1
0
Fork 0
mirror of https://github.com/git/git.git synced 2024-11-18 15:04:49 +01:00
Commit graph

126 commits

Author SHA1 Message Date
Scott Chacon
42653c09c8 Prompt for a username when an HTTP request 401s
When an HTTP request returns a 401, Git will currently fail with a
confusing message saying that it got a 401, which is not very
descriptive.

Currently if a user wants to use Git over HTTP, they have to use one
URL with the username in the URL (e.g. "http://user@host.com/repo.git")
for write access and another without the username for unauthenticated
read access (unless they want to be prompted for the password each
time). However, since the HTTP servers will return a 401 if an action
requires authentication, we can prompt for username and password if we
see this, allowing us to use a single URL for both purposes.

This patch changes http_request to prompt for the username and password,
then return HTTP_REAUTH so http_get_strbuf can try again.  If it gets
a 401 even when a user/pass is supplied, http_request will now return
HTTP_NOAUTH which remote_curl can then use to display a more
intelligent error message that is less confusing.

Signed-off-by: Scott Chacon <schacon@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-01 23:24:59 -07:00
Frank Li
f206063b4b git-core: Support retrieving passwords with GIT_ASKPASS
git tries to read a password from the terminal in imap-send and
when talking to a http server that requires authentication.

When a GUI is driving git, however, the end user is not paying
attention to the terminal (there may not even be a terminal).
GUI would appear to hang forever.

Fix this problem by allowing a password-retrieving command
to be specified in GIT_ASKPASS

Signed-off-by: Frank Li <lznuaa@gmail.com>
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-04 22:05:13 -08:00
Junio C Hamano
83e41e2e61 http.c: mark file-local functions static
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-12 01:06:08 -08:00
Junio C Hamano
637afcf4e0 Merge branch 'tr/http-updates'
* tr/http-updates:
  Remove http.authAny
  Allow curl to rewind the RPC read buffer
  Add an option for using any HTTP authentication scheme, not only basic
  http: maintain curl sessions
2010-01-10 08:53:04 -08:00
Thiago Farina
bd757c1859 Use warning function instead of fprintf(stderr, "Warning: ...").
Signed-off-by: Thiago Farina <tfransosi@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-03 16:17:03 -08:00
Junio C Hamano
525ecd26c6 Remove http.authAny
Back when the feature to use different HTTP authentication methods was
originally written, it needed an extra HTTP request for everything when
the feature was in effect, because we didn't reuse curl sessions.

However, b8ac923 (Add an option for using any HTTP authentication scheme,
not only basic, 2009-11-27) builds on top of an updated codebase that does
reuse curl sessions; there is no need to manually avoid the extra overhead
by making this configurable anymore.

Acked-by: Martin Storsjo <martin@martin.st>
Acked-by: Shawn O. Pearce <spearce@spearce.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-12-29 12:07:58 -08:00
Martin Storsjö
b8ac923010 Add an option for using any HTTP authentication scheme, not only basic
This adds the configuration option http.authAny (overridable with
the environment variable GIT_HTTP_AUTH_ANY), for instructing curl
to allow any HTTP authentication scheme, not only basic (which
sends the password in plaintext).

When this is enabled, curl has to do double requests most of the time,
in order to discover which HTTP authentication method to use, which
lowers the performance slightly. Therefore this isn't enabled by default.

One example of another authentication scheme to use is digest, which
doesn't send the password in plaintext, but uses a challenge-response
mechanism instead. Using digest authentication in practice requires
at least curl 7.18.1, due to bugs in the digest handling in earlier
versions of curl.

Signed-off-by: Martin Storsjö <martin@martin.st>
Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-11-27 22:46:33 -08:00
Tay Ray Chuan
ad75ebe5b3 http: maintain curl sessions
Allow curl sessions to be kept alive (ie. not ended with
curl_easy_cleanup()) even after the request is completed, the number of
which is determined by the configuration setting http.minSessions.

Add a count for curl sessions, and update it, across slots, when
starting and ending curl sessions.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-11-27 22:46:05 -08:00
Shawn O. Pearce
de1a2fdd38 Smart push over HTTP: client side
The git-remote-curl backend detects if the remote server supports
the git-receive-pack service, and if so, runs git-send-pack in a
pipe to dump the command and pack data as a single POST request.

The advertisements from the server that were obtained during the
discovery are passed into git-send-pack before the POST request
starts.  This permits git-send-pack to operate largely unmodified.

For smaller packs (those under 1 MiB) a HTTP/1.0 POST with a
Content-Length is used, permitting interaction with any server.
The 1 MiB limit is arbitrary, but is sufficent to fit most deltas
created by human authors against text sources with the occasional
small binary file (e.g. few KiB icon image).  The configuration
option http.postBuffer can be used to increase (or shink) this
buffer if the default is not sufficient.

For larger packs which cannot be spooled entirely into the helper's
memory space (due to http.postBuffer being too small), the POST
request requires HTTP/1.1 and sets "Transfer-Encoding: chunked".
This permits the client to upload an unknown amount of data in one
HTTP transaction without needing to pregenerate the entire pack
file locally.

Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
CC: Daniel Barkalow <barkalow@iabervon.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-11-04 17:58:15 -08:00
Junio C Hamano
2b621c1a3a Merge branch 'maint'
* maint:
  http.c: avoid freeing an uninitialized pointer
2009-09-14 14:48:27 -07:00
Junio C Hamano
b2025146d0 http.c: avoid freeing an uninitialized pointer
An earlier 59b8d38 (http.c: remove verification of remote packs) left
the variable "url" uninitialized; "goto cleanup" codepath can free it
which is not very nice.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-09-14 14:48:15 -07:00
Junio C Hamano
5b590d783a Merge branch 'maint'
* maint:
  GIT 1.6.4.3
  svn: properly escape arguments for authors-prog
  http.c: remove verification of remote packs
  grep: accept relative paths outside current working directory
  grep: fix exit status if external_grep() punts

Conflicts:
	GIT-VERSION-GEN
	RelNotes
2009-09-13 01:30:53 -07:00
Tay Ray Chuan
59b8d38f6e http.c: remove verification of remote packs
Make http.c::fetch_pack_index() no longer check for the remote pack
with a HEAD request before fetching the corresponding pack index file.

Not only does sending a HEAD request before we do a GET incur a
performance penalty, it does not offer any significant error-
prevention advantages (pack fetching in the *_http_pack_request()
methods is capable of handling any errors on its own).

This addresses an issue raised elsewhere:

  http://code.google.com/p/msysgit/issues/detail?id=323
  http://support.github.com/discussions/repos/957-cant-clone-over-http-or-git

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-09-11 01:45:36 -07:00
Junio C Hamano
42fa6df99f Merge branch 'maint'
* maint:
  http.c: set slot callback members to NULL when releasing object
2009-08-28 19:37:57 -07:00
Junio C Hamano
48ae73b114 Merge branch 'rc/maint-http-fix' into maint
* rc/maint-http-fix:
  http.c: don't assume that urls don't end with slash
2009-08-28 19:34:16 -07:00
Tay Ray Chuan
4b9fa0e359 http.c: set slot callback members to NULL when releasing object
Set the members callback_func and callback_data of freq->slot to NULL
when releasing a http_object_request. release_active_slot() is also
invoked on the slot to remove the curl handle associated with the slot
from the multi stack (CURLM *curlm in http.c).

These prevent the callback function and data from being used in http
methods (like http.c::finish_active_slot()) after a
http_object_request has been free'd.

Noticed by Ali Polatel, who later tested this patch to verify that it
fixes the problem he saw; Dscho helped to identify the problem spot.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-28 19:24:43 -07:00
Junio C Hamano
9ebfda109e Merge branch 'rc/maint-http-fix'
* rc/maint-http-fix:
  http.c: don't assume that urls don't end with slash
2009-08-18 23:33:16 -07:00
Tay Ray Chuan
800324c3ad http.c: don't assume that urls don't end with slash
Make append_remote_object_url() (and by implication,
get_remote_object_url) use end_url_with_slash() to ensure that the url
ends with a slash.

Previously, they assumed that the url did not end with a slash and
as a result appended a slash, sometimes errorneously.

This fixes an issue introduced in 5424bc5 ("http*: add helper methods
for fetching objects (loose)"), where the append_remote_object_url()
implementation in http-push.c, which assumed that urls end with a
slash, was replaced by another one in http.c, which assumed urls did
not end with a slash.

The above issue was raised by Thomas Schlichter:

  http://marc.info/?l=git&m=125043105231327

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Tested-by: Thomas Schlichter <thomas.schlichter@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-18 13:59:44 -07:00
Jeff Lasslett
0c4f21e452 Check return value of ftruncate call in http.c
In new_http_object_request(), check ftruncate() call return value and
handle possible errors.

Signed-off-by: Jeff Lasslett <jeff.lasslett@gmail.com>
Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-10 13:26:18 -07:00
Tay Ray Chuan
bb99190e27 http.c: replace usage of temporary variable for urls
Use preq->url in new_http_pack_request and freq->url in
new_http_object_request when calling curl_setopt(CURLOPT_URL), instead
of using an intermediate variable, 'url'.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-10 13:26:11 -07:00
Tay Ray Chuan
5ae9ebfd58 http.c: free preq when aborting
Free preq in new_http_pack_request when aborting. preq was allocated
before jumping to the 'abort' label so this is safe.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-10 13:25:25 -07:00
Junio C Hamano
c535d767f7 Merge branch 'ml/http'
* ml/http:
  http.c: add http.sslCertPasswordProtected option
  http.c: prompt for SSL client certificate password

Conflicts:
	http.c
2009-07-09 01:00:36 -07:00
Mark Lodato
754ae192a4 http.c: add http.sslCertPasswordProtected option
Add a configuration option, http.sslCertPasswordProtected, and associated
environment variable, GIT_SSL_CERT_PASSWORD_PROTECTED, to enable SSL client
certificate password prompt from within git.  If this option is false and
if the environment variable does not exist, git falls back to OpenSSL's
prompts (as in earlier versions of git).

The environment variable may only be used to enable, not to disable
git's password prompt.  This behavior mimics GIT_NO_VERIFY; the mere
existence of the variable is all that is checked.

Signed-off-by: Mark Lodato <lodatom@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-18 10:51:29 -07:00
Mark Lodato
30dd916348 http.c: prompt for SSL client certificate password
If an SSL client certificate is enabled (via http.sslcert or
GIT_SSL_CERT), prompt for the certificate password rather than
defaulting to OpenSSL's password prompt.  This causes the prompt to only
appear once each run.  Previously, OpenSSL prompted the user *many*
times, causing git to be unusable over HTTPS with client-side
certificates.

Note that the password is stored in memory in the clear while the
program is running.  This may be a security problem if git crashes and
core dumps.

The user is always prompted, even if the certificate is not encrypted.
This should be fine; unencrypted certificates are rare and a security
risk anyway.

Signed-off-by: Mark Lodato <lodatom@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-18 10:45:05 -07:00
Junio C Hamano
da4e4a65a2 Merge branch 'maint'
* maint:
  http.c: fix compiling with libcurl 7.9.2
  import-tars: support symlinks
  pull, rebase: simplify to use die()
2009-06-18 10:39:17 -07:00
Mark Lodato
ef52aafa0f http.c: fix compiling with libcurl 7.9.2
Change the minimimum required libcurl version for the http.sslKey option
to 7.9.3.  Previously, preprocessor macros checked for >= 7.9.2, which
is incorrect because CURLOPT_SSLKEY was introduced in 7.9.3.  This now
allows git to compile with libcurl 7.9.2.

Signed-off-by: Mark Lodato <lodatom@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-18 10:10:30 -07:00
Tay Ray Chuan
5424bc557f http*: add helper methods for fetching objects (loose)
The code handling the fetching of loose objects in http-push.c and
http-walker.c have been refactored into new methods and a new struct
(object_http_request) in http.c. They are not meant to be invoked
elsewhere.

The new methods in http.c are
 - new_http_object_request
 - process_http_object_request
 - finish_http_object_request
 - abort_http_object_request
 - release_http_object_request

and the new struct is http_object_request.

RANGER_HEADER_SIZE and no_pragma_header is no longer made available
outside of http.c, since after the above changes, there are no other
instances of usage outside of http.c.

Remove members of the transfer_request struct in http-push.c and
http-walker.c, including filename, real_sha1 and zret, as they are used
no longer used.

Move the methods append_remote_object_url() and get_remote_object_url()
from http-push.c to http.c. Additionally, get_remote_object_url() is no
longer defined only when USE_CURL_MULTI is defined, since
non-USE_CURL_MULTI code in http.c uses it (namely, in
new_http_object_request()).

Refactor code from http-push.c::start_fetch_loose() and
http-walker.c::start_object_fetch_request() that deals with the details
of coming up with the filename to store the retrieved object, resuming
a previously aborted request, and making a new curl request, into a new
function, new_http_object_request().

Refactor code from http-walker.c::process_object_request() into the
function, process_http_object_request().

Refactor code from http-push.c::finish_request() and
http-walker.c::finish_object_request() into a new function,
finish_http_object_request(). It returns the result of the
move_temp_to_file() invocation.

Add a function, release_http_object_request(), which cleans up object
request data. http-push.c and http-walker.c invoke this function
separately; http-push.c::release_request() and
http-walker.c::release_object_request() do not invoke this function.

Add a function, abort_http_object_request(), which unlink()s the object
file and invokes release_http_object_request(). Update
http-walker.c::abort_object_request() to use this.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-06 11:03:11 -07:00
Tay Ray Chuan
2264dfa5c4 http*: add helper methods for fetching packs
The code handling the fetching of packs in http-push.c and
http-walker.c have been refactored into new methods and a new struct
(http_pack_request) in http.c. They are not meant to be invoked
elsewhere.

The new methods in http.c are
 - new_http_pack_request
 - finish_http_pack_request
 - release_http_pack_request

and the new struct is http_pack_request.

Add a function, new_http_pack_request(), that deals with the details of
coming up with the filename to store the retrieved packfile, resuming a
previously aborted request, and making a new curl request. Update
http-push.c::start_fetch_packed() and http-walker.c::fetch_pack() to
use this.

Add a function, finish_http_pack_request(), that deals with renaming
the pack, advancing the pack list, and installing the pack. Update
http-push.c::finish_request() and http-walker.c::fetch_pack to use
this.

Update release_request() in http-push.c and http-walker.c to invoke
release_http_pack_request() to clean up pack request helper data.

The local_stream member of the transfer_request struct in http-push.c
has been removed, as the packfile pointer will be managed in the struct
http_pack_request.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-06 11:03:11 -07:00
Tay Ray Chuan
39dc52cf4f http: use new http API in fetch_index()
Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-06 11:03:11 -07:00
Tay Ray Chuan
b8caac2b8a http*: add http_get_info_packs
http-push.c and http-walker.c no longer have to use fetch_index or
setup_index; they simply need to use http_get_info_packs, a new http
method, in their fetch_indices implementations.

Move fetch_index() and rename to fetch_pack_index() in http.c; this
method is not meant to be used outside of http.c. It invokes
end_url_with_slash with base_url; apart from that change, the code is
identical.

Move setup_index() and rename to fetch_and_setup_pack_index() in
http.c; this method is not meant to be used outside of http.c.

Do not immediately set ret to 0 in http-walker.c::fetch_indices();
instead do it in the HTTP_MISSING_TARGET case, to make it clear that
the HTTP_OK and HTTP_MISSING_TARGET cases both return 0.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-06 11:03:11 -07:00
Mike Hommey
0d5896e1cc http.c::http_fetch_ref(): use the new http API
The error message ("Unable to start request") has been removed, since
the http API already prints it.

Signed-off-by: Mike Hommey <mh@glandium.org>
Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-06 11:03:10 -07:00
Mike Hommey
e929cd20bb http.c: new functions for the http API
The new functions added are:
 - http_request() (internal function)
 - http_get_strbuf()
 - http_get_file()
 - http_error()

http_get_strbuf and http_get_file allow respectively to retrieve contents of
an URL to a strbuf or an opened file handle.

http_error prints out an error message containing the URL and the curl error
(in curl_errorstr).

Signed-off-by: Mike Hommey <mh@glandium.org>
Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-06 10:56:27 -07:00
Tay Ray Chuan
5ace994f33 http: create function end_url_with_slash
The logic to append a slash to the url if necessary in quote_ref_url
(added in 113106e "http.c: use strbuf API in quote_ref_url") has been
moved to a new function, end_url_with_slash.

The method takes a strbuf, the URL, and the path to be appended to the
URL. It first adds the URL to the strbuf. It then appends a slash
if the URL does not end with a slash.

The check on ref in quote_ref_url for a slash at the beginning has been
removed as a result of using end_url_with_slash. This check is not
needed, because slashes will be quoted anyway.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-06 10:56:27 -07:00
Tay Ray Chuan
e917674597 http*: move common variables and macros to http.[ch]
Move RANGE_HEADER_SIZE to http.h.

Create no_pragma_header, the curl header list containing the header
"Pragma:" in http.[ch]. It is allocated in http_init, and freed in
http_cleanup. This replaces the no_pragma_header in http-push.c, and
the no_pragma_header member in walker_data in http-walker.c.

Create http_is_verbose. It is to be used by methods in http.c, and is
modified at the entry points of http.c's users, namely http-push.c
(when parsing options) and http-walker.c (in get_http_walker).

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-06 10:56:27 -07:00
Martin Storsjö
3944ba0cb0 Allow curl to rewind the read buffers
When using multi-pass authentication methods, the curl library may
need to rewind the read buffers (depending on how much already has
been fed to the server) used for providing data to HTTP PUT, POST or
PROPFIND, and in order to allow the library to do so, we need to tell
it how by providing either an ioctl callback or a seek callback.

This patch adds an ioctl callback, which should be usable on older
curl versions (since 7.12.3) than the seek callback (introduced in
curl 7.18.0).

Some HTTP servers (such as Apache) give an 401 error reply immediately
after receiving the headers (so no data has been read from the read
buffers, and thus no rewinding is needed), but other servers (such
as Lighttpd) only replies after the whole request has been sent and
all data has been read from the read buffers, making rewinding necessary.

Signed-off-by: Martin Storsjo <martin@martin.st>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-04-02 13:04:07 -07:00
Junio C Hamano
750d930500 http.c: CURLOPT_NETRC_OPTIONAL is not available in ancient versions of cURL
Besides, we have already called easy_setopt with the option before coming
to this function if it was available, so there is no need to repeat it
here.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-03-12 22:42:19 -07:00
Junio C Hamano
c33976cbc6 http authentication via prompts
Curl is designed not to ask for password when only username is given in
the URL, but has a way for application to feed a (username, password) pair
to it.  With this patch, you do not have to keep your password in
plaintext in your $HOME/.netrc file when talking with a password protected
URL with http://<username>@<host>/path/to/repository.git/ syntax.

The code handles only the http-walker side, not the push side.  At least,
not yet.  But interested parties can add support for it.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-03-10 22:35:31 -07:00
Junio C Hamano
7059cd99fc http_init(): Fix config file parsing
We honor the command line options, environment variables, variables in
repository configuration file, variables in user's global configuration
file, variables in the system configuration file, and then finally use
built-in default.  To implement this semantics, the code should:

 - start from built-in default values;

 - call git_config() with the configuration parser callback, which
   implements "later definition overrides earlier ones" logic
   (git_config() reads the system's, user's and then repository's
   configuration file in this order);

 - override the result from the above with environment variables if set;

 - override the result from the above with command line options.

The initialization code http_init() for http transfer got this wrong, and
implemented a "first one wins, ignoring the later ones" in http_options(),
to compensate this mistake, read environment variables before calling
git_config().  This is all wrong.

As a second class citizen, the http codepath hasn't been audited as
closely as other parts of the system, but we should try to bring sanity to
it, before inviting contributors to improve on it.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-03-10 22:31:29 -07:00
Junio C Hamano
4251ccbd80 http.c: style cleanups
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-03-09 18:47:29 -07:00
Tay Ray Chuan
113106e06c http.c: use strbuf API in quote_ref_url
In addition, ''quote_ref_url'' inserts a slash between the base URL and
remote ref path only if needed. Previously, this insertion wasn't
contingent on the lack of a separating slash.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Acked-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-03-07 20:52:25 -08:00
Junio C Hamano
3a59bb22db Merge branch 'maint'
* maint:
  GIT 1.6.0.5
  "git diff <tree>{3,}": do not reverse order of arguments
  tag: delete TAG_EDITMSG only on successful tag
  gitweb: Make project specific override for 'grep' feature work
  http.c: use 'git_config_string' to get 'curl_http_proxy'
  fetch-pack: Avoid memcpy() with src==dst
2008-12-07 15:13:02 -08:00
Miklos Vajna
e4a80ecf40 http.c: use 'git_config_string' to get 'curl_http_proxy'
Signed-off-by: Miklos Vajna <vmiklos@frugalware.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-12-07 02:41:55 -08:00
Junio C Hamano
fb0863a528 Merge branch 'mh/maint-honor-no-ssl-verify'
* mh/maint-honor-no-ssl-verify:
  Don't verify host name in SSL certs when GIT_SSL_NO_VERIFY is set
2008-09-16 00:46:36 -07:00
Dotan Barak
e8eec71d6e Use xmalloc() and friends to catch allocation failures
Some places use the standard malloc/strdup without checking if the
allocation was successful; they should use xmalloc/xstrdup that
check the memory allocation result.

Signed-off-by: Dotan Barak <dotanba@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-09-09 16:28:05 -07:00
Junio C Hamano
a5ccc5979d Don't verify host name in SSL certs when GIT_SSL_NO_VERIFY is set
Originally from Mike Hommey; earlier we were disabling SSL_VERIFYPEER
but SSL_VERIFYHOST was in effect even when the user asked not to with
the environment variable.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-09-07 09:57:44 -07:00
Brian Hetro
7ef8ea7035 http.c: Use 'git_config_string' to clean up SSL config.
Signed-off-by: Brian Hetro <whee@smaertness.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-07-05 17:42:46 -07:00
Junio C Hamano
f444e5286e Work around gcc warnings from curl headers
After master.k.org upgrade, I started seeing these warning messages:

    transport.c: In function 'get_refs_via_curl':
    transport.c:458: error: call to '_curl_easy_setopt_err_write_callback' declared with attribute warning: curl_easy_setopt expects a curl_write_callback argument for this option

It appears that the curl header wants to enforce the function signature
for callback function given to curl_easy_setopt() to be compatible with
that of (*curl_write_callback) or fwrite.  This patch seems to work the
issue around.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-07-04 00:37:40 -07:00
Mike Hommey
7c1a9e7901 Don't allocate too much memory in quote_ref_url
In c13b263, http_fetch_ref got "refs/" included in the ref passed to it,
which, incidentally, makes the allocation in quote_ref_url too big, now.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-06-14 12:53:09 -07:00
Johannes Schindelin
ef90d6d420 Provide git_config with a callback-data parameter
git_config() only had a function parameter, but no callback data
parameter.  This assumes that all callback functions only modify
global variables.

With this patch, every callback gets a void * parameter, and it is hoped
that this will help the libification effort.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-05-14 12:34:44 -07:00
Daniel Barkalow
be885d96fe Make ls-remote http://... list HEAD, like for git://...
This makes a struct ref able to represent a symref, and makes http.c
able to recognize one, and makes transport.c look for "HEAD" as a ref
in the list, and makes it dereference symrefs for the resulting ref,
if any.

Signed-off-by: Daniel Barkalow <barkalow@iabervon.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-26 17:36:18 -07:00
Daniel Barkalow
c13b2633f4 Make walker.fetch_ref() take a struct ref.
This simplifies a few things, makes a few things slightly more
complicated, but, more importantly, allows that, when struct ref can
represent a symref, http_fetch_ref() can return one.

Incidentally makes the string that http_fetch_ref() gets include "refs/"
(if appropriate), because that's how the name field of struct ref works.
As far as I can tell, the usage in walker:interpret_target() wouldn't have
worked previously, if it ever would have been used, which it wouldn't
(since the fetch process uses the hash instead of the name of the ref
there).

Signed-off-by: Daniel Barkalow <barkalow@iabervon.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-26 17:36:17 -07:00
Junio C Hamano
27b4070e40 Merge branch 'maint'
* maint:
  Fix 'git remote show' regression on empty repository in 1.5.4
  Fix incorrect wording in git-merge.txt.
  git-merge.sh: better handling of combined --squash,--no-ff,--no-commit options
  Fix random crashes in http_cleanup()
2008-03-04 00:34:39 -08:00
Mike Hommey
f23d1f7627 Fix random crashes in http_cleanup()
For some reason, http_cleanup was running all active slots, which could
lead in situations where a freed slot would be accessed in
fill_active_slots. OTOH, we are cleaning up, which means the caller
doesn't care about pending requests. Just forget about them instead
or running them.

Signed-off-by: Mike Hommey <mh@glandium.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-03-03 13:36:44 -08:00
Mike Hommey
9fc6440d78 Set proxy override with http_init()
In transport.c, proxy setting (the one from the remote conf) was set through
curl_easy_setopt() call, while http.c already does the same with the
http.proxy setting. We now just use this infrastructure instead, and make
http_init() now take the struct remote as argument so that it can take the
http_proxy setting from there, and any other property that would be added
later.

At the same time, we make get_http_walker() take a struct remote argument
too, and pass it to http_init(), which makes remote defined proxy be used
for more than get_refs_via_curl().

We leave out http-fetch and http-push, which don't use remotes for the
moment, purposefully.

Signed-off-by: Mike Hommey <mh@glandium.org>
Acked-by: Daniel Barkalow <barkalow@iabervon.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-02-27 15:37:57 -08:00
Junio C Hamano
111dd25f3c http.c: guard config parser from value=NULL
http.sslcert and friends expect a string value

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-02-11 13:11:37 -08:00
Mike Hommey
d7e92806cd Move fetch_ref from http-push.c and http-walker.c to http.c
Make the necessary changes to be ok with their difference, and rename the
function http_fetch_ref.

Signed-off-by: Mike Hommey <mh@glandium.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-12-14 21:31:59 -08:00
Mike Hommey
028c297638 Use strbuf in http code
Also, replace whitespaces with tabs in some places

Signed-off-by: Mike Hommey <mh@glandium.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-12-14 21:31:59 -08:00
Mike Hommey
02dc534fc6 Remove a CURLOPT_HTTPHEADER (un)setting
Setting CURLOPT_HTTPHEADER doesn't add HTTP headers, but replaces whatever
set of headers was configured before, so setting to NULL doesn't have any
magic meaning, and is pretty much useless when setting to another list
right after.

Signed-off-by: Mike Hommey <mh@glandium.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-12-14 21:31:59 -08:00
Mike Hommey
cc3530e8f3 Cleanup variables in http.[ch]
Quite some variables defined as extern in http.h are only used in http.c,
and some others, only defined in http.c, were not static.

Signed-off-by: Mike Hommey <mh@glandium.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-12-09 12:18:42 -08:00
Sam Vilain
9c5665aa3c Allow HTTP proxy to be overridden in config
The http_proxy / HTTPS_PROXY variables used by curl to control
proxying may not be suitable for git.  Allow the user to override them
in the configuration file.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-12-03 22:11:53 -08:00
Shawn O. Pearce
3278cd0a39 Properly cleanup in http_cleanup so builtin-fetch does not segfault
Junio and I both noticed that the new builtin-fetch was segfaulting
immediately on http/https/ftp style URLs (those that went through
libcurl and the commit walker).  Although the builtin-fetch changes
in this area were really just minor refactorings there was one major
change made: we invoked http_init(), http_cleanup() then http_init()
again in the same process.

When we call curl_easy_cleanup() on each active_request_slot we
are telling libcurl we did not want that buffer to be used again.
Unfortunately we did not also deallocate the active_request_slot
itself nor did we NULL out active_queue_head.  This lead us to
attempt to reuse these cleaned up libcurl handles when we later tried
to invoke http_init() a second time to reactivate the curl library.
The next file get operation then immediately segfaulted on most
versions of libcurl.

Properly freeing our own buffers and clearing the list causes us to
reinitialize the curl buffers again if/when we need to use libcurl
from within this same process.

Signed-off-by: Shawn O. Pearce <spearce@spearce.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-09-19 03:22:31 -07:00
Daniel Barkalow
fc57b6aaa5 Make function to refill http queue a callback
This eliminates the last function provided by the code using http.h as
a global symbol, so it should be possible to have multiple programs
using http.h in the same executable, and it also adds an argument to
that callback, so that info can be passed into the callback without
being global.

Signed-off-by: Daniel Barkalow <barkalow@iabervon.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-09-19 03:22:30 -07:00
Daniel Barkalow
45c1741235 Refactor http.h USE_CURL_MULTI fill_active_slots().
This removes all of the boilerplate and http-internal stuff from
fill_active_slots() and makes it easy to turn into a callback.

Signed-off-by: Daniel Barkalow <barkalow@iabervon.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-09-19 03:22:29 -07:00
Junio C Hamano
a6080a0a44 War on whitespace
This uses "git-apply --whitespace=strip" to fix whitespace errors that have
crept in to our source files over time.  There are a few files that need
to have trailing whitespaces (most notably, test vectors).  The results
still passes the test, and build result in Documentation/ area is unchanged.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-06-07 00:04:01 -07:00
Julian Phillips
e9d54bd18b http.c: Fix problem with repeated calls of http_init
Calling http_init after calling http_cleanup causes a segfault.  This
is due to the pragma_header curl_slist being freed but not being set
to NULL.  The subsequent call to http_init tries to setup the slist
again, but it now points to an invalid memory location.

Signed-off-by: Julian Phillips <julian@quantumfyre.co.uk>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-04-29 01:34:59 -07:00
Sasha Khapyorsky
3ea099d48b http/ftp: optionally ask curl to not use EPSV command
If http.noEPSV config variable is defined and true, or if
GIT_CURL_FTP_NO_EPSV environment variable is defined, disable using
of EPSV ftp command (PASV will be used instead). This is helpful with
some "poor" ftp servers which does not support EPSV mode.

Signed-off-by: Sasha Khapyorsky <sashak@voltaire.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-09-28 19:02:46 -07:00
Florian Forster
1d7f171c3a Remove all void-pointer arithmetic.
ANSI C99 doesn't allow void-pointer arithmetic. This patch fixes this in
various ways. Usually the strategy that required the least changes was used.

Signed-off-by: Florian Forster <octo@verplant.org>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-06-20 01:59:46 -07:00
Nick Hengeveld
b3ca4e4ebb HTTP cleanup
Fix broken build when USE_CURL_MULTI is not defined, as noted by Becky Bruce.

During cleanup, free header slist that was created during init, as noted
by Junio.

Signed-off-by: Nick Hengeveld <nickh@reactrix.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-06-06 14:18:00 -07:00
Nick Hengeveld
9094950d73 http: prevent segfault during curl handle reuse
If a curl handle is configured with special options, they may reference
information that is freed after the request is complete which can cause
a segfault if the curl handle is reused for a different type of request.

This patch resets these options to a safe state when a transfer slot is
assigned to a new request.

Signed-off-by: Nick Hengeveld <nickh@reactrix.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-05-31 18:24:05 -07:00
Nick Hengeveld
20fc9bc5e4 Set HTTP user agent to git/GIT_VERSION
Useful for diagnostics/troubleshooting to know which client versions are
hitting your server.

Signed-off-by: Nick Hengeveld <nickh@reactrix.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-04-04 14:42:47 -07:00
Nick Hengeveld
baa7b67d09 HTTP slot reuse fixes
Incorporate into http-push a fix related to accessing slot results after
the slot was reused, and fix a case in run_active_slot where a
finished slot wasn't detected if the slot was reused.

Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-03-10 23:01:48 -08:00
Mark Wooding
53f313897e http-fetch: Abort requests for objects which arrived in packs
In fetch_object, there's a call to release an object request if the
object mysteriously arrived, say in a pack.  Unfortunately, the fetch
attempt for this object might already be in progress, and we'll leak the
descriptor.  Instead, try to tidy away the request.

Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-02-07 02:13:02 -08:00
Mark Wooding
7982d74e1c http: Turn on verbose Curl messages if GIT_CURL_VERBOSE set in environment
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-02-05 16:49:16 -08:00
Nick Hengeveld
c8568e139e Fix HTTP request result processing after slot reuse
Add a way to store the results of an HTTP request when a slot finishes
so the results can be processed after the slot has been reused.

Signed-off-by: Nick Hengeveld <nickh@reactrix.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2006-01-31 16:17:24 -08:00
Junio C Hamano
11979b98ad http.c: reorder to avoid compilation failure.
Move the static function get_curl_handle() around to make sure
its definition and declarations are seen by the compiler before
its first use.  Also remove an unused variable.

Signed-off-by: Junio C Hamano <junkio@cox.net>
2005-11-19 20:17:25 -08:00
Nick Hengeveld
29508e1efb Isolate shared HTTP request functionality
Move shared HTTP request functionality out of http-fetch and http-push,
and replace the two fwrite_buffer/fwrite_buffer_dynamic functions with
one fwrite_buffer function that does dynamic buffering.  Use slot
callbacks to process responses to fetch object transfer requests and
push transfer requests, and put all of http-push into an #ifdef check
for curl multi support.

Signed-off-by: Nick Hengeveld <nickh@reactrix.com>
Signed-off-by: Junio C Hamano <junkio@cox.net>
2005-11-19 20:17:24 -08:00