| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
Provide a callback for certificate validation
|
| | |
| |
| |
| |
| | |
Skip it before we attempt to clone, as we would exit with -1 on systems
which do not have sshd running.
|
| | |
| |
| |
| | |
This brings us back in line with the other transports.
|
| | |
| |
| |
| |
| | |
The user may have the data hashed as MD5 or SHA-1, so we should provide
both types for consumption.
|
| | |
| |
| |
| |
| | |
Instead of using the libssh2 defines, provide our own, which eases usage
as we do not need to check whether libgit2 was built with libssh2 or not.
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Instead of spreading the data in function arguments, some of which
aren't used for ssh and having a struct only for ssh, use a struct for
both, using a common parent to pass to the callback.
|
| | |\ |
|
| | | |
| | |
| | |
| | |
| | | |
Test that the certificate check callback gets the right fingerprint from
the host we're connecting to.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This option make it easy to ignore anything about the server we're
connecting to, which is bad security practice. This was necessary as we
didn't use to expose detailed information about the certificate, but now
that we do, we should get rid of this.
If the user wants to ignore everything, they can still provide a
callback which ignores all the information passed.
|
| | | |
| | |
| | |
| | | |
This should make the mingw compiler happy.
|
| | | |
| | |
| | |
| | | |
If the user returns 0 from the certificate check and we had certificate issues, set the options to ignore certificate errors and resend the request.
|
| | | |
| | |
| | |
| | | |
We need to call WinHttpSendRequest() in three different places. Unify all in a single function to have a single place for the certificate check.
|
| | | |
| | |
| | |
| | | |
If we're not using SSL, don't call the user's certificate check callback.
|
| | | |
| | |
| | |
| | | |
On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
|
| | | |
| | |
| | |
| | |
| | | |
Returning 0 lets the certificate check succeed. An error code is bubbled
up to the user.
|
| | | |
| | |
| | |
| | |
| | | |
We know the host's key as soon as we connect, so we should perform the
check as soon as we can, before we bother with the user's credentials.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
We should let the user decide whether to cancel the connection or not
regardless of whether our checks have decided that the certificate is
fine. We provide our own assessment to the callback to let the user fall
back to our checks if they so desire.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Instead of the parsed data, we can ask OpenSSL to give us the
DER-encoded version of the certificate, which the user can then parse
and validate.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If the certificate validation fails (or always in the case of ssh),
let the user decide whether to allow the connection.
The data structure passed to the user is the native certificate
information from the underlying implementation, namely OpenSSL or
WinHTTP.
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
travis: run valgrind only once
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
Instead of running valgrind on each job, half of which are in release
mode and don't have much usable information for valgrind, perform an
debug build as part of allowed_failures and run valgrind on that one,
which should speed up the feedback we get from the builds.
|
| |\ \ \
| | | |
| | | | |
Fix typo
|
| | | |/
| |/| |
|
| |\ \ \
| | | |
| | | | |
No files merged may result in bogus merge conflict error
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Passing 0 as the length of the paths to check to git_diff_index_to_workdir
results in all files being treated as conflicting, that is, all untracked or
modified files in the worktree is reported as conflicting
|
| | | | |
| | | |
| | | |
| | | | |
merged, and untracked files exist in the workdir.
|
| | | | | |
|
| |\ \ \ \
| |_|/ /
|/| | | |
Fix attribute lookup in index for bare repos
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When using a bare repo with an index, libgit2 attempts to read
files from the index. It caches those files based on the path
to the file, specifically the path to the directory that contains
the file.
If there is no working directory, we use `git_path_dirname_r` to
get the path to the containing directory. However, for the
`.gitattributes` file in the root of the repository, this ends up
normalizing the containing path to `"."` instead of the empty
string and the lookup the `.gitattributes` data fails.
This adds a test of attribute lookups on bare repos and also
fixes the problem by simply rewriting `"."` to be `""`.
|
| |\ \ \
| | | |
| | | | |
Add Rust to the language bindings list
|
| |/ / / |
|
| |\ \ \
| |/ /
|/| | |
When auto follow tags, FETCH_HEAD should list only newly followed tags
|
| | |/ |
|
| |\ \
| | |
| | | |
signature: don't allow empty emails
|
| |/ /
| |
| |
| |
| |
| | |
A signature is made up of a non-empty name and a non-empty email so
let's validate that. This also brings us more in line with git, which
also rejects ident with an empty email.
|
| |\ \
| | |
| | | |
Restrict which refs can be the default branch
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When the fetch refspec does not include the remote's default branch, it
indicates an error in user expectations or programmer error. Error out
in that case.
This lets us get rid of the dummy refspec which can never work as its
zeroed out. In the cases where we did not find a default branch, we set
HEAD detached immediately, which lets us refactor the "normal" path,
removing `found_branch`.
|
| | | |
| | |
| | |
| | |
| | | |
If the remote does not advertise HEAD, then it is unborn and we cannot
checkout that branch. Handle it the same way as an empty repo.
|
| | | |
| | |
| | |
| | |
| | | |
When cloning, we may be asking for a particular branch or subset of
branches. Make sure we test for that.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Add tests for the case when there are no branches on the remote and when
HEAD is detached but has the id of a non-branch. In both of these cases,
we should return ENOTFOUND.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
A repository can have any number of references which we're not
interested in such as notes or tags. For the default branch calculation
we only care about branches. Make the decision about the number of
branches rather than the number of refs in general.
|
