| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Next to including several files, our "common.h" header also declares
various macros which are then used throughout the project. As such, we
have to make sure to always include this file first in all
implementation files. Otherwise, we might encounter problems or even
silent behavioural differences due to macros or defines not being
defined as they should be. So in fact, our header and implementation
files should make sure to always include "common.h" first.
This commit does so by establishing a common include pattern. Header
files inside of "src" will now always include "common.h" as its first
other file, separated by a newline from all the other includes to make
it stand out as special. There are two cases for the implementation
files. If they do have a matching header file, they will always include
this one first, leading to "common.h" being transitively included as
first file. If they do not have a matching header file, they instead
include "common.h" as first file themselves.
This fixes the outlined problems and will become our standard practice
for header and source files inside of the "src/" from now on.
|
| |
|
|
|
|
|
|
|
|
|
| |
When failing to initialize a new stransport stream, we try to
release already allocated memory by calling out to
`git_stream_free`, which in turn called out to the stream's
`free` function pointer. As we only initialize the function
pointer later on, this leads to a `NULL` pointer exception.
Furthermore, plug another memory leak when failing to create the
SSL context.
|
| |\
| |
| | |
stransport: make internal functions static
|
| | | |
|
| |/
|
|
|
|
|
|
|
| |
The `SSLCopyPeerTrust` call can succeed but fail to return a trust
object if it can't load the certificate chain and thus cannot check the
validity of a certificate. This can lead to us calling `CFRelease` on a
`NULL` trust object, causing a crash.
Handle this by returning ECERTIFICATE.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
If the libcurl stream is available, use that as the underlying stream
instead of the socket stream. This allows us to set a proxy for HTTPS
connections.
|
| |
|
|
| |
is unavailable to iOS targets.
|
| |
|
|
|
|
|
|
|
| |
The read and write callbacks passed to SSLSetIOFuncs() have been
rewritten to match the implementation used on opensource.apple.com and
other open source projects like VLC.
This change also fixes a bug where the read callback could get into
an infinite loop when 0 bytes were read.
|
| |
|
|
|
| |
On close, we might get a return code which looks like an error but just
means that the other side closed gracefully. Handle that.
|
| |
|
|
|
| |
Anything SSL is deprecated. Let's make sure we don't try to use SSL v3
when talking to the server.
|
| |
|
|
|
|
| |
Do not automatically fail on a bad certificate, but let the caller
decide. This means we don't need our switch on errors anymore but can
return a string representation from the security framework.
|
|
|
As an alternative to OpenSSL when we're on OS X. This one can actually
take advantage of stacking the streams.
|
