rugged 1.5.1 → 1.6.2

data/vendor/libgit2/src/libgit2/transports/ssh.c

@@ -16,6 +16,7 @@
 #include "netops.h"
 #include "smart.h"
 #include "streams/socket.h"
+#include "sysdir.h"
 
 #include "git2/credential.h"
 #include "git2/sys/credential.h"
@@ -245,8 +246,10 @@ static int ssh_agent_auth(LIBSSH2_SESSION *session, git_credential_ssh_key *c) {
 
 	rc = libssh2_agent_connect(agent);
 
-	if (rc != LIBSSH2_ERROR_NONE)
+	if (rc != LIBSSH2_ERROR_NONE) {
+		rc = LIBSSH2_ERROR_AUTHENTICATION_FAILED;
 		goto shutdown;
+	}
 
 	rc = libssh2_agent_list_identities(agent);
 
@@ -421,7 +424,8 @@ static int request_creds(git_credential **out, ssh_subtransport *t, const char *
 	return 0;
 }
 
-#define KNOWN_HOSTS_FILE ".ssh/known_hosts"
+#define SSH_DIR          ".ssh"
+#define KNOWN_HOSTS_FILE "known_hosts"
 
 /*
  * Load the known_hosts file.
@@ -430,16 +434,14 @@ static int request_creds(git_credential **out, ssh_subtransport *t, const char *
  */
 static int load_known_hosts(LIBSSH2_KNOWNHOSTS **hosts, LIBSSH2_SESSION *session)
 {
-	git_str path = GIT_STR_INIT, home = GIT_STR_INIT;
+	git_str path = GIT_STR_INIT, sshdir = GIT_STR_INIT;
 	LIBSSH2_KNOWNHOSTS *known_hosts = NULL;
 	int error;
 
 	GIT_ASSERT_ARG(hosts);
 
-	if ((error = git__getenv(&home, "HOME")) < 0)
-		return error;
-
-	if ((error = git_str_joinpath(&path, git_str_cstr(&home), KNOWN_HOSTS_FILE)) < 0)
+	if ((error = git_sysdir_expand_homedir_file(&sshdir, SSH_DIR)) < 0 ||
+	    (error = git_str_joinpath(&path, git_str_cstr(&sshdir), KNOWN_HOSTS_FILE)) < 0)
 		goto out;
 
 	if ((known_hosts = libssh2_knownhost_init(session)) == NULL) {
@@ -461,34 +463,32 @@ static int load_known_hosts(LIBSSH2_KNOWNHOSTS **hosts, LIBSSH2_SESSION *session
 out:
 	*hosts = known_hosts;
 
-	git_str_clear(&home);
-	git_str_clear(&path);
+	git_str_dispose(&sshdir);
+	git_str_dispose(&path);
 
 	return error;
 }
 
-static const char *hostkey_type_to_string(int type)
+static void add_hostkey_pref_if_avail(
+	LIBSSH2_KNOWNHOSTS *known_hosts,
+	const char *hostname,
+	int port,
+	git_str *prefs,
+	int type,
+	const char *type_name)
 {
-	switch (type) {
-	case LIBSSH2_KNOWNHOST_KEY_SSHRSA:
-		return "ssh-rsa";
-	case LIBSSH2_KNOWNHOST_KEY_SSHDSS:
-		return "ssh-dss";
-#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_256
-	case LIBSSH2_KNOWNHOST_KEY_ECDSA_256:
-		return "ecdsa-sha2-nistp256";
-	case LIBSSH2_KNOWNHOST_KEY_ECDSA_384:
-		return "ecdsa-sha2-nistp384";
-	case LIBSSH2_KNOWNHOST_KEY_ECDSA_521:
-		return "ecdsa-sha2-nistp521";
-#endif
-#ifdef LIBSSH2_KNOWNHOST_KEY_ED25519
-	case LIBSSH2_KNOWNHOST_KEY_ED25519:
-		return "ssh-ed25519";
-#endif
-	}
+	struct libssh2_knownhost *host = NULL;
+	const char key = '\0';
+	int mask = LIBSSH2_KNOWNHOST_TYPE_PLAIN | LIBSSH2_KNOWNHOST_KEYENC_RAW | type;
+	int error;
 
-	return NULL;
+	error = libssh2_knownhost_checkp(known_hosts, hostname, port, &key, 1, mask, &host);
+	if (error == LIBSSH2_KNOWNHOST_CHECK_MISMATCH) {
+		if (git_str_len(prefs) > 0) {
+			git_str_putc(prefs, ',');
+		}
+		git_str_puts(prefs, type_name);
+	}
 }
 
 /*
@@ -496,27 +496,27 @@ static const char *hostkey_type_to_string(int type)
  * look it up with a nonsense key and using that mismatch to figure out what key
  * we do have stored for the host.
  *
- * Returns the string to pass to libssh2_session_method_pref or NULL if we were
- * unable to find anything or an error happened.
+ * Populates prefs with the string to pass to libssh2_session_method_pref.
  */
-static const char *find_hostkey_preference(LIBSSH2_KNOWNHOSTS *known_hosts, const char *hostname, int port)
+static void find_hostkey_preference(
+	LIBSSH2_KNOWNHOSTS *known_hosts,
+	const char *hostname,
+	int port,
+	git_str *prefs)
 {
-	struct libssh2_knownhost *host = NULL;
-	/* Specify no key type so we don't filter on that */
-	int type = LIBSSH2_KNOWNHOST_TYPE_PLAIN | LIBSSH2_KNOWNHOST_KEYENC_RAW;
-	const char key = '\0';
-	int error;
-
 	/*
-	 * In case of mismatch, we can find the type of key from known_hosts in
-	 * the returned host's information as it means that an entry was found
-	 * but our nonsense key obviously didn't match.
+	 * The order here is important as it indicates the priority of what will
+	 * be preferred.
 	 */
-	error = libssh2_knownhost_checkp(known_hosts, hostname, port, &key, 1, type, &host);
-	if (error == LIBSSH2_KNOWNHOST_CHECK_MISMATCH)
-		return hostkey_type_to_string(host->typemask & LIBSSH2_KNOWNHOST_KEY_MASK);
-
-	return NULL;
+#ifdef LIBSSH2_KNOWNHOST_KEY_ED25519
+	add_hostkey_pref_if_avail(known_hosts, hostname, port, prefs, LIBSSH2_KNOWNHOST_KEY_ED25519, "ssh-ed25519");
+#endif
+#ifdef LIBSSH2_KNOWNHOST_KEY_ECDSA_256
+	add_hostkey_pref_if_avail(known_hosts, hostname, port, prefs, LIBSSH2_KNOWNHOST_KEY_ECDSA_256, "ecdsa-sha2-nistp256");
+	add_hostkey_pref_if_avail(known_hosts, hostname, port, prefs, LIBSSH2_KNOWNHOST_KEY_ECDSA_384, "ecdsa-sha2-nistp384");
+	add_hostkey_pref_if_avail(known_hosts, hostname, port, prefs, LIBSSH2_KNOWNHOST_KEY_ECDSA_521, "ecdsa-sha2-nistp521");
+#endif
+	add_hostkey_pref_if_avail(known_hosts, hostname, port, prefs, LIBSSH2_KNOWNHOST_KEY_SSHRSA, "ssh-rsa");
 }
 
 static int _git_ssh_session_create(
@@ -526,11 +526,11 @@ static int _git_ssh_session_create(
 	int port,
 	git_stream *io)
 {
-	int rc = 0;
+	git_socket_stream *socket = GIT_CONTAINER_OF(io, git_socket_stream, parent);
 	LIBSSH2_SESSION *s;
 	LIBSSH2_KNOWNHOSTS *known_hosts;
-	git_socket_stream *socket = GIT_CONTAINER_OF(io, git_socket_stream, parent);
-	const char *keytype = NULL;
+	git_str prefs = GIT_STR_INIT;
+	int rc = 0;
 
 	GIT_ASSERT_ARG(session);
 	GIT_ASSERT_ARG(hosts);
@@ -547,16 +547,17 @@ static int _git_ssh_session_create(
 		return -1;
 	}
 
-	if ((keytype = find_hostkey_preference(known_hosts, hostname, port)) != NULL) {
+	find_hostkey_preference(known_hosts, hostname, port, &prefs);
+	if (git_str_len(&prefs) > 0) {
 		do {
-			rc = libssh2_session_method_pref(s, LIBSSH2_METHOD_HOSTKEY, keytype);
+			rc = libssh2_session_method_pref(s, LIBSSH2_METHOD_HOSTKEY, git_str_cstr(&prefs));
 		} while (LIBSSH2_ERROR_EAGAIN == rc || LIBSSH2_ERROR_TIMEOUT == rc);
 		if (rc != LIBSSH2_ERROR_NONE) {
 			ssh_error(s, "failed to set hostkey preference");
 			goto on_error;
 		}
 	}
-
+	git_str_dispose(&prefs);
 
 	do {
 		rc = libssh2_session_handshake(s, socket->s);
@@ -753,7 +754,7 @@ static int check_certificate(
 		if (error == GIT_PASSTHROUGH) {
 			error = git_error_state_restore(&previous_error);
 		} else if (error < 0 && !git_error_last()) {
-			git_error_set(GIT_ERROR_NET, "user canceled hostkey check");
+			git_error_set(GIT_ERROR_NET, "unknown remote host key");
 		}
 
 		git_error_state_free(&previous_error);
@@ -787,15 +788,8 @@ static int _git_ssh_setup_conn(
 	s->session = NULL;
 	s->channel = NULL;
 
-	if (git_net_str_is_url(url))
-		error = git_net_url_parse(&s->url, url);
-	else
-		error = git_net_url_parse_scp(&s->url, url);
-
-	if (error < 0)
-		goto done;
-
-	if ((error = git_socket_stream_new(&s->io, s->url.host, s->url.port)) < 0 ||
+	if ((error = git_net_url_parse_standard_or_scp(&s->url, url)) < 0 ||
+	    (error = git_socket_stream_new(&s->io, s->url.host, s->url.port)) < 0 ||
 	    (error = git_stream_connect(s->io)) < 0)
 		goto done;
 
@@ -805,8 +799,11 @@ static int _git_ssh_setup_conn(
 	 * as part of the stream connection, but that's not something that's
 	 * exposed.
 	 */
-	if (git__strntol32(&port, s->url.port, strlen(s->url.port), NULL, 10) < 0)
-		port = -1;
+	if (git__strntol32(&port, s->url.port, strlen(s->url.port), NULL, 10) < 0) {
+		git_error_set(GIT_ERROR_NET, "invalid port to ssh: %s", s->url.port);
+		error = -1;
+		goto done;
+	}
 
 	if ((error = _git_ssh_session_create(&session, &known_hosts, s->url.host, port, s->io)) < 0)
 		goto done;
@@ -1009,7 +1006,7 @@ static int list_auth_methods(int *out, LIBSSH2_SESSION *session, const char *use
 
 	/* either error, or the remote accepts NONE auth, which is bizarre, let's punt */
 	if (list == NULL && !libssh2_userauth_authenticated(session)) {
-		ssh_error(session, "Failed to retrieve list of SSH authentication methods");
+		ssh_error(session, "remote rejected authentication");
 		return GIT_EAUTH;
 	}
 

data/vendor/libgit2/src/libgit2/transports/winhttp.c

@@ -562,18 +562,23 @@ static int winhttp_stream_connect(winhttp_stream *s)
 
 	for (i = 0; i < t->owner->connect_opts.custom_headers.count; i++) {
 		if (t->owner->connect_opts.custom_headers.strings[i]) {
+			wchar_t *custom_header_wide = NULL;
+
 			git_str_clear(&buf);
 			git_str_puts(&buf, t->owner->connect_opts.custom_headers.strings[i]);
-			if (git__utf8_to_16(ct, MAX_CONTENT_TYPE_LEN, git_str_cstr(&buf)) < 0) {
-				git_error_set(GIT_ERROR_OS, "failed to convert custom header to wide characters");
+
+			/* Convert header to wide characters */
+			if ((error = git__utf8_to_16_alloc(&custom_header_wide, git_str_cstr(&buf))) < 0)
 				goto on_error;
-			}
 
-			if (!WinHttpAddRequestHeaders(s->request, ct, (ULONG)-1L,
+			if (!WinHttpAddRequestHeaders(s->request, custom_header_wide, (ULONG)-1L,
 				WINHTTP_ADDREQ_FLAG_ADD | WINHTTP_ADDREQ_FLAG_REPLACE)) {
 				git_error_set(GIT_ERROR_OS, "failed to add a header to the request");
+				git__free(custom_header_wide);
 				goto on_error;
 			}
+
+			git__free(custom_header_wide);
 		}
 	}
 

data/vendor/libgit2/src/libgit2/tree-cache.c

@@ -111,11 +111,11 @@ static int read_tree_internal(git_tree_cache **out,
 	/* The SHA1 is only there if it's not invalidated */
 	if (tree->entry_count >= 0) {
 		/* 160-bit SHA-1 for this tree and it's children */
-		if (buffer + GIT_OID_RAWSZ > buffer_end)
+		if (buffer + GIT_OID_SHA1_SIZE > buffer_end)
 			goto corrupted;
 
-		git_oid_fromraw(&tree->oid, (const unsigned char *)buffer);
-		buffer += GIT_OID_RAWSZ;
+		git_oid__fromraw(&tree->oid, (const unsigned char *)buffer, GIT_OID_SHA1);
+		buffer += GIT_OID_SHA1_SIZE;
 	}
 
 	/* Parse children: */
@@ -263,7 +263,7 @@ static void write_tree(git_str *out, git_tree_cache *tree)
 	git_str_printf(out, "%s%c%"PRIdZ" %"PRIuZ"\n", tree->name, 0, tree->entry_count, tree->children_count);
 
 	if (tree->entry_count != -1)
-		git_str_put(out, (char *)&tree->oid.id, GIT_OID_RAWSZ);
+		git_str_put(out, (char *)&tree->oid.id, GIT_OID_SHA1_SIZE);
 
 	for (i = 0; i < tree->children_count; i++)
 		write_tree(out, tree->children[i]);

data/vendor/libgit2/src/libgit2/tree.c

@@ -85,11 +85,17 @@ static git_tree_entry *alloc_entry(const char *filename, size_t filename_len, co
 	char *filename_ptr;
 	size_t tree_len;
 
+#ifdef GIT_EXPERIMENTAL_SHA256
+	size_t oid_size = git_oid_size(id->type);
+#else
+	size_t oid_size = GIT_OID_SHA1_SIZE;
+#endif
+
 	TREE_ENTRY_CHECK_NAMELEN(filename_len);
 
 	if (GIT_ADD_SIZET_OVERFLOW(&tree_len, sizeof(git_tree_entry), filename_len) ||
 	    GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, 1) ||
-	    GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, GIT_OID_RAWSZ))
+	    GIT_ADD_SIZET_OVERFLOW(&tree_len, tree_len, oid_size))
 		return NULL;
 
 	entry = git__calloc(1, tree_len);
@@ -383,11 +389,12 @@ static int parse_mode(uint16_t *mode_out, const char *buffer, size_t buffer_len,
 	return 0;
 }
 
-int git_tree__parse_raw(void *_tree, const char *data, size_t size)
+int git_tree__parse_raw(void *_tree, const char *data, size_t size, git_oid_t oid_type)
 {
 	git_tree *tree = _tree;
 	const char *buffer;
 	const char *buffer_end;
+	const long oid_size = (long)git_oid_size(oid_type);
 
 	buffer = data;
 	buffer_end = buffer + size;
@@ -414,35 +421,33 @@ int git_tree__parse_raw(void *_tree, const char *data, size_t size)
 		if ((filename_len = nul - buffer) == 0 || filename_len > UINT16_MAX)
 			return tree_parse_error("failed to parse tree: can't parse filename", NULL);
 
-		if ((buffer_end - (nul + 1)) < GIT_OID_RAWSZ)
+		if ((buffer_end - (nul + 1)) < (long)oid_size)
 			return tree_parse_error("failed to parse tree: can't parse OID", NULL);
 
 		/* Allocate the entry */
-		{
-			entry = git_array_alloc(tree->entries);
-			GIT_ERROR_CHECK_ALLOC(entry);
-
-			entry->attr = attr;
-			entry->filename_len = (uint16_t)filename_len;
-			entry->filename = buffer;
-			git_oid_fromraw(&entry->oid, ((unsigned char *) buffer + filename_len + 1));
-		}
+		entry = git_array_alloc(tree->entries);
+		GIT_ERROR_CHECK_ALLOC(entry);
 
+		entry->attr = attr;
+		entry->filename_len = (uint16_t)filename_len;
+		entry->filename = buffer;
 		buffer += filename_len + 1;
-		buffer += GIT_OID_RAWSZ;
+
+		git_oid__fromraw(&entry->oid, (unsigned char *)buffer, oid_type);
+		buffer += oid_size;
 	}
 
 	return 0;
 }
 
-int git_tree__parse(void *_tree, git_odb_object *odb_obj)
+int git_tree__parse(void *_tree, git_odb_object *odb_obj, git_oid_t oid_type)
 {
 	git_tree *tree = _tree;
 	const char *data = git_odb_object_data(odb_obj);
 	size_t size = git_odb_object_size(odb_obj);
 	int error;
 
-	if ((error = git_tree__parse_raw(tree, data, size)) < 0 ||
+	if ((error = git_tree__parse_raw(tree, data, size, oid_type)) < 0 ||
 	    (error = git_odb_object_dup(&tree->odb_obj, odb_obj)) < 0)
 		return error;
 
@@ -506,6 +511,7 @@ static int git_treebuilder__write_with_buffer(
 	git_odb *odb;
 	git_tree_entry *entry;
 	git_vector entries = GIT_VECTOR_INIT;
+	size_t oid_size = git_oid_size(bld->repo->oid_type);
 
 	git_str_clear(buf);
 
@@ -529,7 +535,7 @@ static int git_treebuilder__write_with_buffer(
 
 		git_str_printf(buf, "%o ", entry->attr);
 		git_str_put(buf, entry->filename, entry->filename_len + 1);
-		git_str_put(buf, (char *)entry->oid.id, GIT_OID_RAWSZ);
+		git_str_put(buf, (char *)entry->oid.id, oid_size);
 
 		if (git_str_oom(buf)) {
 			error = -1;

data/vendor/libgit2/src/libgit2/tree.h

@@ -41,8 +41,8 @@ GIT_INLINE(bool) git_tree_entry__is_tree(const struct git_tree_entry *e)
 }
 
 void git_tree__free(void *tree);
-int git_tree__parse(void *tree, git_odb_object *obj);
-int git_tree__parse_raw(void *_tree, const char *data, size_t size);
+int git_tree__parse(void *tree, git_odb_object *obj, git_oid_t oid_type);
+int git_tree__parse_raw(void *_tree, const char *data, size_t size, git_oid_t oid_type);
 
 /**
  * Write a tree to the given repository

data/vendor/libgit2/src/libgit2/worktree.c

@@ -187,6 +187,11 @@ int git_worktree_lookup(git_worktree **out, git_repository *repo, const char *na
 	if ((error = git_str_join3(&path, '/', repo->commondir, "worktrees", name)) < 0)
 		goto out;
 
+	if (!git_fs_path_isdir(path.ptr)) {
+		error = GIT_ENOTFOUND;
+		goto out;
+	}
+
 	if ((error = (open_worktree_dir(out, git_repository_workdir(repo), path.ptr, name))) < 0)
 		goto out;
 

data/vendor/libgit2/src/util/CMakeLists.txt

@@ -4,8 +4,12 @@ add_library(util OBJECT)
 set_target_properties(util PROPERTIES C_STANDARD 90)
 set_target_properties(util PROPERTIES C_EXTENSIONS OFF)
 
+configure_file(git2_features.h.in git2_features.h)
+
 set(UTIL_INCLUDES
-	"${PROJECT_BINARY_DIR}/src"
+	"${PROJECT_BINARY_DIR}/src/util"
+	"${PROJECT_BINARY_DIR}/include"
+	"${PROJECT_BINARY_DIR}/include/git2"
 	"${PROJECT_SOURCE_DIR}/src/util"
 	"${PROJECT_SOURCE_DIR}/include")
 
@@ -34,6 +38,7 @@ if(USE_SHA1 STREQUAL "CollisionDetection")
         target_compile_definitions(util PRIVATE SHA1DC_CUSTOM_INCLUDE_SHA1_C=\"git2_util.h\")
         target_compile_definitions(util PRIVATE SHA1DC_CUSTOM_INCLUDE_UBC_CHECK_C=\"git2_util.h\")
 elseif(USE_SHA1 STREQUAL "OpenSSL" OR USE_SHA1 STREQUAL "OpenSSL-Dynamic")
+	add_definitions(-DOPENSSL_API_COMPAT=0x10100000L)
 	file(GLOB UTIL_SRC_SHA1 hash/openssl.*)
 elseif(USE_SHA1 STREQUAL "CommonCrypto")
 	file(GLOB UTIL_SRC_SHA1 hash/common_crypto.*)
@@ -50,6 +55,7 @@ list(SORT UTIL_SRC_SHA1)
 if(USE_SHA256 STREQUAL "Builtin")
 	file(GLOB UTIL_SRC_SHA256 hash/builtin.* hash/rfc6234/*)
 elseif(USE_SHA256 STREQUAL "OpenSSL" OR USE_SHA256 STREQUAL "OpenSSL-Dynamic")
+	add_definitions(-DOPENSSL_API_COMPAT=0x10100000L)
 	file(GLOB UTIL_SRC_SHA256 hash/openssl.*)
 elseif(USE_SHA256 STREQUAL "CommonCrypto")
 	file(GLOB UTIL_SRC_SHA256 hash/common_crypto.*)

data/vendor/libgit2/src/util/fs_path.c

@@ -1855,7 +1855,7 @@ static int file_owner_sid(PSID *out, const char *path)
 	PSECURITY_DESCRIPTOR descriptor = NULL;
 	PSID owner_sid;
 	DWORD ret;
-	int error = -1;
+	int error = GIT_EINVALID;
 
 	if (git_win32_path_from_utf8(path_w32, path) < 0)
 		return -1;

data/vendor/libgit2/src/util/futils.c

@@ -13,9 +13,6 @@
 #include "rand.h"
 
 #include <ctype.h>
-#if GIT_WIN32
-#include "win32/findfile.h"
-#endif
 
 #define GIT_FILEMODE_DEFAULT 0100666
 

data/vendor/libgit2/src/util/git2_util.h

@@ -7,8 +7,8 @@
 #ifndef INCLUDE_git2_util_h__
 #define INCLUDE_git2_util_h__
 
-#ifndef LIBGIT2_NO_FEATURES_H
-# include "git2/sys/features.h"
+#if !defined(LIBGIT2_NO_FEATURES_H)
+# include "git2_features.h"
 #endif
 
 #include "git2/common.h"

data/vendor/libgit2/src/util/hash/openssl.c

@@ -10,8 +10,8 @@
 #ifdef GIT_OPENSSL_DYNAMIC
 # include <dlfcn.h>
 
-int handle_count;
-void *openssl_handle;
+static int handle_count;
+static void *openssl_handle;
 
 static int git_hash_openssl_global_shutdown(void)
 {
@@ -30,7 +30,8 @@ static int git_hash_openssl_global_init(void)
 		    (openssl_handle = dlopen("libssl.1.1.dylib", RTLD_NOW)) == NULL &&
 		    (openssl_handle = dlopen("libssl.so.1.0.0", RTLD_NOW)) == NULL &&
 		    (openssl_handle = dlopen("libssl.1.0.0.dylib", RTLD_NOW)) == NULL &&
-		    (openssl_handle = dlopen("libssl.so.10", RTLD_NOW)) == NULL) {
+		    (openssl_handle = dlopen("libssl.so.10", RTLD_NOW)) == NULL &&
+		    (openssl_handle = dlopen("libssl.so.3", RTLD_NOW)) == NULL) {
 			git_error_set(GIT_ERROR_SSL, "could not load ssl libraries");
 			return -1;
 		}

data/vendor/libgit2/src/util/hash/rfc6234/sha.h

@@ -191,49 +191,6 @@ typedef struct SHA256Context SHA224Context;
  */
 typedef struct SHA512Context SHA384Context;
 
-/*
- *  This structure holds context information for all SHA
- *  hashing operations.
- */
-typedef struct USHAContext {
-    int whichSha;               /* which SHA is being used */
-    union {
-      SHA1Context sha1Context;
-      SHA224Context sha224Context; SHA256Context sha256Context;
-      SHA384Context sha384Context; SHA512Context sha512Context;
-    } ctx;
-} USHAContext;
-
-/*
- *  This structure will hold context information for the HMAC
- *  keyed-hashing operation.
- */
-typedef struct HMACContext {
-    int whichSha;               /* which SHA is being used */
-    int hashSize;               /* hash size of SHA being used */
-    int blockSize;              /* block size of SHA being used */
-    USHAContext shaContext;     /* SHA context */
-    unsigned char k_opad[USHA_Max_Message_Block_Size];
-                        /* outer padding - key XORd with opad */
-    int Computed;               /* Is the MAC computed? */
-    int Corrupted;              /* Cumulative corruption code */
-
-} HMACContext;
-
-/*
- *  This structure will hold context information for the HKDF
- *  extract-and-expand Key Derivation Functions.
- */
-typedef struct HKDFContext {
-    int whichSha;               /* which SHA is being used */
-    HMACContext hmacContext;
-    int hashSize;               /* hash size of SHA being used */
-    unsigned char prk[USHAMaxHashSize];
-                        /* pseudo-random key - output of hkdfInput */
-    int Computed;               /* Is the key material computed? */
-    int Corrupted;              /* Cumulative corruption code */
-} HKDFContext;
-
 /*
  *  Function Prototypes
  */
@@ -283,73 +240,4 @@ extern int SHA512FinalBits(SHA512Context *, uint8_t bits,
 extern int SHA512Result(SHA512Context *,
                         uint8_t Message_Digest[SHA512HashSize]);
 
-/* Unified SHA functions, chosen by whichSha */
-extern int USHAReset(USHAContext *context, SHAversion whichSha);
-extern int USHAInput(USHAContext *context,
-                     const uint8_t *bytes, unsigned int bytecount);
-extern int USHAFinalBits(USHAContext *context,
-                         uint8_t bits, unsigned int bit_count);
-extern int USHAResult(USHAContext *context,
-                      uint8_t Message_Digest[USHAMaxHashSize]);
-extern int USHABlockSize(enum SHAversion whichSha);
-extern int USHAHashSize(enum SHAversion whichSha);
-extern int USHAHashSizeBits(enum SHAversion whichSha);
-extern const char *USHAHashName(enum SHAversion whichSha);
-
-/*
- * HMAC Keyed-Hashing for Message Authentication, RFC 2104,
- * for all SHAs.
- * This interface allows a fixed-length text input to be used.
- */
-extern int hmac(SHAversion whichSha, /* which SHA algorithm to use */
-    const unsigned char *text,     /* pointer to data stream */
-    int text_len,                  /* length of data stream */
-    const unsigned char *key,      /* pointer to authentication key */
-    int key_len,                   /* length of authentication key */
-    uint8_t digest[USHAMaxHashSize]); /* caller digest to fill in */
-
-/*
- * HMAC Keyed-Hashing for Message Authentication, RFC 2104,
- * for all SHAs.
- * This interface allows any length of text input to be used.
- */
-extern int hmacReset(HMACContext *context, enum SHAversion whichSha,
-                     const unsigned char *key, int key_len);
-extern int hmacInput(HMACContext *context, const unsigned char *text,
-                     int text_len);
-extern int hmacFinalBits(HMACContext *context, uint8_t bits,
-                         unsigned int bit_count);
-extern int hmacResult(HMACContext *context,
-                      uint8_t digest[USHAMaxHashSize]);
-
-/*
- * HKDF HMAC-based Extract-and-Expand Key Derivation Function,
- * RFC 5869, for all SHAs.
- */
-extern int hkdf(SHAversion whichSha, const unsigned char *salt,
-                int salt_len, const unsigned char *ikm, int ikm_len,
-                const unsigned char *info, int info_len,
-                uint8_t okm[ ], int okm_len);
-extern int hkdfExtract(SHAversion whichSha, const unsigned char *salt,
-                       int salt_len, const unsigned char *ikm,
-                       int ikm_len, uint8_t prk[USHAMaxHashSize]);
-extern int hkdfExpand(SHAversion whichSha, const uint8_t prk[ ],
-                      int prk_len, const unsigned char *info,
-                      int info_len, uint8_t okm[ ], int okm_len);
-
-/*
- * HKDF HMAC-based Extract-and-Expand Key Derivation Function,
- * RFC 5869, for all SHAs.
- * This interface allows any length of text input to be used.
- */
-extern int hkdfReset(HKDFContext *context, enum SHAversion whichSha,
-                     const unsigned char *salt, int salt_len);
-extern int hkdfInput(HKDFContext *context, const unsigned char *ikm,
-                     int ikm_len);
-extern int hkdfFinalBits(HKDFContext *context, uint8_t ikm_bits,
-                         unsigned int ikm_bit_count);
-extern int hkdfResult(HKDFContext *context,
-                      uint8_t prk[USHAMaxHashSize],
-                      const unsigned char *info, int info_len,
-                      uint8_t okm[USHAMaxHashSize], int okm_len);
 #endif /* _SHA_H_ */

data/vendor/libgit2/src/util/hash.h

@@ -23,6 +23,8 @@ typedef enum {
 	GIT_HASH_ALGORITHM_SHA256
 } git_hash_algorithm_t;
 
+#define GIT_HASH_MAX_SIZE GIT_HASH_SHA256_SIZE
+
 typedef struct git_hash_ctx {
 	union {
 		git_hash_sha1_ctx sha1;
@@ -45,4 +47,15 @@ int git_hash_vec(unsigned char *out, git_str_vec *vec, size_t n, git_hash_algori
 
 int git_hash_fmt(char *out, unsigned char *hash, size_t hash_len);
 
+GIT_INLINE(size_t) git_hash_size(git_hash_algorithm_t algorithm) {
+	switch (algorithm) {
+		case GIT_HASH_ALGORITHM_SHA1:
+			return GIT_HASH_SHA1_SIZE;
+		case GIT_HASH_ALGORITHM_SHA256:
+			return GIT_HASH_SHA256_SIZE;
+		default:
+			return 0;
+	}
+}
+
 #endif