summaryrefslogtreecommitdiff
path: root/http.c
AgeCommit message (Collapse)Author
2011-08-11Merge branch 'rc/maint-http-wrong-free'Junio C Hamano
* rc/maint-http-wrong-free: Makefile: some changes for http-related flag documentation http.c: fix an invalid free() Conflicts: Makefile
2011-08-03http.c: fix an invalid free()Tay Ray Chuan
Remove a free() on the static buffer returned by sha1_file_name(). While we're at it, replace xmalloc() calls on the structs http_(object|pack)_request with xcalloc() so that pointers in the structs get initialized to NULL. That way, free()'s are safe - for example, a free() on the url string member when aborting. This fixes an invalid free(). Reported-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Helped-by: Jeff King peff@peff.net Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-06-03http: pass http.cookiefile using CURLOPT_COOKIEFILEDuncan Brown
If the config option http.cookiefile is set, pass this file to libCURL using the CURLOPT_COOKIEFILE option. This is similar to calling curl with the -b option. This allows git http authorization with authentication mechanisms that use cookies, such as SAML Enhanced Client or Proxy (ECP) used by Shibboleth. To use SAML/ECP, the user needs to request a session cookie with their own ECP code. See for example: <https://wiki.shibboleth.net/confluence/display/SHIB2/ECP> Once the cookie file has been created, it can be passed to git with, e.g. git config --global http.cookiefile "/home/dbrown/.curlcookies" libCURL will then pass the appropriate session cookies to the git http server. Signed-off-by: Duncan Brown <duncan.brown@ligo.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-05-04Merge branch 'sp/maint-clear-postfields' into maintJunio C Hamano
* sp/maint-clear-postfields: http: clear POSTFIELDS when initializing a slot
2011-05-04http: make curl callbacks match contracts from curl headerDan McGee
Yes, these don't match perfectly with the void* first parameter of the fread/fwrite in the standard library, but they do match the curl expected method signature. This is needed when a refactor passes a curl_write_callback around, which would otherwise give incorrect parameter warnings. Signed-off-by: Dan McGee <dpmcgee@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-04-28Merge branch 'sp/maint-clear-postfields'Junio C Hamano
* sp/maint-clear-postfields: http: clear POSTFIELDS when initializing a slot
2011-04-26http: clear POSTFIELDS when initializing a slotJunio C Hamano
After posting a short request using CURLOPT_POSTFIELDS, if the slot is reused for posting a large payload, the slot ends up having both POSTFIELDS (which now points at a random garbage) and READFUNCTION, in which case the curl library tries to use the stale POSTFIELDS. Clear it as part of the general slot initialization in get_active_slot(). Heavylifting-by: Shawn Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com> Acked-by: Shawn Pearce <spearce@spearce.org>
2010-12-13Merge branch 'tc/http-urls-ends-with-slash'Junio C Hamano
* tc/http-urls-ends-with-slash: http-fetch: rework url handling http-push: add trailing slash at arg-parse time, instead of later on http-push: check path length before using it http-push: Normalise directory names when pushing to some WebDAV servers http-backend: use end_url_with_slash() url: add str wrapper for end_url_with_slash() shift end_url_with_slash() from http.[ch] to url.[ch] t5550-http-fetch: add test for http-fetch t5550-http-fetch: add missing '&&'
2010-12-08Merge branch 'gc/http-with-non-ascii-username-url'Junio C Hamano
* gc/http-with-non-ascii-username-url: Fix username and password extraction from HTTP URLs t5550: test HTTP authentication and userinfo decoding Conflicts: t/lib-httpd/apache.conf
2010-11-26shift end_url_with_slash() from http.[ch] to url.[ch]Tay Ray Chuan
This allows non-http/curl users to access it too (eg. http-backend.c). Update include headers in end_url_with_slash() users too. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-11-17Fix username and password extraction from HTTP URLsGabriel Corona
Change the authentification initialisation to percent-decode username and password for HTTP URLs. Signed-off-by: Gabriel Corona <gabriel.corona@enst-bretagne.fr> Acked-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-09-27smart-http: Don't change POST to GET when following redirectTay Ray Chuan
For a long time (29508e1 "Isolate shared HTTP request functionality", Fri Nov 18 11:02:58 2005), we've followed HTTP redirects with CURLOPT_FOLLOWLOCATION. However, when the remote HTTP server returns a redirect the default libcurl action is to change a POST request into a GET request while following the redirect, but the remote http backend does not expect that. Fix this by telling libcurl to always keep the request as type POST with CURLOPT_POSTREDIR. For users of libcurl older than 7.19.1, use CURLOPT_POST301 instead, which only follows 301s instead of both 301s and 302s. Signed-off-by: Andreas Schwab <schwab@linux-m68k.org> Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-08-11Allow HTTP user agent string to be modified.Spencer E. Olson
Some firewalls restrict HTTP connections based on the clients user agent. This commit provides the user the ability to modify the user agent string via either a new config option (http.useragent) or by an environment variable (GIT_HTTP_USER_AGENT). Relevant documentation is added to Documentation/config.txt. Signed-off-by: Spencer E. Olson <olsonse@umich.edu> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-05-21Merge branch 'sp/maint-dumb-http-pack-reidx'Junio C Hamano
* sp/maint-dumb-http-pack-reidx: http.c::new_http_pack_request: do away with the temp variable filename http-fetch: Use temporary files for pack-*.idx until verified http-fetch: Use index-pack rather than verify-pack to check packs Allow parse_pack_index on temporary files Extract verify_pack_index for reuse from verify_pack Introduce close_pack_index to permit replacement http.c: Remove unnecessary strdup of sha1_to_hex result http.c: Don't store destination name in request structures http.c: Drop useless != NULL test in finish_http_pack_request http.c: Tiny refactoring of finish_http_pack_request t5550-http-fetch: Use subshell for repository operations http.c: Remove bad free of static block
2010-05-09Merge branch 'rc/maint-curl-helper'Junio C Hamano
* rc/maint-curl-helper: remote-curl: ensure that URLs have a trailing slash http: make end_url_with_slash() public t5541-http-push: add test for URLs with trailing slash Conflicts: remote-curl.c
2010-04-20http.c::new_http_pack_request: do away with the temp variable filenameTay Ray Chuan
Now that the temporary variable char *filename is only used in one place, do away with it and just call sha1_pack_name() directly. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Acked-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-20http-fetch: Use temporary files for pack-*.idx until verifiedShawn O. Pearce
Verify that a downloaded pack-*.idx file is consistent and valid as an index file before we rename it into its final destination. This prevents a corrupt index file from later being treated as a usable file, confusing readers. Check that we do not have the pack index file before invoking fetch_pack_index(); that way, we can do without the has_pack_index() check in fetch_pack_index(). Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-20http-fetch: Use index-pack rather than verify-pack to check packsShawn O. Pearce
To ensure we don't leave a corrupt pack file positioned as though it were a valid pack file, run index-pack on the temporary pack before we rename it to its final name. If index-pack crashes out when it discovers file corruption (e.g. GitHub's error HTML at the end of the file), simply delete the temporary files to cleanup. By waiting until the pack has been validated before we move it to its final name, we eliminate a race condition where another concurrent reader might try to access the pack at the same time that we are still trying to verify its not corrupt. Switching from verify-pack to index-pack is a change in behavior, but it should turn out better for users. The index-pack algorithm tries to minimize disk seeks, as well as the number of times any given object is inflated, by organizing its work along delta chains. The verify-pack logic does not attempt to do this, thrashing the delta base cache and the filesystem cache. By recreating the index file locally, we also can automatically upgrade from a v1 pack table of contents to v2. This makes the CRC32 data available for use during later repacks, even if the server didn't have them on hand. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Acked-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-20Allow parse_pack_index on temporary filesShawn O. Pearce
The easiest way to verify a pack index is to open it through the standard parse_pack_index function, permitting the header check to happen when the file is mapped. However, the dumb HTTP client needs to verify a pack index before its moved into its proper file name within the objects/pack directory, to prevent a corrupt index from being made available. So permit the caller to specify the exact path of the index file. For now we're still using the final destination name within the sole call site in http.c, but eventually we will start to parse the temporary path instead. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-20http.c: Remove unnecessary strdup of sha1_to_hex resultShawn O. Pearce
Most of the time the dumb HTTP transport is run without the verbose flag set, so we only need the result of sha1_to_hex(sha1) once, to construct the pack URL. Don't bother with an unnecessary malloc, copy, free chain of this buffer. If verbose is set, we'll format the SHA-1 twice now. But this tiny extra CPU time spent is nothing compared to the slowdown that is usually imposed by the verbose messages being sent to the tty, and is entirely trivial compared to the latency involved with the remote HTTP server sending something as big as a pack file. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Acked-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-17http.c: Don't store destination name in request structuresShawn O. Pearce
The destination name within the object store is easily computed on demand, reusing a static buffer held by sha1_file.c. We don't need to copy the entire path into the request structure for safe keeping, when it can be easily reformatted after the download has been completed. This reduces the size of the per-request structure, and removes yet another PATH_MAX based limit. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-17http.c: Drop useless != NULL test in finish_http_pack_requestShawn O. Pearce
The test preq->packfile != NULL is always true. If packfile was actually NULL when entering this function the ftell() above would crash out with a SIGSEGV, resulting in never reaching this point. Simplify the code by just removing the conditional. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-17http.c: Tiny refactoring of finish_http_pack_requestShawn O. Pearce
Always remove the struct packed_git from the active list, even if the rename of the temporary file fails. While we are here, simplify the code a bit by using a common local variable name ("p") to hold the relevant packed_git. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-17http.c: Remove bad free of static blockShawn O. Pearce
The filename variable here is pointing to a block of memory that was allocated by sha1_file.c and is also held in a static variable scoped within the sha1_pack_name() function. Doing a free() here is returning that memory to the allocator while we might still try to reuse it on a subsequent sha1_pack_name() invocation. That's not acceptable, so don't free it. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-10http: make end_url_with_slash() publicTay Ray Chuan
Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-04-02Prompt for a username when an HTTP request 401sScott Chacon
When an HTTP request returns a 401, Git will currently fail with a confusing message saying that it got a 401, which is not very descriptive. Currently if a user wants to use Git over HTTP, they have to use one URL with the username in the URL (e.g. "http://user@host.com/repo.git") for write access and another without the username for unauthenticated read access (unless they want to be prompted for the password each time). However, since the HTTP servers will return a 401 if an action requires authentication, we can prompt for username and password if we see this, allowing us to use a single URL for both purposes. This patch changes http_request to prompt for the username and password, then return HTTP_REAUTH so http_get_strbuf can try again. If it gets a 401 even when a user/pass is supplied, http_request will now return HTTP_NOAUTH which remote_curl can then use to display a more intelligent error message that is less confusing. Signed-off-by: Scott Chacon <schacon@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-05git-core: Support retrieving passwords with GIT_ASKPASSFrank Li
git tries to read a password from the terminal in imap-send and when talking to a http server that requires authentication. When a GUI is driving git, however, the end user is not paying attention to the terminal (there may not even be a terminal). GUI would appear to hang forever. Fix this problem by allowing a password-retrieving command to be specified in GIT_ASKPASS Signed-off-by: Frank Li <lznuaa@gmail.com> Signed-off-by: Johannes Sixt <j6t@kdbg.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-12http.c: mark file-local functions staticJunio C Hamano
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-10Merge branch 'tr/http-updates'Junio C Hamano
* tr/http-updates: Remove http.authAny Allow curl to rewind the RPC read buffer Add an option for using any HTTP authentication scheme, not only basic http: maintain curl sessions
2010-01-04Use warning function instead of fprintf(stderr, "Warning: ...").Thiago Farina
Signed-off-by: Thiago Farina <tfransosi@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-12-29Remove http.authAnyJunio C Hamano
Back when the feature to use different HTTP authentication methods was originally written, it needed an extra HTTP request for everything when the feature was in effect, because we didn't reuse curl sessions. However, b8ac923 (Add an option for using any HTTP authentication scheme, not only basic, 2009-11-27) builds on top of an updated codebase that does reuse curl sessions; there is no need to manually avoid the extra overhead by making this configurable anymore. Acked-by: Martin Storsjo <martin@martin.st> Acked-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-11-28Add an option for using any HTTP authentication scheme, not only basicMartin Storsjö
This adds the configuration option http.authAny (overridable with the environment variable GIT_HTTP_AUTH_ANY), for instructing curl to allow any HTTP authentication scheme, not only basic (which sends the password in plaintext). When this is enabled, curl has to do double requests most of the time, in order to discover which HTTP authentication method to use, which lowers the performance slightly. Therefore this isn't enabled by default. One example of another authentication scheme to use is digest, which doesn't send the password in plaintext, but uses a challenge-response mechanism instead. Using digest authentication in practice requires at least curl 7.18.1, due to bugs in the digest handling in earlier versions of curl. Signed-off-by: Martin Storsjö <martin@martin.st> Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-11-28http: maintain curl sessionsTay Ray Chuan
Allow curl sessions to be kept alive (ie. not ended with curl_easy_cleanup()) even after the request is completed, the number of which is determined by the configuration setting http.minSessions. Add a count for curl sessions, and update it, across slots, when starting and ending curl sessions. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-11-05Smart push over HTTP: client sideShawn O. Pearce
The git-remote-curl backend detects if the remote server supports the git-receive-pack service, and if so, runs git-send-pack in a pipe to dump the command and pack data as a single POST request. The advertisements from the server that were obtained during the discovery are passed into git-send-pack before the POST request starts. This permits git-send-pack to operate largely unmodified. For smaller packs (those under 1 MiB) a HTTP/1.0 POST with a Content-Length is used, permitting interaction with any server. The 1 MiB limit is arbitrary, but is sufficent to fit most deltas created by human authors against text sources with the occasional small binary file (e.g. few KiB icon image). The configuration option http.postBuffer can be used to increase (or shink) this buffer if the default is not sufficient. For larger packs which cannot be spooled entirely into the helper's memory space (due to http.postBuffer being too small), the POST request requires HTTP/1.1 and sets "Transfer-Encoding: chunked". This permits the client to upload an unknown amount of data in one HTTP transaction without needing to pregenerate the entire pack file locally. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> CC: Daniel Barkalow <barkalow@iabervon.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-09-14Merge branch 'maint'Junio C Hamano
* maint: http.c: avoid freeing an uninitialized pointer
2009-09-14http.c: avoid freeing an uninitialized pointerJunio C Hamano
An earlier 59b8d38 (http.c: remove verification of remote packs) left the variable "url" uninitialized; "goto cleanup" codepath can free it which is not very nice. Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-09-13Merge branch 'maint'Junio C Hamano
* maint: GIT 1.6.4.3 svn: properly escape arguments for authors-prog http.c: remove verification of remote packs grep: accept relative paths outside current working directory grep: fix exit status if external_grep() punts Conflicts: GIT-VERSION-GEN RelNotes
2009-09-11http.c: remove verification of remote packsTay Ray Chuan
Make http.c::fetch_pack_index() no longer check for the remote pack with a HEAD request before fetching the corresponding pack index file. Not only does sending a HEAD request before we do a GET incur a performance penalty, it does not offer any significant error- prevention advantages (pack fetching in the *_http_pack_request() methods is capable of handling any errors on its own). This addresses an issue raised elsewhere: http://code.google.com/p/msysgit/issues/detail?id=323 http://support.github.com/discussions/repos/957-cant-clone-over-http-or-git Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-29Merge branch 'maint'Junio C Hamano
* maint: http.c: set slot callback members to NULL when releasing object
2009-08-29Merge branch 'rc/maint-http-fix' into maintJunio C Hamano
* rc/maint-http-fix: http.c: don't assume that urls don't end with slash
2009-08-29http.c: set slot callback members to NULL when releasing objectTay Ray Chuan
Set the members callback_func and callback_data of freq->slot to NULL when releasing a http_object_request. release_active_slot() is also invoked on the slot to remove the curl handle associated with the slot from the multi stack (CURLM *curlm in http.c). These prevent the callback function and data from being used in http methods (like http.c::finish_active_slot()) after a http_object_request has been free'd. Noticed by Ali Polatel, who later tested this patch to verify that it fixes the problem he saw; Dscho helped to identify the problem spot. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-19Merge branch 'rc/maint-http-fix'Junio C Hamano
* rc/maint-http-fix: http.c: don't assume that urls don't end with slash
2009-08-18http.c: don't assume that urls don't end with slashTay Ray Chuan
Make append_remote_object_url() (and by implication, get_remote_object_url) use end_url_with_slash() to ensure that the url ends with a slash. Previously, they assumed that the url did not end with a slash and as a result appended a slash, sometimes errorneously. This fixes an issue introduced in 5424bc5 ("http*: add helper methods for fetching objects (loose)"), where the append_remote_object_url() implementation in http-push.c, which assumed that urls end with a slash, was replaced by another one in http.c, which assumed urls did not end with a slash. The above issue was raised by Thomas Schlichter: http://marc.info/?l=git&m=125043105231327 Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Tested-by: Thomas Schlichter <thomas.schlichter@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-10Check return value of ftruncate call in http.cJeff Lasslett
In new_http_object_request(), check ftruncate() call return value and handle possible errors. Signed-off-by: Jeff Lasslett <jeff.lasslett@gmail.com> Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-10http.c: replace usage of temporary variable for urlsTay Ray Chuan
Use preq->url in new_http_pack_request and freq->url in new_http_object_request when calling curl_setopt(CURLOPT_URL), instead of using an intermediate variable, 'url'. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-08-10http.c: free preq when abortingTay Ray Chuan
Free preq in new_http_pack_request when aborting. preq was allocated before jumping to the 'abort' label so this is safe. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-07-09Merge branch 'ml/http'Junio C Hamano
* ml/http: http.c: add http.sslCertPasswordProtected option http.c: prompt for SSL client certificate password Conflicts: http.c
2009-06-18http.c: add http.sslCertPasswordProtected optionMark Lodato
Add a configuration option, http.sslCertPasswordProtected, and associated environment variable, GIT_SSL_CERT_PASSWORD_PROTECTED, to enable SSL client certificate password prompt from within git. If this option is false and if the environment variable does not exist, git falls back to OpenSSL's prompts (as in earlier versions of git). The environment variable may only be used to enable, not to disable git's password prompt. This behavior mimics GIT_NO_VERIFY; the mere existence of the variable is all that is checked. Signed-off-by: Mark Lodato <lodatom@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-18http.c: prompt for SSL client certificate passwordMark Lodato
If an SSL client certificate is enabled (via http.sslcert or GIT_SSL_CERT), prompt for the certificate password rather than defaulting to OpenSSL's password prompt. This causes the prompt to only appear once each run. Previously, OpenSSL prompted the user *many* times, causing git to be unusable over HTTPS with client-side certificates. Note that the password is stored in memory in the clear while the program is running. This may be a security problem if git crashes and core dumps. The user is always prompted, even if the certificate is not encrypted. This should be fine; unencrypted certificates are rare and a security risk anyway. Signed-off-by: Mark Lodato <lodatom@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-18Merge branch 'maint'Junio C Hamano
* maint: http.c: fix compiling with libcurl 7.9.2 import-tars: support symlinks pull, rebase: simplify to use die()