for quotes as part of a branch name,
      which causes us to consider the FETCH_HEAD file as invalid.
      
      Instead of searching for a single quote char, search for a quote char
      followed by SP, which is not a valid part of a ref name.
      Carlos Martín Nieto committed
  17. 02 Apr, 2014 1 commit
  18. 14 Nov, 2013 1 commit
  19. 10 Jun, 2013 1 commit
    • Reorganize diff and add basic diff driver · 114f5a6c
      This is a significant reorganization of the diff code to break it
      into a set of more clearly distinct files and to document the new
      organization.  Hopefully this will make the diff code easier to
      understand and to extend.
      
      This adds a new `git_diff_driver` object that looks of diff driver
      information from the attributes and the config so that things like
      function content in diff headers can be provided.  The full driver
      spec is not implemented in the commit - this is focused on the
      reorganization of the code and putting the driver hooks in place.
      
      This also removes a few #includes from src/repository.h that were
      overbroad, but as a result required extra #includes in a variety
      of places since including src/repository.h no longer results in
      pulling in the whole world.
      Russell Belfer committed
  20. 06 Feb, 2013 1 commit
  21. 25 Jan, 2013 1 commit
  22. 19 Dec, 2012 1 commit
  23. 23 Nov, 2012 1 commit
    • Reset all static variables to NULL in clar's __cleanup · 9094d30b
      Without this change, any failed assertion in the second (or a later) test
      inside a test suite has a chance of double deleting memory, resulting in
      a heap corruption. See #1096 for details.
      
      This leaves alone the test cases where we "just" use cl_git_sandbox_init()
      and cl_git_sandbox_cleanup(). These methods already take good care to not
      double delete a repository.
      
      Fixes #1096
      Sascha Cunz committed
  24. 11 Nov, 2012 1 commit