rugged 0.22.0b4 → 0.22.0b5

data/vendor/libgit2/src/global.c

@@ -131,6 +131,7 @@ int git_openssl_set_locking(void)
 	giterr_set(GITERR_THREAD, "libgit2 as not built with threads");
 	return -1;
 # endif
+#else
 	giterr_set(GITERR_SSL, "libgit2 was not built with OpenSSL support");
 	return -1;
 #endif
@@ -194,19 +195,21 @@ static int synchronized_threads_init(void)
 
 int git_libgit2_init(void)
 {
-	int error = 0;
+	int ret;
 
 	/* Enter the lock */
 	while (InterlockedCompareExchange(&_mutex, 1, 0)) { Sleep(0); }
 
 	/* Only do work on a 0 -> 1 transition of the refcount */
-	if (1 == git_atomic_inc(&git__n_inits))
-		error = synchronized_threads_init();
+	if ((ret = git_atomic_inc(&git__n_inits)) == 1) {
+		if (synchronized_threads_init() < 0)
+			ret = -1;
+	}
 
 	/* Exit the lock */
 	InterlockedExchange(&_mutex, 0);
 
-	return error;
+	return ret;
 }
 
 static void synchronized_threads_shutdown(void)
@@ -217,17 +220,21 @@ static void synchronized_threads_shutdown(void)
 	git_mutex_free(&git__mwindow_mutex);
 }
 
-void git_libgit2_shutdown(void)
+int git_libgit2_shutdown(void)
 {
+	int ret;
+
 	/* Enter the lock */
 	while (InterlockedCompareExchange(&_mutex, 1, 0)) { Sleep(0); }
 
 	/* Only do work on a 1 -> 0 transition of the refcount */
-	if (0 == git_atomic_dec(&git__n_inits))
+	if ((ret = git_atomic_dec(&git__n_inits)) == 0)
 		synchronized_threads_shutdown();
 
 	/* Exit the lock */
 	InterlockedExchange(&_mutex, 0);
+
+	return ret;
 }
 
 git_global_st *git__global_state(void)
@@ -281,17 +288,22 @@ static void init_once(void)
 
 int git_libgit2_init(void)
 {
+	int ret;
+
 	pthread_once(&_once_init, init_once);
-	git_atomic_inc(&git__n_inits);
-	return init_error;
+	ret = git_atomic_inc(&git__n_inits);
+
+	return init_error ? init_error : ret;
 }
 
-void git_libgit2_shutdown(void)
+int git_libgit2_shutdown(void)
 {
 	void *ptr = NULL;
 	pthread_once_t new_once = PTHREAD_ONCE_INIT;
+	int ret;
 
-	if (git_atomic_dec(&git__n_inits) > 0) return;
+	if ((ret = git_atomic_dec(&git__n_inits)) > 0)
+		return ret;
 
 	/* Shut down any subsystems that have global state */
 	git__shutdown();
@@ -303,6 +315,8 @@ void git_libgit2_shutdown(void)
 	pthread_key_delete(_tls_key);
 	git_mutex_free(&git__mwindow_mutex);
 	_once_init = new_once;
+
+	return ret;
 }
 
 git_global_st *git__global_state(void)
@@ -336,15 +350,18 @@ int git_libgit2_init(void)
 		ssl_inited = 1;
 	}
 
-	git_atomic_inc(&git__n_inits);
-	return 0;
+	return git_atomic_inc(&git__n_inits);
 }
 
-void git_libgit2_shutdown(void)
+int git_libgit2_shutdown(void)
 {
+	int ret;
+
 	/* Shut down any subsystems that have global state */
-	if (0 == git_atomic_dec(&git__n_inits))
+	if (ret = git_atomic_dec(&git__n_inits))
 		git__shutdown();
+
+	return ret;
 }
 
 git_global_st *git__global_state(void)

data/vendor/libgit2/src/ignore.c

@@ -4,11 +4,87 @@
 #include "attrcache.h"
 #include "path.h"
 #include "config.h"
+#include "fnmatch.h"
 
 #define GIT_IGNORE_INTERNAL		"[internal]exclude"
 
 #define GIT_IGNORE_DEFAULT_RULES ".\n..\n.git\n"
 
+/**
+ * A negative ignore can only unignore a file which is given explicitly before, thus
+ *
+ *    foo
+ *    !foo/bar
+ *
+ * does not unignore 'foo/bar' as it's not in the list. However
+ *
+ *    foo/<star>
+ *    !foo/bar
+ *
+ * does unignore 'foo/bar', as it is contained within the 'foo/<star>' rule.
+ */
+static int does_negate_rule(int *out, git_vector *rules, git_attr_fnmatch *match)
+{
+	int error = 0;
+	size_t i;
+	git_attr_fnmatch *rule;
+	char *path;
+	git_buf buf = GIT_BUF_INIT;
+
+	/* path of the file relative to the workdir, so we match the rules in subdirs */
+	if (match->containing_dir) {
+		git_buf_puts(&buf, match->containing_dir);
+	}
+	if (git_buf_puts(&buf, match->pattern) < 0)
+		return -1;
+
+	path = git_buf_detach(&buf);
+
+	git_vector_foreach(rules, i, rule) {
+		/* no chance of matching w/o a wilcard */
+		if (!(rule->flags & GIT_ATTR_FNMATCH_HASWILD))
+			continue;
+
+	/*
+	 * If we're dealing with a directory (which we know via the
+	 * strchr() check) we want to use 'dirname/<star>' as the
+	 * pattern so p_fnmatch() honours FNM_PATHNAME
+	 */
+		git_buf_clear(&buf);
+		if (rule->containing_dir) {
+			git_buf_puts(&buf, rule->containing_dir);
+		}
+		if (!strchr(rule->pattern, '*'))
+			error = git_buf_printf(&buf, "%s/*", rule->pattern);
+		else
+			error = git_buf_puts(&buf, rule->pattern);
+
+		if (error < 0)
+			goto out;
+
+
+		if ((error = p_fnmatch(git_buf_cstr(&buf), path, FNM_PATHNAME)) < 0) {
+			giterr_set(GITERR_INVALID, "error matching pattern");
+			goto out;
+		}
+
+		/* if we found a match, we want to keep this rule */
+		if (error != FNM_NOMATCH) {
+			*out = 1;
+			error = 0;
+			goto out;
+		}
+	}
+
+	*out = 0;
+	error = 0;
+
+out:
+	git__free(path);
+	git_buf_free(&buf);
+	return error;
+}
+
 static int parse_ignore_file(
 	git_repository *repo, git_attr_file *attrs, const char *data)
 {
@@ -32,6 +108,8 @@ static int parse_ignore_file(
 	}
 
 	while (!error && *scan) {
+		int valid_rule = 1;
+
 		if (!match && !(match = git__calloc(1, sizeof(*match)))) {
 			error = -1;
 			break;
@@ -48,11 +126,16 @@ static int parse_ignore_file(
 				match->flags |= GIT_ATTR_FNMATCH_ICASE;
 
 			scan = git__next_line(scan);
-			error = git_vector_insert(&attrs->rules, match);
+
+			/* if a negative match doesn't actually do anything, throw it away */
+			if (match->flags & GIT_ATTR_FNMATCH_NEGATIVE)
+				error = does_negate_rule(&valid_rule, &attrs->rules, match);
+
+			if (!error && valid_rule)
+				error = git_vector_insert(&attrs->rules, match);
 		}
 
-		if (error != 0) {
-			git__free(match->pattern);
+		if (error != 0 || !valid_rule) {
 			match->pattern = NULL;
 
 			if (error == GIT_ENOTFOUND)

data/vendor/libgit2/src/index.c

@@ -762,23 +762,35 @@ void git_index_entry__init_from_stat(
 	entry->file_size = st->st_size;
 }
 
-static git_index_entry *index_entry_alloc(const char *path)
+static int index_entry_create(
+	git_index_entry **out,
+	git_repository *repo,
+	const char *path)
 {
 	size_t pathlen = strlen(path);
-	struct entry_internal *entry =
-		git__calloc(sizeof(struct entry_internal) + pathlen + 1, 1);
-	if (!entry)
-		return NULL;
+	struct entry_internal *entry;
+
+	if (!git_path_isvalid(repo, path,
+		GIT_PATH_REJECT_DEFAULTS | GIT_PATH_REJECT_DOT_GIT)) {
+		giterr_set(GITERR_INDEX, "Invalid path: '%s'", path);
+		return -1;
+	}
+
+	entry = git__calloc(sizeof(struct entry_internal) + pathlen + 1, 1);
+	GITERR_CHECK_ALLOC(entry);
 
 	entry->pathlen = pathlen;
 	memcpy(entry->path, path, pathlen);
 	entry->entry.path = entry->path;
 
-	return (git_index_entry *)entry;
+	*out = (git_index_entry *)entry;
+	return 0;
 }
 
 static int index_entry_init(
-	git_index_entry **entry_out, git_index *index, const char *rel_path)
+	git_index_entry **entry_out,
+	git_index *index,
+	const char *rel_path)
 {
 	int error = 0;
 	git_index_entry *entry = NULL;
@@ -790,14 +802,17 @@ static int index_entry_init(
 			"Could not initialize index entry. "
 			"Index is not backed up by an existing repository.");
 
+	if (index_entry_create(&entry, INDEX_OWNER(index), rel_path) < 0)
+		return -1;
+
 	/* write the blob to disk and get the oid and stat info */
 	error = git_blob__create_from_paths(
 		&oid, &st, INDEX_OWNER(index), NULL, rel_path, 0, true);
-	if (error < 0)
-		return error;
 
-	entry = index_entry_alloc(rel_path);
-	GITERR_CHECK_ALLOC(entry);
+	if (error < 0) {
+		index_entry_free(entry);
+		return error;
+	}
 
 	entry->id = oid;
 	git_index_entry__init_from_stat(entry, &st, !index->distrust_filemode);
@@ -853,7 +868,10 @@ static void index_entry_cpy(git_index_entry *tgt, const git_index_entry *src)
 	tgt->path = tgt_path; /* reset to existing path data */
 }
 
-static int index_entry_dup(git_index_entry **out, const git_index_entry *src)
+static int index_entry_dup(
+	git_index_entry **out,
+	git_repository *repo,
+	const git_index_entry *src)
 {
 	git_index_entry *entry;
 
@@ -862,11 +880,11 @@ static int index_entry_dup(git_index_entry **out, const git_index_entry *src)
 		return 0;
 	}
 
-	*out = entry = index_entry_alloc(src->path);
-	GITERR_CHECK_ALLOC(entry);
+	if (index_entry_create(&entry, repo, src->path) < 0)
+		return -1;
 
 	index_entry_cpy(entry, src);
-
+	*out = entry;
 	return 0;
 }
 
@@ -1131,7 +1149,7 @@ int git_index_add(git_index *index, const git_index_entry *source_entry)
 		return -1;
 	}
 
-	if ((ret = index_entry_dup(&entry, source_entry)) < 0 ||
+	if ((ret = index_entry_dup(&entry, INDEX_OWNER(index), source_entry)) < 0 ||
 		(ret = index_insert(index, &entry, 1)) < 0)
 		return ret;
 
@@ -1251,9 +1269,9 @@ int git_index_conflict_add(git_index *index,
 
 	assert (index);
 
-	if ((ret = index_entry_dup(&entries[0], ancestor_entry)) < 0 ||
-		(ret = index_entry_dup(&entries[1], our_entry)) < 0 ||
-		(ret = index_entry_dup(&entries[2], their_entry)) < 0)
+	if ((ret = index_entry_dup(&entries[0], INDEX_OWNER(index), ancestor_entry)) < 0 ||
+		(ret = index_entry_dup(&entries[1], INDEX_OWNER(index), our_entry)) < 0 ||
+		(ret = index_entry_dup(&entries[2], INDEX_OWNER(index), their_entry)) < 0)
 		goto on_error;
 
 	for (i = 0; i < 3; i++) {
@@ -1770,7 +1788,10 @@ static int read_conflict_names(git_index *index, const char *buffer, size_t size
 }
 
 static size_t read_entry(
-	git_index_entry **out, const void *buffer, size_t buffer_size)
+	git_index_entry **out,
+	git_index *index,
+	const void *buffer,
+	size_t buffer_size)
 {
 	size_t path_length, entry_size;
 	const char *path_ptr;
@@ -1834,7 +1855,7 @@ static size_t read_entry(
 
 	entry.path = (char *)path_ptr;
 
-	if (index_entry_dup(out, &entry) < 0)
+	if (index_entry_dup(out, INDEX_OWNER(index), &entry) < 0)
 		return 0;
 
 	return entry_size;
@@ -1935,7 +1956,7 @@ static int parse_index(git_index *index, const char *buffer, size_t buffer_size)
 	/* Parse all the entries */
 	for (i = 0; i < header.entry_count && buffer_size > INDEX_FOOTER_SIZE; ++i) {
 		git_index_entry *entry;
-		size_t entry_size = read_entry(&entry, buffer, buffer_size);
+		size_t entry_size = read_entry(&entry, index, buffer, buffer_size);
 
 		/* 0 bytes read means an object corruption */
 		if (entry_size == 0) {
@@ -2296,6 +2317,7 @@ int git_index_entry_stage(const git_index_entry *entry)
 }
 
 typedef struct read_tree_data {
+	git_index *index;
 	git_vector *old_entries;
 	git_vector *new_entries;
 	git_vector_cmp entry_cmp;
@@ -2316,8 +2338,8 @@ static int read_tree_cb(
 	if (git_buf_joinpath(&path, root, tentry->filename) < 0)
 		return -1;
 
-	entry = index_entry_alloc(path.ptr);
-	GITERR_CHECK_ALLOC(entry);
+	if (index_entry_create(&entry, INDEX_OWNER(data->index), path.ptr) < 0)
+		return -1;
 
 	entry->mode = tentry->attr;
 	entry->id = tentry->oid;
@@ -2357,6 +2379,7 @@ int git_index_read_tree(git_index *index, const git_tree *tree)
 
 	git_vector_set_cmp(&entries, index->entries._cmp); /* match sort */
 
+	data.index = index;
 	data.old_entries = &index->entries;
 	data.new_entries = &entries;
 	data.entry_cmp   = index->entries_search;
@@ -2476,7 +2499,7 @@ int git_index_add_all(
 			break;
 
 		/* make the new entry to insert */
-		if ((error = index_entry_dup(&entry, wd)) < 0)
+		if ((error = index_entry_dup(&entry, INDEX_OWNER(index), wd)) < 0)
 			break;
 
 		entry->id = blobid;

data/vendor/libgit2/src/indexer.c

@@ -1028,6 +1028,7 @@ int git_indexer_commit(git_indexer *idx, git_transfer_progress *stats)
 	p_rename(idx->pack->pack_name, git_buf_cstr(&filename));
 
 	git_buf_free(&filename);
+	git_hash_ctx_cleanup(&ctx);
 	return 0;
 
 on_error:

data/vendor/libgit2/src/netops.c

@@ -4,27 +4,6 @@
  * This file is part of libgit2, distributed under the GNU GPL v2 with
  * a Linking Exception. For full terms see the included COPYING file.
  */
-#ifndef _WIN32
-#	include <sys/types.h>
-#	include <sys/socket.h>
-#	include <sys/select.h>
-#	include <sys/time.h>
-#	include <netdb.h>
-#	include <netinet/in.h>
-#       include <arpa/inet.h>
-#else
-#	include <winsock2.h>
-#	include <ws2tcpip.h>
-#	ifdef _MSC_VER
-#		pragma comment(lib, "ws2_32")
-#	endif
-#endif
-
-#ifdef GIT_SSL
-# include <openssl/ssl.h>
-# include <openssl/err.h>
-# include <openssl/x509v3.h>
-#endif
 
 #include <ctype.h>
 #include "git2/errors.h"
@@ -36,136 +15,46 @@
 #include "http_parser.h"
 #include "global.h"
 
-#ifdef GIT_WIN32
-static void net_set_error(const char *str)
-{
-	int error = WSAGetLastError();
-	char * win32_error = git_win32_get_error_message(error);
-
-	if (win32_error) {
-		giterr_set(GITERR_NET, "%s: %s", str, win32_error);
-		git__free(win32_error);
-	} else {
-		giterr_set(GITERR_NET, str);
-	}
-}
-#else
-static void net_set_error(const char *str)
-{
-	giterr_set(GITERR_NET, "%s: %s", str, strerror(errno));
-}
-#endif
-
-#ifdef GIT_SSL
-static int ssl_set_error(gitno_ssl *ssl, int error)
-{
-	int err;
-	unsigned long e;
-
-	err = SSL_get_error(ssl->ssl, error);
-
-	assert(err != SSL_ERROR_WANT_READ);
-	assert(err != SSL_ERROR_WANT_WRITE);
-
-	switch (err) {
-	case SSL_ERROR_WANT_CONNECT:
-	case SSL_ERROR_WANT_ACCEPT:
-		giterr_set(GITERR_NET, "SSL error: connection failure\n");
-		break;
-	case SSL_ERROR_WANT_X509_LOOKUP:
-		giterr_set(GITERR_NET, "SSL error: x509 error\n");
-		break;
-	case SSL_ERROR_SYSCALL:
-		e = ERR_get_error();
-		if (e > 0) {
-			giterr_set(GITERR_NET, "SSL error: %s",
-					ERR_error_string(e, NULL));
-			break;
-		} else if (error < 0) {
-			giterr_set(GITERR_OS, "SSL error: syscall failure");
-			break;
-		}
-		giterr_set(GITERR_NET, "SSL error: received early EOF");
-		break;
-	case SSL_ERROR_SSL:
-		e = ERR_get_error();
-		giterr_set(GITERR_NET, "SSL error: %s",
-				ERR_error_string(e, NULL));
-		break;
-	case SSL_ERROR_NONE:
-	case SSL_ERROR_ZERO_RETURN:
-	default:
-		giterr_set(GITERR_NET, "SSL error: unknown error");
-		break;
-	}
-	return -1;
-}
-#endif
-
 int gitno_recv(gitno_buffer *buf)
 {
 	return buf->recv(buf);
 }
 
-#ifdef GIT_SSL
-static int gitno__recv_ssl(gitno_buffer *buf)
+void gitno_buffer_setup_callback(
+	gitno_buffer *buf,
+	char *data,
+	size_t len,
+	int (*recv)(gitno_buffer *buf), void *cb_data)
 {
-	int ret;
-
-	do {
-		ret = SSL_read(buf->socket->ssl.ssl, buf->data + buf->offset, buf->len - buf->offset);
-	} while (SSL_get_error(buf->socket->ssl.ssl, ret) == SSL_ERROR_WANT_READ);
-
-	if (ret < 0) {
-		net_set_error("Error receiving socket data");
-		return -1;
-	}
-
-	buf->offset += ret;
-	return ret;
+	memset(data, 0x0, len);
+	buf->data = data;
+	buf->len = len;
+	buf->offset = 0;
+	buf->recv = recv;
+	buf->cb_data = cb_data;
 }
-#endif
 
-static int gitno__recv(gitno_buffer *buf)
+static int recv_stream(gitno_buffer *buf)
 {
+	git_stream *io = (git_stream *) buf->cb_data;
 	int ret;
 
-	ret = p_recv(buf->socket->socket, buf->data + buf->offset, buf->len - buf->offset, 0);
-	if (ret < 0) {
-		net_set_error("Error receiving socket data");
+	ret = git_stream_read(io, buf->data + buf->offset, buf->len - buf->offset);
+	if (ret < 0)
 		return -1;
-	}
 
 	buf->offset += ret;
 	return ret;
 }
 
-void gitno_buffer_setup_callback(
-	gitno_socket *socket,
-	gitno_buffer *buf,
-	char *data,
-	size_t len,
-	int (*recv)(gitno_buffer *buf), void *cb_data)
+void gitno_buffer_setup_fromstream(git_stream *st, gitno_buffer *buf, char *data, size_t len)
 {
 	memset(data, 0x0, len);
 	buf->data = data;
 	buf->len = len;
 	buf->offset = 0;
-	buf->socket = socket;
-	buf->recv = recv;
-	buf->cb_data = cb_data;
-}
-
-void gitno_buffer_setup(gitno_socket *socket, gitno_buffer *buf, char *data, size_t len)
-{
-#ifdef GIT_SSL
-	if (socket->ssl.ssl) {
-		gitno_buffer_setup_callback(socket, buf, data, len, gitno__recv_ssl, NULL);
-		return;
-	}
-#endif
-
-	gitno_buffer_setup_callback(socket, buf, data, len, gitno__recv, NULL);
+	buf->recv = recv_stream;
+	buf->cb_data = st;
 }
 
 /* Consume up to ptr and move the rest of the buffer to the beginning */
@@ -191,24 +80,6 @@ void gitno_consume_n(gitno_buffer *buf, size_t cons)
 	buf->offset -= cons;
 }
 
-#ifdef GIT_SSL
-
-static int gitno_ssl_teardown(gitno_ssl *ssl)
-{
-	int ret;
-
-	ret = SSL_shutdown(ssl->ssl);
-	if (ret < 0)
-		ret = ssl_set_error(ssl, ret);
-	else
-		ret = 0;
-
-	SSL_free(ssl->ssl);
-	return ret;
-}
-
-#endif
-
 /* Match host names according to RFC 2818 rules */
 int gitno__match_host(const char *pattern, const char *host)
 {
@@ -248,333 +119,6 @@ int gitno__match_host(const char *pattern, const char *host)
 	return -1;
 }
 
-static int check_host_name(const char *name, const char *host)
-{
-	if (!strcasecmp(name, host))
-		return 0;
-
-	if (gitno__match_host(name, host) < 0)
-		return -1;
-
-	return 0;
-}
-
-#ifdef GIT_SSL
-
-static int verify_server_cert(gitno_ssl *ssl, const char *host)
-{
-	X509 *cert;
-	X509_NAME *peer_name;
-	ASN1_STRING *str;
-	unsigned char *peer_cn = NULL;
-	int matched = -1, type = GEN_DNS;
-	GENERAL_NAMES *alts;
-	struct in6_addr addr6;
-	struct in_addr addr4;
-	void *addr;
-	int i = -1,j;
-
-	if (SSL_get_verify_result(ssl->ssl) != X509_V_OK) {
-		giterr_set(GITERR_SSL, "The SSL certificate is invalid");
-		return GIT_ECERTIFICATE;
-	}
-
-	/* Try to parse the host as an IP address to see if it is */
-	if (p_inet_pton(AF_INET, host, &addr4)) {
-		type = GEN_IPADD;
-		addr = &addr4;
-	} else {
-		if(p_inet_pton(AF_INET6, host, &addr6)) {
-			type = GEN_IPADD;
-			addr = &addr6;
-		}
-	}
-
-
-	cert = SSL_get_peer_certificate(ssl->ssl);
-	if (!cert) {
-		giterr_set(GITERR_SSL, "the server did not provide a certificate");
-		return -1;
-	}
-
-	/* Check the alternative names */
-	alts = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
-	if (alts) {
-		int num;
-
-		num = sk_GENERAL_NAME_num(alts);
-		for (i = 0; i < num && matched != 1; i++) {
-			const GENERAL_NAME *gn = sk_GENERAL_NAME_value(alts, i);
-			const char *name = (char *) ASN1_STRING_data(gn->d.ia5);
-			size_t namelen = (size_t) ASN1_STRING_length(gn->d.ia5);
-
-			/* Skip any names of a type we're not looking for */
-			if (gn->type != type)
-				continue;
-
-			if (type == GEN_DNS) {
-				/* If it contains embedded NULs, don't even try */
-				if (memchr(name, '\0', namelen))
-					continue;
-
-				if (check_host_name(name, host) < 0)
-					matched = 0;
-				else
-					matched = 1;
-			} else if (type == GEN_IPADD) {
-				/* Here name isn't so much a name but a binary representation of the IP */
-				matched = !!memcmp(name, addr, namelen);
-			}
-		}
-	}
-	GENERAL_NAMES_free(alts);
-
-	if (matched == 0)
-		goto cert_fail_name;
-
-	if (matched == 1)
-		return 0;
-
-	/* If no alternative names are available, check the common name */
-	peer_name = X509_get_subject_name(cert);
-	if (peer_name == NULL)
-		goto on_error;
-
-	if (peer_name) {
-		/* Get the index of the last CN entry */
-		while ((j = X509_NAME_get_index_by_NID(peer_name, NID_commonName, i)) >= 0)
-			i = j;
-	}
-
-	if (i < 0)
-		goto on_error;
-
-	str = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(peer_name, i));
-	if (str == NULL)
-		goto on_error;
-
-	/* Work around a bug in OpenSSL whereby ASN1_STRING_to_UTF8 fails if it's already in utf-8 */
-	if (ASN1_STRING_type(str) == V_ASN1_UTF8STRING) {
-		int size = ASN1_STRING_length(str);
-
-		if (size > 0) {
-			peer_cn = OPENSSL_malloc(size + 1);
-			GITERR_CHECK_ALLOC(peer_cn);
-			memcpy(peer_cn, ASN1_STRING_data(str), size);
-			peer_cn[size] = '\0';
-		}
-	} else {
-		int size = ASN1_STRING_to_UTF8(&peer_cn, str);
-		GITERR_CHECK_ALLOC(peer_cn);
-		if (memchr(peer_cn, '\0', size))
-			goto cert_fail_name;
-	}
-
-	if (check_host_name((char *)peer_cn, host) < 0)
-		goto cert_fail_name;
-
-	OPENSSL_free(peer_cn);
-
-	return 0;
-
-on_error:
-	OPENSSL_free(peer_cn);
-	return ssl_set_error(ssl, 0);
-
-cert_fail_name:
-	OPENSSL_free(peer_cn);
-	giterr_set(GITERR_SSL, "hostname does not match certificate");
-	return GIT_ECERTIFICATE;
-}
-
-static int ssl_setup(gitno_socket *socket, const char *host)
-{
-	int ret;
-
-	if (git__ssl_ctx == NULL) {
-		giterr_set(GITERR_NET, "OpenSSL initialization failed");
-		return -1;
-	}
-
-	socket->ssl.ssl = SSL_new(git__ssl_ctx);
-	if (socket->ssl.ssl == NULL)
-		return ssl_set_error(&socket->ssl, 0);
-
-	if((ret = SSL_set_fd(socket->ssl.ssl, socket->socket)) == 0)
-		return ssl_set_error(&socket->ssl, ret);
-
-	if ((ret = SSL_connect(socket->ssl.ssl)) <= 0)
-		return ssl_set_error(&socket->ssl, ret);
-
-	return verify_server_cert(&socket->ssl, host);
-}
-#endif
-
-static int gitno__close(GIT_SOCKET s)
-{
-#ifdef GIT_WIN32
-	if (SOCKET_ERROR == closesocket(s))
-		return -1;
-
-	if (0 != WSACleanup()) {
-		giterr_set(GITERR_OS, "Winsock cleanup failed");
-		return -1;
-	}
-
-	return 0;
-#else
-	return close(s);
-#endif
-}
-
-int gitno_connect(gitno_socket *s_out, const char *host, const char *port, int flags)
-{
-	struct addrinfo *info = NULL, *p;
-	struct addrinfo hints;
-	GIT_SOCKET s = INVALID_SOCKET;
-	int ret;
-
-#ifdef GIT_WIN32
-	/* on win32, the WSA context needs to be initialized
-	 * before any socket calls can be performed */
-	WSADATA wsd;
-
-	if (WSAStartup(MAKEWORD(2,2), &wsd) != 0) {
-		giterr_set(GITERR_OS, "Winsock init failed");
-		return -1;
-	}
-
-	if (LOBYTE(wsd.wVersion) != 2 || HIBYTE(wsd.wVersion) != 2) {
-		WSACleanup();
-		giterr_set(GITERR_OS, "Winsock init failed");
-		return -1;
-	}
-#endif
-
-	/* Zero the socket structure provided */
-	memset(s_out, 0x0, sizeof(gitno_socket));
-
-	memset(&hints, 0x0, sizeof(struct addrinfo));
-	hints.ai_socktype = SOCK_STREAM;
-	hints.ai_family = AF_UNSPEC;
-
-	if ((ret = p_getaddrinfo(host, port, &hints, &info)) != 0) {
-		giterr_set(GITERR_NET,
-			"Failed to resolve address for %s: %s", host, p_gai_strerror(ret));
-		return -1;
-	}
-
-	for (p = info; p != NULL; p = p->ai_next) {
-		s = socket(p->ai_family, p->ai_socktype, p->ai_protocol);
-
-		if (s == INVALID_SOCKET) {
-			net_set_error("error creating socket");
-			break;
-		}
-
-		if (connect(s, p->ai_addr, (socklen_t)p->ai_addrlen) == 0)
-			break;
-
-		/* If we can't connect, try the next one */
-		gitno__close(s);
-		s = INVALID_SOCKET;
-	}
-
-	/* Oops, we couldn't connect to any address */
-	if (s == INVALID_SOCKET && p == NULL) {
-		giterr_set(GITERR_OS, "Failed to connect to %s", host);
-		p_freeaddrinfo(info);
-		return -1;
-	}
-
-	s_out->socket = s;
-	p_freeaddrinfo(info);
-
-#ifdef GIT_SSL
-	if ((flags & GITNO_CONNECT_SSL) &&
-	    (ret = ssl_setup(s_out, host)) < 0)
-		return ret;
-#else
-	/* SSL is not supported */
-	if (flags & GITNO_CONNECT_SSL) {
-		giterr_set(GITERR_OS, "SSL is not supported by this copy of libgit2.");
-		return -1;
-	}
-#endif
-
-	return 0;
-}
-
-#ifdef GIT_SSL
-static int gitno_send_ssl(gitno_ssl *ssl, const char *msg, size_t len, int flags)
-{
-	int ret;
-	size_t off = 0;
-
-	GIT_UNUSED(flags);
-
-	while (off < len) {
-		ret = SSL_write(ssl->ssl, msg + off, len - off);
-		if (ret <= 0 && ret != SSL_ERROR_WANT_WRITE)
-			return ssl_set_error(ssl, ret);
-
-		off += ret;
-	}	
-
-	return off;
-}
-#endif
-
-int gitno_send(gitno_socket *socket, const char *msg, size_t len, int flags)
-{
-	int ret;
-	size_t off = 0;
-
-#ifdef GIT_SSL
-	if (socket->ssl.ssl)
-		return gitno_send_ssl(&socket->ssl, msg, len, flags);
-#endif
-
-	while (off < len) {
-		errno = 0;
-		ret = p_send(socket->socket, msg + off, len - off, flags);
-		if (ret < 0) {
-			net_set_error("Error sending data");
-			return -1;
-		}
-
-		off += ret;
-	}
-
-	return (int)off;
-}
-
-int gitno_close(gitno_socket *s)
-{
-#ifdef GIT_SSL
-	if (s->ssl.ssl &&
-		gitno_ssl_teardown(&s->ssl) < 0)
-		return -1;
-#endif
-
-	return gitno__close(s->socket);
-}
-
-int gitno_select_in(gitno_buffer *buf, long int sec, long int usec)
-{
-	fd_set fds;
-	struct timeval tv;
-
-	tv.tv_sec = sec;
-	tv.tv_usec = usec;
-
-	FD_ZERO(&fds);
-	FD_SET(buf->socket->socket, &fds);
-
-	/* The select(2) interface is silly */
-	return select((int)buf->socket->socket + 1, &fds, NULL, NULL, &tv);
-}
-
 static const char *prefix_http = "http://";
 static const char *prefix_https = "https://";