diff options
author | Edward Thomson <ethomson@edwardthomson.com> | 2018-10-29 10:04:48 +0000 |
---|---|---|
committer | Edward Thomson <ethomson@edwardthomson.com> | 2018-11-28 15:46:57 +0000 |
commit | 21142c5a61fca0d44cbf51824dbe28f6324229e8 (patch) | |
tree | 600520d7e63b597e951cbfc744c765d4e5b10932 | |
parent | 2878ad08316155bfaf7b2d7b3204aece13c9936a (diff) | |
download | libgit2-21142c5a61fca0d44cbf51824dbe28f6324229e8.tar.gz |
http: remove cURL
We previously used cURL to support HTTP proxies. Now that we've added
this support natively, we can remove the curl dependency.
-rw-r--r-- | CMakeLists.txt | 1 | ||||
-rw-r--r-- | src/CMakeLists.txt | 11 | ||||
-rw-r--r-- | src/features.h.in | 1 | ||||
-rw-r--r-- | src/global.c | 2 | ||||
-rw-r--r-- | src/streams/curl.c | 385 | ||||
-rw-r--r-- | src/streams/curl.h | 17 | ||||
-rw-r--r-- | src/streams/mbedtls.c | 12 | ||||
-rw-r--r-- | src/streams/openssl.c | 12 | ||||
-rw-r--r-- | src/streams/stransport.c | 5 | ||||
-rw-r--r-- | src/transports/http.c | 23 |
10 files changed, 2 insertions, 467 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index b8aa16334..fa5456e6c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -60,7 +60,6 @@ OPTION(USE_HTTPS "Enable HTTPS support. Can be set to a specific backend" ON) OPTION(USE_GSSAPI "Link with libgssapi for SPNEGO auth" OFF) OPTION(USE_STANDALONE_FUZZERS "Enable standalone fuzzers (compatible with gcc)" OFF) OPTION(VALGRIND "Configure build for valgrind" OFF) -OPTION(CURL "Use curl for HTTP if available" ON) OPTION(USE_EXT_HTTP_PARSER "Use system HTTP_Parser if available" ON) OPTION(DEBUG_POOL "Enable debug pool allocator" OFF) OPTION(ENABLE_WERROR "Enable compilation with -Werror" OFF) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 8ba3aa590..5ad8b1447 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -125,17 +125,6 @@ IF (WIN32 AND WINHTTP) LIST(APPEND LIBGIT2_LIBS "rpcrt4" "crypt32" "ole32") LIST(APPEND LIBGIT2_PC_LIBS "-lrpcrt4" "-lcrypt32" "-lole32") -ELSE () - IF (CURL) - FIND_PKGLIBRARIES(CURL libcurl) - ENDIF () - IF (CURL_FOUND) - SET(GIT_CURL 1) - LIST(APPEND LIBGIT2_SYSTEM_INCLUDES ${CURL_INCLUDE_DIRS}) - LIST(APPEND LIBGIT2_LIBS ${CURL_LIBRARIES}) - LIST(APPEND LIBGIT2_PC_LIBS ${CURL_LDFLAGS}) - ENDIF() - ADD_FEATURE_INFO(cURL GIT_CURL "cURL for HTTP proxy support") ENDIF() IF (USE_HTTPS) diff --git a/src/features.h.in b/src/features.h.in index f414c5843..694a61c02 100644 --- a/src/features.h.in +++ b/src/features.h.in @@ -22,7 +22,6 @@ #cmakedefine GIT_GSSAPI 1 #cmakedefine GIT_WINHTTP 1 -#cmakedefine GIT_CURL 1 #cmakedefine GIT_HTTPS 1 #cmakedefine GIT_OPENSSL 1 diff --git a/src/global.c b/src/global.c index fabe5f201..51d34f61b 100644 --- a/src/global.c +++ b/src/global.c @@ -13,7 +13,6 @@ #include "filter.h" #include "merge_driver.h" #include "streams/tls.h" -#include "streams/curl.h" #include "streams/mbedtls.h" #include "streams/openssl.h" #include "thread-utils.h" @@ -70,7 +69,6 @@ static int init_common(void) (ret = git_transport_ssh_global_init()) == 0 && (ret = git_tls_stream_global_init()) == 0 && (ret = git_openssl_stream_global_init()) == 0 && - (ret = git_curl_stream_global_init()) == 0 && (ret = git_mbedtls_stream_global_init()) == 0) ret = git_mwindow_global_init(); diff --git a/src/streams/curl.c b/src/streams/curl.c deleted file mode 100644 index 3c0af3b04..000000000 --- a/src/streams/curl.c +++ /dev/null @@ -1,385 +0,0 @@ -/* - * Copyright (C) the libgit2 contributors. All rights reserved. - * - * This file is part of libgit2, distributed under the GNU GPL v2 with - * a Linking Exception. For full terms see the included COPYING file. - */ - -#include "streams/curl.h" - -#ifdef GIT_CURL - -#include <curl/curl.h> - -#include "stream.h" -#include "git2/transport.h" -#include "buffer.h" -#include "global.h" -#include "vector.h" -#include "proxy.h" - -/* This is for backwards compatibility with curl<7.45.0. */ -#ifndef CURLINFO_ACTIVESOCKET -# define CURLINFO_ACTIVESOCKET CURLINFO_LASTSOCKET -# define GIT_CURL_BADSOCKET -1 -# define git_activesocket_t long -#else -# define GIT_CURL_BADSOCKET CURL_SOCKET_BAD -# define git_activesocket_t curl_socket_t -#endif - -typedef struct { - git_stream parent; - CURL *handle; - curl_socket_t socket; - char curl_error[CURL_ERROR_SIZE + 1]; - git_cert_x509 cert_info; - git_strarray cert_info_strings; - git_proxy_options proxy; - git_cred *proxy_cred; -} curl_stream; - -int git_curl_stream_global_init(void) -{ - if (curl_global_init(CURL_GLOBAL_ALL) != 0) { - giterr_set(GITERR_NET, "could not initialize curl"); - return -1; - } - - /* `curl_global_cleanup` is provided by libcurl */ - git__on_shutdown(curl_global_cleanup); - return 0; -} - -static int seterr_curl(curl_stream *s) -{ - giterr_set(GITERR_NET, "curl error: %s\n", s->curl_error); - return -1; -} - -GIT_INLINE(int) error_no_credentials(void) -{ - giterr_set(GITERR_NET, "proxy authentication required, but no callback provided"); - return GIT_EAUTH; -} - -static int apply_proxy_creds(curl_stream *s) -{ - CURLcode res; - git_cred_userpass_plaintext *userpass; - - if (!s->proxy_cred) - return GIT_ENOTFOUND; - - userpass = (git_cred_userpass_plaintext *) s->proxy_cred; - if ((res = curl_easy_setopt(s->handle, CURLOPT_PROXYUSERNAME, userpass->username)) != CURLE_OK) - return seterr_curl(s); - if ((res = curl_easy_setopt(s->handle, CURLOPT_PROXYPASSWORD, userpass->password)) != CURLE_OK) - return seterr_curl(s); - - return 0; -} - -static int ask_and_apply_proxy_creds(curl_stream *s) -{ - int error; - git_proxy_options *opts = &s->proxy; - - if (!opts->credentials) - return error_no_credentials(); - - /* TODO: see if PROXYAUTH_AVAIL helps us here */ - git_cred_free(s->proxy_cred); - s->proxy_cred = NULL; - giterr_clear(); - error = opts->credentials(&s->proxy_cred, opts->url, NULL, GIT_CREDTYPE_USERPASS_PLAINTEXT, opts->payload); - if (error == GIT_PASSTHROUGH) - return error_no_credentials(); - if (error < 0) { - if (!giterr_last()) - giterr_set(GITERR_NET, "proxy authentication was aborted by the user"); - return error; - } - - if (s->proxy_cred->credtype != GIT_CREDTYPE_USERPASS_PLAINTEXT) { - giterr_set(GITERR_NET, "credentials callback returned invalid credential type"); - return -1; - } - - return apply_proxy_creds(s); -} - -static int curls_connect(git_stream *stream) -{ - curl_stream *s = (curl_stream *) stream; - git_activesocket_t sockextr; - long connect_last = 0; - int failed_cert = 0, error; - bool retry_connect; - CURLcode res; - - /* Apply any credentials we've already established */ - error = apply_proxy_creds(s); - if (error < 0 && error != GIT_ENOTFOUND) - return seterr_curl(s); - - do { - retry_connect = 0; - res = curl_easy_perform(s->handle); - - curl_easy_getinfo(s->handle, CURLINFO_HTTP_CONNECTCODE, &connect_last); - - /* HTTP 407 Proxy Authentication Required */ - if (connect_last == 407) { - if ((error = ask_and_apply_proxy_creds(s)) < 0) - return error; - - retry_connect = true; - } - } while (retry_connect); - - if (res != CURLE_OK && res != CURLE_PEER_FAILED_VERIFICATION) - return seterr_curl(s); - if (res == CURLE_PEER_FAILED_VERIFICATION) - failed_cert = 1; - - if ((res = curl_easy_getinfo(s->handle, CURLINFO_ACTIVESOCKET, &sockextr)) != CURLE_OK) { - return seterr_curl(s); - } - - if (sockextr == GIT_CURL_BADSOCKET) { - giterr_set(GITERR_NET, "curl socket is no longer valid"); - return -1; - } - - s->socket = sockextr; - - if (s->parent.encrypted && failed_cert) - return GIT_ECERTIFICATE; - - return 0; -} - -static int curls_certificate(git_cert **out, git_stream *stream) -{ - int error; - CURLcode res; - struct curl_slist *slist; - struct curl_certinfo *certinfo; - git_vector strings = GIT_VECTOR_INIT; - curl_stream *s = (curl_stream *) stream; - - if ((res = curl_easy_getinfo(s->handle, CURLINFO_CERTINFO, &certinfo)) != CURLE_OK) - return seterr_curl(s); - - /* No information is available, can happen with SecureTransport */ - if (certinfo->num_of_certs == 0) { - s->cert_info.parent.cert_type = GIT_CERT_NONE; - s->cert_info.data = NULL; - s->cert_info.len = 0; - return 0; - } - - if ((error = git_vector_init(&strings, 8, NULL)) < 0) - return error; - - for (slist = certinfo->certinfo[0]; slist; slist = slist->next) { - char *str = git__strdup(slist->data); - GITERR_CHECK_ALLOC(str); - git_vector_insert(&strings, str); - } - - /* Copy the contents of the vector into a strarray so we can expose them */ - s->cert_info_strings.strings = (char **) strings.contents; - s->cert_info_strings.count = strings.length; - - s->cert_info.parent.cert_type = GIT_CERT_STRARRAY; - s->cert_info.data = &s->cert_info_strings; - s->cert_info.len = strings.length; - - *out = &s->cert_info.parent; - - return 0; -} - -static int curls_set_proxy(git_stream *stream, const git_proxy_options *proxy_opts) -{ - int error; - CURLcode res; - curl_stream *s = (curl_stream *) stream; - - git_proxy_options_clear(&s->proxy); - if ((error = git_proxy_options_dup(&s->proxy, proxy_opts)) < 0) - return error; - - if ((res = curl_easy_setopt(s->handle, CURLOPT_PROXY, s->proxy.url)) != CURLE_OK) - return seterr_curl(s); - - if ((res = curl_easy_setopt(s->handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY)) != CURLE_OK) - return seterr_curl(s); - - return 0; -} - -static int wait_for(curl_socket_t fd, bool reading) -{ - int ret; - fd_set infd, outfd, errfd; - - FD_ZERO(&infd); - FD_ZERO(&outfd); - FD_ZERO(&errfd); - - assert(fd >= 0); - FD_SET(fd, &errfd); - if (reading) - FD_SET(fd, &infd); - else - FD_SET(fd, &outfd); - - if ((ret = select(fd + 1, &infd, &outfd, &errfd, NULL)) < 0) { - giterr_set(GITERR_OS, "error in select"); - return -1; - } - - return 0; -} - -static ssize_t curls_write(git_stream *stream, const char *data, size_t len, int flags) -{ - int error; - size_t off = 0, sent; - CURLcode res; - curl_stream *s = (curl_stream *) stream; - - GIT_UNUSED(flags); - - do { - if ((error = wait_for(s->socket, false)) < 0) - return error; - - res = curl_easy_send(s->handle, data + off, len - off, &sent); - if (res == CURLE_OK) - off += sent; - } while ((res == CURLE_OK || res == CURLE_AGAIN) && off < len); - - if (res != CURLE_OK) - return seterr_curl(s); - - return len; -} - -static ssize_t curls_read(git_stream *stream, void *data, size_t len) -{ - int error; - size_t read; - CURLcode res; - curl_stream *s = (curl_stream *) stream; - - do { - if ((error = wait_for(s->socket, true)) < 0) - return error; - - res = curl_easy_recv(s->handle, data, len, &read); - } while (res == CURLE_AGAIN); - - if (res != CURLE_OK) - return seterr_curl(s); - - return read; -} - -static int curls_close(git_stream *stream) -{ - curl_stream *s = (curl_stream *) stream; - - if (!s->handle) - return 0; - - curl_easy_cleanup(s->handle); - s->handle = NULL; - s->socket = 0; - - return 0; -} - -static void curls_free(git_stream *stream) -{ - curl_stream *s = (curl_stream *) stream; - - curls_close(stream); - git_strarray_free(&s->cert_info_strings); - git_proxy_options_clear(&s->proxy); - git_cred_free(s->proxy_cred); - git__free(s); -} - -int git_curl_stream_new(git_stream **out, const char *host, const char *port) -{ - curl_stream *st; - CURL *handle; - int iport = 0, error; - - st = git__calloc(1, sizeof(curl_stream)); - GITERR_CHECK_ALLOC(st); - - handle = curl_easy_init(); - if (handle == NULL) { - giterr_set(GITERR_NET, "failed to create curl handle"); - git__free(st); - return -1; - } - - if ((error = git__strntol32(&iport, port, strlen(port), NULL, 10)) < 0) { - git__free(st); - return error; - } - - curl_easy_setopt(handle, CURLOPT_URL, host); - curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, st->curl_error); - curl_easy_setopt(handle, CURLOPT_PORT, iport); - curl_easy_setopt(handle, CURLOPT_CONNECT_ONLY, 1); - curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 1); - curl_easy_setopt(handle, CURLOPT_CERTINFO, 1); - curl_easy_setopt(handle, CURLOPT_HTTPPROXYTUNNEL, 1); - curl_easy_setopt(handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY); - - /* curl_easy_setopt(handle, CURLOPT_VERBOSE, 1); */ - - st->parent.version = GIT_STREAM_VERSION; - st->parent.encrypted = 0; /* we don't encrypt ourselves */ - st->parent.proxy_support = 1; - st->parent.connect = curls_connect; - st->parent.certificate = curls_certificate; - st->parent.set_proxy = curls_set_proxy; - st->parent.read = curls_read; - st->parent.write = curls_write; - st->parent.close = curls_close; - st->parent.free = curls_free; - st->handle = handle; - - *out = (git_stream *) st; - return 0; -} - -#else - -#include "stream.h" - -int git_curl_stream_global_init(void) -{ - return 0; -} - -int git_curl_stream_new(git_stream **out, const char *host, const char *port) -{ - GIT_UNUSED(out); - GIT_UNUSED(host); - GIT_UNUSED(port); - - giterr_set(GITERR_NET, "curl is not supported in this version"); - return -1; -} - - -#endif diff --git a/src/streams/curl.h b/src/streams/curl.h deleted file mode 100644 index 511cd894a..000000000 --- a/src/streams/curl.h +++ /dev/null @@ -1,17 +0,0 @@ -/* - * Copyright (C) the libgit2 contributors. All rights reserved. - * - * This file is part of libgit2, distributed under the GNU GPL v2 with - * a Linking Exception. For full terms see the included COPYING file. - */ -#ifndef INCLUDE_streams_curl_h__ -#define INCLUDE_streams_curl_h__ - -#include "common.h" - -#include "git2/sys/stream.h" - -extern int git_curl_stream_global_init(void); -extern int git_curl_stream_new(git_stream **out, const char *host, const char *port); - -#endif diff --git a/src/streams/mbedtls.c b/src/streams/mbedtls.c index fdc9f6f7c..d22f77069 100644 --- a/src/streams/mbedtls.c +++ b/src/streams/mbedtls.c @@ -18,10 +18,6 @@ #include "git2/transport.h" #include "util.h" -#ifdef GIT_CURL -# include "streams/curl.h" -#endif - #ifndef GIT_DEFAULT_CERT_LOCATION #define GIT_DEFAULT_CERT_LOCATION NULL #endif @@ -431,13 +427,7 @@ int git_mbedtls_stream_new( assert(out && host && port); -#ifdef GIT_CURL - error = git_curl_stream_new(&stream, host, port); -#else - error = git_socket_stream_new(&stream, host, port); -#endif - - if (error < 0) + if ((error = git_socket_stream_new(&stream, host, port)) < 0) return error; if ((error = mbedtls_stream_wrap(out, stream, host, 1)) < 0) { diff --git a/src/streams/openssl.c b/src/streams/openssl.c index e39622d84..bc129217d 100644 --- a/src/streams/openssl.c +++ b/src/streams/openssl.c @@ -19,10 +19,6 @@ #include "git2/transport.h" #include "git2/sys/openssl.h" -#ifdef GIT_CURL -# include "streams/curl.h" -#endif - #ifndef GIT_WIN32 # include <sys/types.h> # include <sys/socket.h> @@ -752,13 +748,7 @@ int git_openssl_stream_new(git_stream **out, const char *host, const char *port) assert(out && host && port); -#ifdef GIT_CURL - error = git_curl_stream_new(&stream, host, port); -#else - error = git_socket_stream_new(&stream, host, port); -#endif - - if (error < 0) + if ((error = git_socket_stream_new(&stream, host, port)) < 0) return error; if ((error = openssl_stream_wrap(out, stream, host, 1)) < 0) { diff --git a/src/streams/stransport.c b/src/streams/stransport.c index 435162389..6626e0f68 100644 --- a/src/streams/stransport.c +++ b/src/streams/stransport.c @@ -16,7 +16,6 @@ #include "git2/transport.h" #include "streams/socket.h" -#include "streams/curl.h" static int stransport_error(OSStatus ret) { @@ -308,11 +307,7 @@ int git_stransport_stream_new(git_stream **out, const char *host, const char *po assert(out && host); -#ifdef GIT_CURL - error = git_curl_stream_new(&stream, host, port); -#else error = git_socket_stream_new(&stream, host, port); -#endif if (!error) error = stransport_wrap(out, stream, host, 1); diff --git a/src/transports/http.c b/src/transports/http.c index 6d2aaf9cf..925772246 100644 --- a/src/transports/http.c +++ b/src/transports/http.c @@ -21,7 +21,6 @@ #include "auth_negotiate.h" #include "streams/tls.h" #include "streams/socket.h" -#include "streams/curl.h" git_http_auth_scheme auth_schemes[] = { { GIT_AUTHTYPE_NEGOTIATE, "Negotiate", GIT_CREDTYPE_DEFAULT, git_http_auth_negotiate }, @@ -653,17 +652,6 @@ static int write_chunk(git_stream *io, const char *buffer, size_t len) return 0; } -static int apply_proxy_config_to_stream( - git_stream *stream, git_proxy_options *proxy_opts) -{ - /* Only set the proxy configuration on the curl stream. */ - if (!git_stream_supports_proxy(stream) || - proxy_opts->type == GIT_PROXY_NONE) - return 0; - - return git_stream_set_proxy(stream, proxy_opts); -} - static int load_proxy_config(http_subtransport *t) { int error; @@ -954,21 +942,10 @@ static int http_connect(http_subtransport *t) cb_payload = t->owner->message_cb_payload; } -#ifdef GIT_CURL - if ((error = git_curl_stream_new(&stream, - t->server.url.host, t->server.url.port)) < 0) - goto on_error; - - GITERR_CHECK_VERSION(stream, GIT_STREAM_VERSION, "git_stream"); - - if ((error = apply_proxy_config_to_stream(stream, &t->proxy_opts)) < 0) - goto on_error; -#else if (url->use_ssl) error = git_tls_stream_new(&stream, url->host, url->port); else error = git_socket_stream_new(&stream, url->host, url->port); -#endif if (error < 0) goto on_error; |