libgit2

mirror of https://git.proxmox.com/git/libgit2 synced 2025-05-28 04:29:42 +00:00

Author	SHA1	Message	Date
Edward Thomson	ffe259d9e5	Merge pull request #4074 from fcharlie/master fix examples/network/clone.c: heap-buffer-overflow	2017-01-11 11:52:06 +00:00
Carlos Martín Nieto	ee89941fa2	Merge remote-tracking branch 'upstream/maint/v0.25'	2017-01-09 21:00:07 +00:00
Carlos Martín Nieto	2fcb8705e5	Merge pull request #4076 from libgit2/cmn/sec-update-25 security updates for v0.25	2017-01-09 20:26:45 +00:00
Carlos Martín Nieto	2ac57aa89b	https: don't test that RC4 is invalid None of our crypto backends actually reject RC4 as a cipher so don't test for it and instead keep it as something we'd like to do.	2017-01-09 18:32:11 +00:00
Carlos Martín Nieto	3829ba2e71	http: correct the expected error for RC4 We must make sure that we're getting a certificate error from the library so we know that we're testing the right thing.	2017-01-09 17:58:58 +00:00
Force.Charlie-I	3fdba15c2f	fix examples/network/clone.c: heap-buffer-overflow Format of a length of string to the correct format is:%.*s	2017-01-09 14:09:57 +08:00
Edward Thomson	a5cf255b47	Bump version to 0.25.1	2017-01-06 17:15:53 +00:00
Edward Thomson	6850b516b9	Merge branch '25_smartpktparse' into maint/v0.25	2017-01-06 17:12:16 +00:00
Patrick Steinhardt	2fdef641fd	smart_pkt: treat empty packet lines as error The Git protocol does not specify what should happen in the case of an empty packet line (that is a packet line "0004"). We currently indicate success, but do not return a packet in the case where we hit an empty line. The smart protocol was not prepared to handle such packets in all cases, though, resulting in a `NULL` pointer dereference. Fix the issue by returning an error instead. As such kind of packets is not even specified by upstream, this is the right thing to do.	2017-01-06 17:11:58 +00:00
Patrick Steinhardt	66e3774d27	smart_pkt: verify packet length exceeds PKT_LEN_SIZE Each packet line in the Git protocol is prefixed by a four-byte length of how much data will follow, which we parse in `git_pkt_parse_line`. The transmitted length can either be equal to zero in case of a flush packet or has to be at least of length four, as it also includes the encoded length itself. Not checking this may result in a buffer overflow as we directly pass the length to functions which accept a `size_t` length as parameter. Fix the issue by verifying that non-flush packets have at least a length of `PKT_LEN_SIZE`.	2017-01-06 17:11:44 +00:00
Edward Thomson	ab8a0fdb31	Merge branch '25_certcheckcb' into maint/v0.25	2017-01-06 17:10:49 +00:00
Carlos Martín Nieto	98d66240ec	http: perform 'badssl' check also via certificate callback Make sure that the callbacks do also get a 'valid' value of zero when the certificate we're looking at is in valid and assert that within the test.	2017-01-06 17:09:52 +00:00
Etienne Samson	9a64e62f0f	http: check certificate validity before clobbering the error variable	2017-01-06 17:09:39 +00:00
Edward Thomson	5afd0f9b7b	Merge pull request #4065 from simonbyrne/sb/changelog Mention field addition in breaking API changes	2017-01-06 12:33:17 +00:00
Simon Byrne	d8f984bc49	move git_merge_options changes to correct location	2017-01-03 10:54:34 +00:00
Simon Byrne	31c7829954	mention field addition in breaking API changes	2017-01-03 10:11:52 +00:00
Edward Thomson	805b90aac4	Merge pull request #4015 from staticfloat/sf/win_http_parser Allow Windows with WinHTTP to use external http-parser	2016-12-31 15:06:10 +00:00
Elliot Saba	e56e4c76b9	CMakeLists: Move `http-parser` block down by `zlib`, update error message	2016-12-30 17:59:47 -08:00
Edward Thomson	c9b9968905	Merge pull request #4052 from dglsswnsn/master Fix issue #4046 Seg fault in config_files()	2016-12-30 19:14:02 +00:00
Edward Thomson	42ad85ef01	Merge pull request #4043 from fudanchii/fudanchii/openbsd Fix BIO_* functions method linking when compiled with libressl (OpenBSD).	2016-12-30 16:35:24 +00:00
Douglas Swanson	832278bf36	Fix issue #4046 Seg fault in config_files()	2016-12-29 07:43:03 -07:00
Edward Thomson	238b8ccd1a	Merge pull request #4048 from jacquesg/rebase-error-check rebase: check the result code of rebase_init_merge	2016-12-29 11:07:37 +00:00
Jacques Germishuys	f928c69a07	rebase: check the result code of rebase_init_merge	2016-12-29 12:54:26 +02:00
Edward Thomson	7829b4118a	Merge pull request #4044 from jacquesg/mempack-version mempack: set the odb backend version	2016-12-27 12:26:44 +00:00
Jacques Germishuys	6a8127d71d	mempack: set the odb backend version	2016-12-25 22:13:48 +02:00
Nurahmadie	567b83de54	Fix BIO_* functions method linking when compiled with libressl. ref: `672ac74ce7/media-video/ffmpeg/files/ffmpeg-3.2-libressl.patch`	2016-12-24 17:43:08 +07:00
Carlos Martín Nieto	75db289a04	Merge pull request #3980 from tiennou/doc-fixes Documentation fixes	2016-12-20 19:14:20 +00:00
Edward Thomson	42864e5842	Merge pull request #4041 from libgit2/cmn/bump-pretend-git http: bump the pretend git version in the User-Agent	2016-12-20 17:17:12 +00:00
Carlos Martín Nieto	fafafb1f37	http: bump the pretend git version in the User-Agent We want to keep the git UA in order for services to recognise that we're a Git client and not a browser. But in order to stop dumb HTTP some services have blocked UAs that claim to be pre-1.6.6 git. Thread these needles by using the "git/2.0" prefix which is still close enough to git's yet distinct enough that you can tell it's us.	2016-12-20 16:19:30 +00:00
Edward Thomson	8d7717c471	Merge pull request #4034 from libgit2/cmn/sysdir-no-reguess sysdir: don't re-guess when using variable substitution	2016-12-20 15:32:49 +00:00
Edward Thomson	f91f170f0e	Merge pull request #4032 from libgit2/cmn/https-cap-no-hardcode Don't hard-code HTTPS cap & clarify the meanings of the features enum	2016-12-20 15:28:46 +00:00
Carlos Martín Nieto	329ce0439b	Merge pull request #4037 from libgit2/cmn/goals README: be more explicit in the goals and scope	2016-12-20 12:14:22 +00:00
Carlos Martín Nieto	b0b850bfca	Merge pull request #4038 from lucasderraugh/patch-1 Gift deprecated in favor of SwiftGit2	2016-12-19 18:04:20 +00:00
Carlos Martín Nieto	3714c13a88	Merge pull request #4026 from libgit2/cmn/refdb-fs-errors refdb: bubble up recursive rm when locking a ref	2016-12-19 17:28:41 +00:00
Carlos Martín Nieto	903955f7e5	Merge pull request #4027 from pks-t/pks/pack-deref-cache-on-error pack: dereference cached pack entry on error	2016-12-19 17:26:09 +00:00
Lucas Derraugh	87faeaecda	Gift deprecated in favor of SwiftGit2	2016-12-19 09:09:34 -08:00
Carlos Martín Nieto	349016790c	Merge pull request #4033 from andhe/master Fix off-by-one problems in git_signature__parse	2016-12-19 16:25:01 +00:00
Carlos Martín Nieto	8f064000dd	README: be more explicit in the goals and scope Make it clearer from the get-go that we do not aim to implement user-facing commands from the git tool.	2016-12-19 13:54:55 +00:00
Carlos Martín Nieto	9f09f290bb	sysdir: don't guess the paths again when $PATH is specified We should replace it with whatever the user set, not start again.	2016-12-18 14:47:27 +00:00
Carlos Martín Nieto	410855fc4b	sysdir: add failing test for variable substitution When given $PATH as part of a search path, we guess again instead of substituting what the user already set.	2016-12-18 14:47:27 +00:00
Andreas Henriksson	23c9ff8632	Fix off-by-one problems in git_signature__parse Etc/GMT-14 aka UTC+14:00 is a thing.... https://en.wikipedia.org/wiki/UTC%2B14:00 Also allow offsets on the last minute (59). Addresses: https://bugs.debian.org/841532 Fixes: #3970	2016-12-17 17:40:49 +01:00
Carlos Martín Nieto	77e4623257	settings: clarify what each value means Most importantly, clarify what it means for HTTPS and SSH to be supported.	2016-12-17 14:31:36 +00:00
Carlos Martín Nieto	061a0ad1f9	settings: don't hard-code HTTPS capability This partially reverts `bdec62dce1` which activates the transport code-paths which allow you to use a custom TLS implementation without having to have one at build-time. However the capabilities describe how libgit2 was built, not what it could potentially support, bring back the ifdefs so we only say we support HTTPS if libgit2 was itself built with a TLS implementation.	2016-12-17 14:23:35 +00:00
Carlos Martín Nieto	c655def117	Merge pull request #4031 from libgit2/cmn/plug-test-leak rebase: plug a leak in the tests	2016-12-17 01:12:49 +00:00
Carlos Martín Nieto	f7dcd58cc7	rebase: plug a leak in the tests	2016-12-17 00:55:06 +00:00
Carlos Martín Nieto	6ab65b80b4	refdb: bubble up recursive rm when locking a ref Failure to bubble up this error means some locking errors do not get reported as such on Windows.	2016-12-16 11:33:54 +00:00
Edward Thomson	c5e6ba2892	Merge pull request #4029 from libgit2/cmn/windows-no-concurrent-compress refdb: disable concurrent compress in the threading tests on Windows	2016-12-15 18:19:49 -06:00
Carlos Martín Nieto	9d5f12ffd7	Merge pull request #4018 from pks-t/pks/various-fixes Various fixes	2016-12-12 22:43:11 +00:00
Carlos Martín Nieto	b31283a658	refdb: disable concurrent compress in the threading tests on Windows This is far from an ideal situation, but this causes issues on Windows which make it harder to develop anything, as these tests hit issues which relate specifically to the Windows filesystem like permission errors for files we should be able to access. There is an issue likely related to the ordering of the repack, but there's enough noise that it does not currently help us to run this aspect of the test in CI.	2016-12-12 17:09:12 +00:00
Patrick Steinhardt	ff5eea06a9	pack: dereference cached pack entry on error When trying to uncompress deltas in a packfile's delta chain, we try to add object bases to the packfile cache, subsequently decrementing its reference count if it has been added successfully. This may lead to a mismatched reference count in the case where we exit the loop early due to an encountered error. Fix the issue by decrementing the reference count in error cleanup.	2016-12-12 09:45:07 +01:00

1 2 3 4 5 ...

9841 Commits