RubyGems - rugged - Versions diffs - 1.7.2 → 1.9.0 - Mend

rugged 1.7.2 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (361) hide show

checksums.yaml +4 -4
data/lib/rugged/version.rb +1 -1
data/vendor/libgit2/AUTHORS +1 -0
data/vendor/libgit2/CMakeLists.txt +23 -10
data/vendor/libgit2/COPYING +195 -1
data/vendor/libgit2/cmake/{FindIconv.cmake → FindIntlIconv.cmake} +6 -0
data/vendor/libgit2/cmake/FindLLHTTP.cmake +39 -0
data/vendor/libgit2/cmake/SelectGSSAPI.cmake +1 -1
data/vendor/libgit2/cmake/SelectHTTPParser.cmake +23 -8
data/vendor/libgit2/cmake/SelectHTTPSBackend.cmake +17 -8
data/vendor/libgit2/cmake/SelectHashes.cmake +28 -11
data/vendor/libgit2/cmake/SelectRegex.cmake +6 -1
data/vendor/libgit2/cmake/SelectSSH.cmake +22 -17
data/vendor/libgit2/cmake/SelectZlib.cmake +4 -0
data/vendor/libgit2/deps/llhttp/CMakeLists.txt +8 -0
data/vendor/libgit2/deps/llhttp/LICENSE-MIT +22 -0
data/vendor/libgit2/deps/llhttp/api.c +510 -0
data/vendor/libgit2/deps/llhttp/http.c +170 -0
data/vendor/libgit2/deps/llhttp/llhttp.c +10168 -0
data/vendor/libgit2/deps/llhttp/llhttp.h +897 -0
data/vendor/libgit2/deps/ntlmclient/CMakeLists.txt +1 -1
data/vendor/libgit2/deps/ntlmclient/crypt_builtin_md4.c +311 -0
data/vendor/libgit2/deps/ntlmclient/crypt_commoncrypto.c +2 -1
data/vendor/libgit2/deps/ntlmclient/crypt_mbedtls.c +0 -20
data/vendor/libgit2/deps/ntlmclient/crypt_openssl.c +4 -4
data/vendor/libgit2/deps/ntlmclient/ntlm.c +21 -21
data/vendor/libgit2/deps/ntlmclient/unicode_builtin.c +5 -4
data/vendor/libgit2/deps/ntlmclient/unicode_iconv.c +2 -1
data/vendor/libgit2/deps/ntlmclient/utf8.h +1176 -721
data/vendor/libgit2/deps/ntlmclient/util.h +11 -0
data/vendor/libgit2/deps/pcre/CMakeLists.txt +1 -0
data/vendor/libgit2/deps/xdiff/xmerge.c +2 -2
data/vendor/libgit2/deps/zlib/CMakeLists.txt +6 -1
data/vendor/libgit2/deps/zlib/LICENSE +22 -0
data/vendor/libgit2/deps/zlib/adler32.c +5 -27
data/vendor/libgit2/deps/zlib/crc32.c +94 -167
data/vendor/libgit2/deps/zlib/deflate.c +358 -435
data/vendor/libgit2/deps/zlib/deflate.h +41 -10
data/vendor/libgit2/deps/zlib/gzguts.h +13 -18
data/vendor/libgit2/deps/zlib/infback.c +17 -30
data/vendor/libgit2/deps/zlib/inffast.c +1 -4
data/vendor/libgit2/deps/zlib/inffast.h +1 -1
data/vendor/libgit2/deps/zlib/inflate.c +36 -102
data/vendor/libgit2/deps/zlib/inftrees.c +6 -11
data/vendor/libgit2/deps/zlib/inftrees.h +6 -6
data/vendor/libgit2/deps/zlib/trees.c +287 -352
data/vendor/libgit2/deps/zlib/zconf.h +23 -14
data/vendor/libgit2/deps/zlib/zlib.h +202 -202
data/vendor/libgit2/deps/zlib/zutil.c +18 -44
data/vendor/libgit2/deps/zlib/zutil.h +13 -33
data/vendor/libgit2/include/git2/annotated_commit.h +12 -5
data/vendor/libgit2/include/git2/apply.h +27 -6
data/vendor/libgit2/include/git2/attr.h +17 -4
data/vendor/libgit2/include/git2/blame.h +133 -28
data/vendor/libgit2/include/git2/blob.h +71 -28
data/vendor/libgit2/include/git2/branch.h +22 -15
data/vendor/libgit2/include/git2/buffer.h +6 -4
data/vendor/libgit2/include/git2/cert.h +2 -1
data/vendor/libgit2/include/git2/checkout.h +83 -32
data/vendor/libgit2/include/git2/cherrypick.h +10 -3
data/vendor/libgit2/include/git2/clone.h +25 -9
data/vendor/libgit2/include/git2/commit.h +132 -3
data/vendor/libgit2/include/git2/common.h +120 -63
data/vendor/libgit2/include/git2/config.h +93 -23
data/vendor/libgit2/include/git2/credential.h +30 -2
data/vendor/libgit2/include/git2/credential_helpers.h +1 -0
data/vendor/libgit2/include/git2/deprecated.h +133 -3
data/vendor/libgit2/include/git2/describe.h +13 -1
data/vendor/libgit2/include/git2/diff.h +38 -8
data/vendor/libgit2/include/git2/email.h +9 -29
data/vendor/libgit2/include/git2/errors.h +46 -73
data/vendor/libgit2/include/git2/filter.h +14 -7
data/vendor/libgit2/include/git2/global.h +8 -1
data/vendor/libgit2/include/git2/graph.h +3 -2
data/vendor/libgit2/include/git2/ignore.h +10 -0
data/vendor/libgit2/include/git2/index.h +99 -14
data/vendor/libgit2/include/git2/indexer.h +21 -4
data/vendor/libgit2/include/git2/mailmap.h +7 -1
data/vendor/libgit2/include/git2/merge.h +46 -1
data/vendor/libgit2/include/git2/message.h +2 -2
data/vendor/libgit2/include/git2/net.h +3 -1
data/vendor/libgit2/include/git2/notes.h +9 -6
data/vendor/libgit2/include/git2/object.h +9 -8
data/vendor/libgit2/include/git2/odb.h +91 -49
data/vendor/libgit2/include/git2/odb_backend.h +80 -52
data/vendor/libgit2/include/git2/oid.h +23 -24
data/vendor/libgit2/include/git2/oidarray.h +7 -1
data/vendor/libgit2/include/git2/pack.h +13 -1
data/vendor/libgit2/include/git2/patch.h +2 -3
data/vendor/libgit2/include/git2/pathspec.h +9 -0
data/vendor/libgit2/include/git2/proxy.h +10 -0
data/vendor/libgit2/include/git2/rebase.h +9 -6
data/vendor/libgit2/include/git2/refdb.h +2 -2
data/vendor/libgit2/include/git2/reflog.h +3 -2
data/vendor/libgit2/include/git2/refs.h +9 -6
data/vendor/libgit2/include/git2/refspec.h +14 -4
data/vendor/libgit2/include/git2/remote.h +94 -18
data/vendor/libgit2/include/git2/repository.h +57 -21
data/vendor/libgit2/include/git2/reset.h +16 -3
data/vendor/libgit2/include/git2/revert.h +9 -4
data/vendor/libgit2/include/git2/revparse.h +3 -3
data/vendor/libgit2/include/git2/revwalk.h +3 -2
data/vendor/libgit2/include/git2/signature.h +46 -1
data/vendor/libgit2/include/git2/stash.h +17 -3
data/vendor/libgit2/include/git2/status.h +10 -6
data/vendor/libgit2/include/git2/stdint.h +87 -85
data/vendor/libgit2/include/git2/strarray.h +2 -3
data/vendor/libgit2/include/git2/submodule.h +20 -9
data/vendor/libgit2/include/git2/sys/alloc.h +12 -0
data/vendor/libgit2/include/git2/sys/commit.h +77 -3
data/vendor/libgit2/include/git2/sys/commit_graph.h +103 -62
data/vendor/libgit2/include/git2/sys/config.h +80 -4
data/vendor/libgit2/include/git2/sys/credential.h +4 -3
data/vendor/libgit2/include/git2/sys/diff.h +21 -1
data/vendor/libgit2/include/git2/sys/email.h +7 -0
data/vendor/libgit2/include/git2/sys/errors.h +76 -0
data/vendor/libgit2/include/git2/sys/filter.h +66 -3
data/vendor/libgit2/include/git2/sys/hashsig.h +11 -0
data/vendor/libgit2/include/git2/sys/index.h +3 -2
data/vendor/libgit2/include/git2/sys/mempack.h +32 -2
data/vendor/libgit2/include/git2/sys/merge.h +55 -7
data/vendor/libgit2/include/git2/sys/midx.h +43 -4
data/vendor/libgit2/include/git2/sys/odb_backend.h +7 -3
data/vendor/libgit2/include/git2/sys/openssl.h +8 -1
data/vendor/libgit2/include/git2/sys/path.h +12 -1
data/vendor/libgit2/include/git2/sys/refdb_backend.h +40 -36
data/vendor/libgit2/include/git2/sys/refs.h +3 -2
data/vendor/libgit2/include/git2/sys/remote.h +8 -1
data/vendor/libgit2/include/git2/sys/repository.h +63 -3
data/vendor/libgit2/include/git2/sys/stream.h +11 -2
data/vendor/libgit2/include/git2/sys/transport.h +24 -3
data/vendor/libgit2/include/git2/tag.h +3 -1
data/vendor/libgit2/include/git2/trace.h +9 -3
data/vendor/libgit2/include/git2/transaction.h +3 -2
data/vendor/libgit2/include/git2/transport.h +11 -3
data/vendor/libgit2/include/git2/tree.h +16 -5
data/vendor/libgit2/include/git2/types.h +19 -3
data/vendor/libgit2/include/git2/version.h +44 -8
data/vendor/libgit2/include/git2/worktree.h +16 -6
data/vendor/libgit2/src/CMakeLists.txt +6 -4
data/vendor/libgit2/src/cli/CMakeLists.txt +2 -2
data/vendor/libgit2/src/cli/cmd.c +1 -1
data/vendor/libgit2/src/cli/cmd.h +4 -0
data/vendor/libgit2/src/cli/cmd_blame.c +287 -0
data/vendor/libgit2/src/cli/cmd_cat_file.c +6 -8
data/vendor/libgit2/src/cli/cmd_clone.c +5 -7
data/vendor/libgit2/src/cli/cmd_config.c +241 -0
data/vendor/libgit2/src/cli/cmd_hash_object.c +6 -8
data/vendor/libgit2/src/cli/cmd_help.c +6 -7
data/vendor/libgit2/src/cli/cmd_index_pack.c +114 -0
data/vendor/libgit2/src/cli/cmd_init.c +102 -0
data/vendor/libgit2/src/cli/common.c +168 -0
data/vendor/libgit2/src/cli/common.h +63 -0
data/vendor/libgit2/src/cli/error.h +1 -1
data/vendor/libgit2/src/cli/main.c +52 -24
data/vendor/libgit2/src/cli/opt.c +29 -3
data/vendor/libgit2/src/cli/opt.h +21 -3
data/vendor/libgit2/src/cli/opt_usage.c +102 -33
data/vendor/libgit2/src/cli/opt_usage.h +6 -1
data/vendor/libgit2/src/cli/progress.c +51 -2
data/vendor/libgit2/src/cli/progress.h +12 -0
data/vendor/libgit2/src/cli/unix/sighandler.c +2 -1
data/vendor/libgit2/src/cli/win32/precompiled.h +1 -1
data/vendor/libgit2/src/cli/win32/sighandler.c +1 -1
data/vendor/libgit2/src/libgit2/CMakeLists.txt +26 -8
data/vendor/libgit2/src/libgit2/apply.c +10 -13
data/vendor/libgit2/src/libgit2/attr.c +30 -13
data/vendor/libgit2/src/libgit2/attr_file.c +7 -2
data/vendor/libgit2/src/libgit2/attr_file.h +2 -0
data/vendor/libgit2/src/libgit2/attrcache.c +69 -33
data/vendor/libgit2/src/libgit2/attrcache.h +5 -9
data/vendor/libgit2/src/libgit2/blame.c +130 -44
data/vendor/libgit2/src/libgit2/blame.h +1 -0
data/vendor/libgit2/src/libgit2/cache.c +22 -17
data/vendor/libgit2/src/libgit2/cache.h +7 -9
data/vendor/libgit2/src/libgit2/checkout.c +34 -24
data/vendor/libgit2/src/libgit2/checkout.h +0 -2
data/vendor/libgit2/src/libgit2/cherrypick.c +1 -2
data/vendor/libgit2/src/libgit2/clone.c +186 -166
data/vendor/libgit2/src/libgit2/clone.h +4 -1
data/vendor/libgit2/src/libgit2/commit.c +92 -0
data/vendor/libgit2/src/libgit2/commit_graph.c +67 -56
data/vendor/libgit2/src/libgit2/commit_graph.h +1 -2
data/vendor/libgit2/src/libgit2/config.c +389 -298
data/vendor/libgit2/src/libgit2/config.cmake.in +3 -0
data/vendor/libgit2/src/libgit2/config.h +9 -4
data/vendor/libgit2/src/libgit2/config_backend.h +8 -10
data/vendor/libgit2/src/libgit2/config_cache.c +4 -5
data/vendor/libgit2/src/libgit2/config_file.c +99 -88
data/vendor/libgit2/src/libgit2/config_list.c +285 -0
data/vendor/libgit2/src/libgit2/config_list.h +32 -0
data/vendor/libgit2/src/libgit2/config_mem.c +194 -40
data/vendor/libgit2/src/libgit2/config_parse.c +10 -9
data/vendor/libgit2/src/libgit2/config_snapshot.c +24 -31
data/vendor/libgit2/src/libgit2/describe.c +24 -24
data/vendor/libgit2/src/libgit2/diff.c +1 -1
data/vendor/libgit2/src/libgit2/diff_driver.c +12 -19
data/vendor/libgit2/src/libgit2/diff_driver.h +2 -2
data/vendor/libgit2/src/libgit2/diff_generate.c +3 -3
data/vendor/libgit2/src/libgit2/diff_parse.c +2 -2
data/vendor/libgit2/src/libgit2/diff_print.c +65 -9
data/vendor/libgit2/src/libgit2/diff_tform.c +36 -8
data/vendor/libgit2/src/libgit2/email.c +1 -0
data/vendor/libgit2/src/libgit2/fetch.c +5 -3
data/vendor/libgit2/src/libgit2/filter.c +5 -5
data/vendor/libgit2/src/libgit2/git2.rc +3 -3
data/vendor/libgit2/src/libgit2/grafts.c +18 -20
data/vendor/libgit2/src/libgit2/grafts.h +0 -1
data/vendor/libgit2/src/libgit2/graph.c +1 -1
data/vendor/libgit2/src/libgit2/hashmap_oid.h +30 -0
data/vendor/libgit2/src/libgit2/ignore.c +9 -5
data/vendor/libgit2/src/libgit2/index.c +68 -90
data/vendor/libgit2/src/libgit2/index.h +2 -2
data/vendor/libgit2/src/libgit2/index_map.c +95 -0
data/vendor/libgit2/src/libgit2/index_map.h +28 -0
data/vendor/libgit2/src/libgit2/indexer.c +34 -38
data/vendor/libgit2/src/libgit2/iterator.c +14 -8
data/vendor/libgit2/src/libgit2/libgit2.c +153 -368
data/vendor/libgit2/src/libgit2/mailmap.c +1 -1
data/vendor/libgit2/src/libgit2/merge.c +42 -37
data/vendor/libgit2/src/libgit2/merge_driver.c +2 -2
data/vendor/libgit2/src/libgit2/midx.c +28 -15
data/vendor/libgit2/src/libgit2/mwindow.c +38 -45
data/vendor/libgit2/src/libgit2/mwindow.h +4 -0
data/vendor/libgit2/src/libgit2/object.c +6 -5
data/vendor/libgit2/src/libgit2/odb.c +5 -4
data/vendor/libgit2/src/libgit2/odb_mempack.c +49 -17
data/vendor/libgit2/src/libgit2/odb_pack.c +13 -5
data/vendor/libgit2/src/libgit2/oid.c +32 -5
data/vendor/libgit2/src/libgit2/oid.h +11 -0
data/vendor/libgit2/src/libgit2/pack-objects.c +58 -31
data/vendor/libgit2/src/libgit2/pack-objects.h +12 -4
data/vendor/libgit2/src/libgit2/pack.c +30 -24
data/vendor/libgit2/src/libgit2/pack.h +15 -10
data/vendor/libgit2/src/libgit2/patch_parse.c +2 -2
data/vendor/libgit2/src/libgit2/path.c +1 -1
data/vendor/libgit2/src/libgit2/pathspec.c +1 -1
data/vendor/libgit2/src/libgit2/push.c +79 -28
data/vendor/libgit2/src/libgit2/push.h +1 -0
data/vendor/libgit2/src/libgit2/refdb_fs.c +128 -61
data/vendor/libgit2/src/libgit2/reflog.c +1 -2
data/vendor/libgit2/src/libgit2/reflog.h +2 -0
data/vendor/libgit2/src/libgit2/refs.c +26 -7
data/vendor/libgit2/src/libgit2/refs.h +6 -1
data/vendor/libgit2/src/libgit2/refspec.c +28 -1
data/vendor/libgit2/src/libgit2/refspec.h +8 -0
data/vendor/libgit2/src/libgit2/remote.c +121 -61
data/vendor/libgit2/src/libgit2/repository.c +231 -51
data/vendor/libgit2/src/libgit2/repository.h +10 -6
data/vendor/libgit2/src/libgit2/revert.c +1 -2
data/vendor/libgit2/src/libgit2/revparse.c +2 -2
data/vendor/libgit2/src/libgit2/revwalk.c +13 -10
data/vendor/libgit2/src/libgit2/revwalk.h +3 -3
data/vendor/libgit2/src/libgit2/settings.c +468 -0
data/vendor/libgit2/src/libgit2/settings.h +6 -2
data/vendor/libgit2/src/libgit2/signature.c +132 -15
data/vendor/libgit2/src/libgit2/signature.h +0 -1
data/vendor/libgit2/src/libgit2/status.c +1 -1
data/vendor/libgit2/src/libgit2/streams/mbedtls.c +54 -60
data/vendor/libgit2/src/libgit2/streams/openssl.c +32 -7
data/vendor/libgit2/src/libgit2/streams/openssl.h +2 -0
data/vendor/libgit2/src/libgit2/streams/openssl_dynamic.c +4 -0
data/vendor/libgit2/src/libgit2/streams/openssl_dynamic.h +3 -0
data/vendor/libgit2/src/libgit2/streams/stransport.c +39 -7
data/vendor/libgit2/src/libgit2/submodule.c +106 -63
data/vendor/libgit2/src/libgit2/submodule.h +6 -7
data/vendor/libgit2/src/libgit2/tag.c +1 -1
data/vendor/libgit2/src/libgit2/trailer.c +6 -6
data/vendor/libgit2/src/libgit2/transaction.c +26 -20
data/vendor/libgit2/src/libgit2/transaction.h +4 -1
data/vendor/libgit2/src/libgit2/transport.c +4 -1
data/vendor/libgit2/src/libgit2/transports/credential.c +1 -1
data/vendor/libgit2/src/libgit2/transports/http.c +1 -2
data/vendor/libgit2/src/libgit2/transports/http.h +0 -10
data/vendor/libgit2/src/libgit2/transports/httpclient.c +112 -72
data/vendor/libgit2/src/libgit2/transports/httpparser.c +128 -0
data/vendor/libgit2/src/libgit2/transports/httpparser.h +99 -0
data/vendor/libgit2/src/libgit2/transports/local.c +8 -7
data/vendor/libgit2/src/libgit2/transports/smart.c +20 -8
data/vendor/libgit2/src/libgit2/transports/smart.h +4 -2
data/vendor/libgit2/src/libgit2/transports/smart_pkt.c +2 -2
data/vendor/libgit2/src/libgit2/transports/smart_protocol.c +55 -10
data/vendor/libgit2/src/libgit2/transports/ssh.c +41 -1103
data/vendor/libgit2/src/libgit2/transports/ssh_exec.c +347 -0
data/vendor/libgit2/src/libgit2/transports/ssh_exec.h +26 -0
data/vendor/libgit2/src/libgit2/transports/ssh_libssh2.c +1126 -0
data/vendor/libgit2/src/libgit2/transports/ssh_libssh2.h +28 -0
data/vendor/libgit2/src/libgit2/transports/winhttp.c +35 -7
data/vendor/libgit2/src/libgit2/tree.c +34 -26
data/vendor/libgit2/src/libgit2/tree.h +3 -2
data/vendor/libgit2/src/libgit2/worktree.c +14 -17
data/vendor/libgit2/src/util/CMakeLists.txt +4 -6
data/vendor/libgit2/src/util/alloc.c +4 -1
data/vendor/libgit2/src/util/allocators/debugalloc.c +73 -0
data/vendor/libgit2/src/{cli/cli.h → util/allocators/debugalloc.h} +6 -9
data/vendor/libgit2/src/util/allocators/stdalloc.c +0 -10
data/vendor/libgit2/src/util/array.h +18 -17
data/vendor/libgit2/src/util/cc-compat.h +2 -0
data/vendor/libgit2/src/util/ctype_compat.h +70 -0
data/vendor/libgit2/src/util/date.c +22 -14
data/vendor/libgit2/src/util/date.h +12 -0
data/vendor/libgit2/src/util/errors.c +401 -0
data/vendor/libgit2/src/{libgit2 → util}/errors.h +21 -17
data/vendor/libgit2/src/util/fs_path.c +15 -4
data/vendor/libgit2/src/util/fs_path.h +23 -0
data/vendor/libgit2/src/util/futils.c +6 -5
data/vendor/libgit2/src/util/futils.h +13 -4
data/vendor/libgit2/src/util/git2_features.h.in +12 -1
data/vendor/libgit2/src/util/git2_util.h +6 -0
data/vendor/libgit2/src/util/hash/openssl.c +152 -0
data/vendor/libgit2/src/util/hash/openssl.h +17 -1
data/vendor/libgit2/src/util/hash/sha.h +4 -1
data/vendor/libgit2/src/util/hashmap.h +424 -0
data/vendor/libgit2/src/util/hashmap_str.h +43 -0
data/vendor/libgit2/src/util/integer.h +3 -1
data/vendor/libgit2/src/util/net.c +13 -7
data/vendor/libgit2/src/util/net.h +2 -0
data/vendor/libgit2/src/util/pool.c +1 -1
data/vendor/libgit2/src/util/pool.h +5 -0
data/vendor/libgit2/src/util/pqueue.h +1 -1
data/vendor/libgit2/src/util/process.h +222 -0
data/vendor/libgit2/src/util/rand.c +1 -7
data/vendor/libgit2/src/util/regexp.c +1 -1
data/vendor/libgit2/src/util/sortedcache.c +14 -13
data/vendor/libgit2/src/util/sortedcache.h +3 -3
data/vendor/libgit2/src/util/str.c +2 -2
data/vendor/libgit2/src/util/strlist.c +108 -0
data/vendor/libgit2/src/util/strlist.h +36 -0
data/vendor/libgit2/src/util/unix/posix.h +0 -2
data/vendor/libgit2/src/util/unix/process.c +629 -0
data/vendor/libgit2/src/util/unix/realpath.c +23 -5
data/vendor/libgit2/src/util/util.c +2 -2
data/vendor/libgit2/src/util/util.h +4 -38
data/vendor/libgit2/src/util/vector.c +3 -3
data/vendor/libgit2/src/util/vector.h +2 -2
data/vendor/libgit2/src/util/win32/posix_w32.c +29 -6
data/vendor/libgit2/src/util/win32/process.c +506 -0
metadata +45 -28
data/vendor/libgit2/deps/http-parser/CMakeLists.txt +0 -6
data/vendor/libgit2/deps/http-parser/COPYING +0 -23
data/vendor/libgit2/deps/http-parser/http_parser.c +0 -2182
data/vendor/libgit2/deps/http-parser/http_parser.h +0 -305
data/vendor/libgit2/deps/zlib/COPYING +0 -27
data/vendor/libgit2/include/git2/sys/reflog.h +0 -21
data/vendor/libgit2/src/libgit2/config_entries.c +0 -237
data/vendor/libgit2/src/libgit2/config_entries.h +0 -24
data/vendor/libgit2/src/libgit2/errors.c +0 -293
data/vendor/libgit2/src/libgit2/idxmap.c +0 -157
data/vendor/libgit2/src/libgit2/idxmap.h +0 -177
data/vendor/libgit2/src/libgit2/libgit2.h +0 -15
data/vendor/libgit2/src/libgit2/offmap.c +0 -101
data/vendor/libgit2/src/libgit2/offmap.h +0 -133
data/vendor/libgit2/src/libgit2/oidmap.c +0 -107
data/vendor/libgit2/src/libgit2/oidmap.h +0 -128
data/vendor/libgit2/src/libgit2/threadstate.c +0 -97
data/vendor/libgit2/src/libgit2/threadstate.h +0 -22
data/vendor/libgit2/src/libgit2/transports/ssh.h +0 -14
data/vendor/libgit2/src/util/khash.h +0 -615
data/vendor/libgit2/src/util/strmap.c +0 -100
data/vendor/libgit2/src/util/strmap.h +0 -131
/data/vendor/libgit2/cmake/{FindHTTPParser.cmake → FindHTTP_Parser.cmake} +0 -0

data/vendor/libgit2/src/libgit2/streams/mbedtls.c CHANGED Viewed

@@ -32,7 +32,6 @@
 # endif
 #endif
-#include <mbedtls/config.h>
 #include <mbedtls/ssl.h>
 #include <mbedtls/error.h>
 #include <mbedtls/entropy.h>
@@ -40,12 +39,18 @@
 #undef inline
-#define GIT_SSL_DEFAULT_CIPHERS "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-DSS-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-DSS-WITH-AES-256-GCM-SHA384:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-128-CBC-SHA256:TLS-DHE-DSS-WITH-AES-256-CBC-SHA256:TLS-DHE-DSS-WITH-AES-128-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-128-GCM-SHA256:TLS-RSA-WITH-AES-256-GCM-SHA384:TLS-RSA-WITH-AES-128-CBC-SHA256:TLS-RSA-WITH-AES-256-CBC-SHA256:TLS-RSA-WITH-AES-128-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA"
-#define GIT_SSL_DEFAULT_CIPHERS_COUNT 30
+#define GIT_SSL_DEFAULT_CIPHERS "TLS1-3-AES-128-GCM-SHA256:TLS1-3-AES-256-GCM-SHA384:TLS1-3-CHACHA20-POLY1305-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256:TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-RSA-WITH-AES-128-GCM-SHA256:TLS-RSA-WITH-AES-256-GCM-SHA384:TLS-RSA-WITH-AES-128-CBC-SHA256:TLS-RSA-WITH-AES-256-CBC-SHA256:TLS-RSA-WITH-AES-128-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA"
+#define GIT_SSL_DEFAULT_CIPHERS_COUNT 28
-static mbedtls_ssl_config *git__ssl_conf;
 static int ciphers_list[GIT_SSL_DEFAULT_CIPHERS_COUNT];
-static mbedtls_entropy_context *mbedtls_entropy;
+static bool initialized = false;
+static mbedtls_ssl_config mbedtls_config;
+static mbedtls_ctr_drbg_context mbedtls_rng;
+static mbedtls_entropy_context mbedtls_entropy;
+static bool has_ca_chain = false;
+static mbedtls_x509_crt mbedtls_ca_chain;
 /**
  * This function aims to clean-up the SSL context which
@@ -53,19 +58,16 @@ static mbedtls_entropy_context *mbedtls_entropy;
  */
 static void shutdown_ssl(void)
 {
-	if (git__ssl_conf) {
-		mbedtls_x509_crt_free(git__ssl_conf->ca_chain);
-		git__free(git__ssl_conf->ca_chain);
-		mbedtls_ctr_drbg_free(git__ssl_conf->p_rng);
-		git__free(git__ssl_conf->p_rng);
-		mbedtls_ssl_config_free(git__ssl_conf);
-		git__free(git__ssl_conf);
-		git__ssl_conf = NULL;
+	if (has_ca_chain) {
+		mbedtls_x509_crt_free(&mbedtls_ca_chain);
+		has_ca_chain = false;
 	}
-	if (mbedtls_entropy) {
-		mbedtls_entropy_free(mbedtls_entropy);
-		git__free(mbedtls_entropy);
-		mbedtls_entropy = NULL;
+	if (initialized) {
+		mbedtls_ctr_drbg_free(&mbedtls_rng);
+		mbedtls_ssl_config_free(&mbedtls_config);
+		mbedtls_entropy_free(&mbedtls_entropy);
+		initialized = false;
 	}
 }
@@ -74,32 +76,33 @@ int git_mbedtls_stream_global_init(void)
 	int loaded = 0;
 	char *crtpath = GIT_DEFAULT_CERT_LOCATION;
 	struct stat statbuf;
-	mbedtls_ctr_drbg_context *ctr_drbg = NULL;
 	size_t ciphers_known = 0;
 	char *cipher_name = NULL;
 	char *cipher_string = NULL;
 	char *cipher_string_tmp = NULL;
-	git__ssl_conf = git__malloc(sizeof(mbedtls_ssl_config));
-	GIT_ERROR_CHECK_ALLOC(git__ssl_conf);
+	mbedtls_ssl_config_init(&mbedtls_config);
+	mbedtls_entropy_init(&mbedtls_entropy);
+	mbedtls_ctr_drbg_init(&mbedtls_rng);
-	mbedtls_ssl_config_init(git__ssl_conf);
-	if (mbedtls_ssl_config_defaults(git__ssl_conf,
-		                            MBEDTLS_SSL_IS_CLIENT,
-		                            MBEDTLS_SSL_TRANSPORT_STREAM,
-		                            MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
+	if (mbedtls_ssl_config_defaults(&mbedtls_config,
+	                                MBEDTLS_SSL_IS_CLIENT,
+	                                MBEDTLS_SSL_TRANSPORT_STREAM,
+	                                MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
 		git_error_set(GIT_ERROR_SSL, "failed to initialize mbedTLS");
 		goto cleanup;
 	}
-	/* configure TLSv1 */
-	mbedtls_ssl_conf_min_version(git__ssl_conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0);
+	/* configure TLSv1.1 or better */
+#ifdef MBEDTLS_SSL_MINOR_VERSION_2
+	mbedtls_ssl_conf_min_version(&mbedtls_config, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_2);
+#endif
 	/* verify_server_cert is responsible for making the check.
 	 * OPTIONAL because REQUIRED drops the certificate as soon as the check
 	 * is made, so we can never see the certificate and override it. */
-	mbedtls_ssl_conf_authmode(git__ssl_conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
+	mbedtls_ssl_conf_authmode(&mbedtls_config, MBEDTLS_SSL_VERIFY_OPTIONAL);
 	/* set the list of allowed ciphersuites */
 	ciphers_known = 0;
@@ -123,42 +126,33 @@ int git_mbedtls_stream_global_init(void)
 		git_error_set(GIT_ERROR_SSL, "no cipher could be enabled");
 		goto cleanup;
 	}
-	mbedtls_ssl_conf_ciphersuites(git__ssl_conf, ciphers_list);
+	mbedtls_ssl_conf_ciphersuites(&mbedtls_config, ciphers_list);
 	/* Seeding the random number generator */
-	mbedtls_entropy = git__malloc(sizeof(mbedtls_entropy_context));
-	GIT_ERROR_CHECK_ALLOC(mbedtls_entropy);
-	mbedtls_entropy_init(mbedtls_entropy);
-	ctr_drbg = git__malloc(sizeof(mbedtls_ctr_drbg_context));
-	GIT_ERROR_CHECK_ALLOC(ctr_drbg);
-	mbedtls_ctr_drbg_init(ctr_drbg);
-	if (mbedtls_ctr_drbg_seed(ctr_drbg,
-		                      mbedtls_entropy_func,
-		                      mbedtls_entropy, NULL, 0) != 0) {
+	if (mbedtls_ctr_drbg_seed(&mbedtls_rng, mbedtls_entropy_func,
+			&mbedtls_entropy, NULL, 0) != 0) {
 		git_error_set(GIT_ERROR_SSL, "failed to initialize mbedTLS entropy pool");
 		goto cleanup;
 	}
-	mbedtls_ssl_conf_rng(git__ssl_conf, mbedtls_ctr_drbg_random, ctr_drbg);
+	mbedtls_ssl_conf_rng(&mbedtls_config, mbedtls_ctr_drbg_random, &mbedtls_rng);
 	/* load default certificates */
 	if (crtpath != NULL && stat(crtpath, &statbuf) == 0 && S_ISREG(statbuf.st_mode))
 		loaded = (git_mbedtls__set_cert_location(crtpath, NULL) == 0);
 	if (!loaded && crtpath != NULL && stat(crtpath, &statbuf) == 0 && S_ISDIR(statbuf.st_mode))
 		loaded = (git_mbedtls__set_cert_location(NULL, crtpath) == 0);
+	initialized = true;
 	return git_runtime_shutdown_register(shutdown_ssl);
 cleanup:
-	mbedtls_ctr_drbg_free(ctr_drbg);
-	git__free(ctr_drbg);
-	mbedtls_ssl_config_free(git__ssl_conf);
-	git__free(git__ssl_conf);
-	git__ssl_conf = NULL;
+	mbedtls_ctr_drbg_free(&mbedtls_rng);
+	mbedtls_ssl_config_free(&mbedtls_config);
+	mbedtls_entropy_free(&mbedtls_entropy);
 	return -1;
 }
@@ -192,7 +186,7 @@ static int ssl_set_error(mbedtls_ssl_context *ssl, int error)
 		break;
 	case MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:
-		git_error_set(GIT_ERROR_SSL, "SSL error: %#04x [%x] - %s", error, ssl->session_negotiate->verify_result, errbuf);
+		git_error_set(GIT_ERROR_SSL, "SSL error: %#04x [%x] - %s", error, mbedtls_ssl_get_verify_result(ssl), errbuf);
 		ret = GIT_ECERTIFICATE;
 		break;
@@ -374,7 +368,7 @@ static int mbedtls_stream_wrap(
 	st->ssl = git__malloc(sizeof(mbedtls_ssl_context));
 	GIT_ERROR_CHECK_ALLOC(st->ssl);
 	mbedtls_ssl_init(st->ssl);
-	if (mbedtls_ssl_setup(st->ssl, git__ssl_conf)) {
+	if (mbedtls_ssl_setup(st->ssl, &mbedtls_config)) {
 		git_error_set(GIT_ERROR_SSL, "failed to create ssl object");
 		error = -1;
 		goto out_err;
@@ -441,30 +435,30 @@ int git_mbedtls__set_cert_location(const char *file, const char *path)
 {
 	int ret = 0;
 	char errbuf[512];
-	mbedtls_x509_crt *cacert;
 	GIT_ASSERT_ARG(file || path);
-	cacert = git__malloc(sizeof(mbedtls_x509_crt));
-	GIT_ERROR_CHECK_ALLOC(cacert);
+	if (has_ca_chain)
+		mbedtls_x509_crt_free(&mbedtls_ca_chain);
+	mbedtls_x509_crt_init(&mbedtls_ca_chain);
-	mbedtls_x509_crt_init(cacert);
 	if (file)
-		ret = mbedtls_x509_crt_parse_file(cacert, file);
+		ret = mbedtls_x509_crt_parse_file(&mbedtls_ca_chain, file);
 	if (ret >= 0 && path)
-		ret = mbedtls_x509_crt_parse_path(cacert, path);
+		ret = mbedtls_x509_crt_parse_path(&mbedtls_ca_chain, path);
 	/* mbedtls_x509_crt_parse_path returns the number of invalid certs on success */
 	if (ret < 0) {
-		mbedtls_x509_crt_free(cacert);
-		git__free(cacert);
+		mbedtls_x509_crt_free(&mbedtls_ca_chain);
 		mbedtls_strerror( ret, errbuf, 512 );
 		git_error_set(GIT_ERROR_SSL, "failed to load CA certificates: %#04x - %s", ret, errbuf);
 		return -1;
 	}
-	mbedtls_x509_crt_free(git__ssl_conf->ca_chain);
-	git__free(git__ssl_conf->ca_chain);
-	mbedtls_ssl_conf_ca_chain(git__ssl_conf, cacert, NULL);
+	mbedtls_ssl_conf_ca_chain(&mbedtls_config, &mbedtls_ca_chain, NULL);
+	has_ca_chain = true;
 	return 0;
 }

data/vendor/libgit2/src/libgit2/streams/openssl.c CHANGED Viewed

@@ -36,10 +36,11 @@
 # include <openssl/bio.h>
 #endif
-SSL_CTX *git__ssl_ctx;
+extern char *git__ssl_ciphers;
-#define GIT_SSL_DEFAULT_CIPHERS "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA"
+SSL_CTX *git__ssl_ctx;
+#define GIT_SSL_DEFAULT_CIPHERS "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA"
 static BIO_METHOD *git_stream_bio_method;
 static int init_bio_method(void);
@@ -105,7 +106,7 @@ static void git_openssl_free(void *mem)
 static int openssl_init(void)
 {
 	long ssl_opts = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
-	const char *ciphers = git_libgit2__ssl_ciphers();
+	const char *ciphers = git__ssl_ciphers;
 #ifdef VALGRIND
 	static bool allocators_initialized = false;
 #endif
@@ -133,10 +134,10 @@ static int openssl_init(void)
 	OPENSSL_init_ssl(0, NULL);
 	/*
-	 * Load SSLv{2,3} and TLSv1 so that we can talk with servers
-	 * which use the SSL hellos, which are often used for
-	 * compatibility. We then disable SSL so we only allow OpenSSL
-	 * to speak TLSv1 to perform the encryption itself.
+	 * Despite the name SSLv23_method, this is actually a version-
+	 * flexible context, which honors the protocol versions
+	 * specified in `ssl_opts`. So we only support TLSv1.0 and
+	 * higher.
 	 */
 	if (!(git__ssl_ctx = SSL_CTX_new(SSLv23_method())))
 		goto error;
@@ -720,6 +721,30 @@ int git_openssl__set_cert_location(const char *file, const char *path)
 	return 0;
 }
+int git_openssl__add_x509_cert(X509 *cert)
+{
+	X509_STORE *cert_store;
+	if (openssl_ensure_initialized() < 0)
+		return -1;
+	if (!(cert_store = SSL_CTX_get_cert_store(git__ssl_ctx)))
+		return -1;
+	if (cert && X509_STORE_add_cert(cert_store, cert) == 0) {
+		git_error_set(GIT_ERROR_SSL, "OpenSSL error: failed to add raw X509 certificate");
+		return -1;
+	}
+	return 0;
+}
+int git_openssl__reset_context(void)
+{
+	shutdown_ssl();
+	return openssl_init();
+}
 #else
 #include "stream.h"

data/vendor/libgit2/src/libgit2/streams/openssl.h CHANGED Viewed

@@ -24,6 +24,8 @@ extern int git_openssl_stream_global_init(void);
 #ifdef GIT_OPENSSL
 extern int git_openssl__set_cert_location(const char *file, const char *path);
+extern int git_openssl__add_x509_cert(X509 *cert);
+extern int git_openssl__reset_context(void);
 extern int git_openssl_stream_new(git_stream **out, const char *host, const char *port);
 extern int git_openssl_stream_wrap(git_stream **out, git_stream *in, const char *host);
 #endif

data/vendor/libgit2/src/libgit2/streams/openssl_dynamic.c CHANGED Viewed

@@ -65,6 +65,7 @@ int (*SSL_write)(SSL *ssl, const void *buf, int num);
 long (*SSL_CTX_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
 void (*SSL_CTX_free)(SSL_CTX *ctx);
 SSL_CTX *(*SSL_CTX_new)(const SSL_METHOD *method);
+X509_STORE *(*SSL_CTX_get_cert_store)(const SSL_CTX *);
 int (*SSL_CTX_set_cipher_list)(SSL_CTX *ctx, const char *str);
 int (*SSL_CTX_set_default_verify_paths)(SSL_CTX *ctx);
 long (*SSL_CTX_set_options)(SSL_CTX *ctx, long options);
@@ -80,6 +81,7 @@ int (*X509_NAME_get_index_by_NID)(X509_NAME *name, int nid, int lastpos);
 void (*X509_free)(X509 *a);
 void *(*X509_get_ext_d2i)(const X509 *x, int nid, int *crit, int *idx);
 X509_NAME *(*X509_get_subject_name)(const X509 *x);
+int (*X509_STORE_add_cert)(X509_STORE *ctx, X509 *x);
 int (*i2d_X509)(X509 *a, unsigned char **ppout);
@@ -194,6 +196,7 @@ int git_openssl_stream_dynamic_init(void)
 	SSL_CTX_ctrl = (long (*)(SSL_CTX *, int, long, void *))openssl_sym(&err, "SSL_CTX_ctrl", true);
 	SSL_CTX_free = (void (*)(SSL_CTX *))openssl_sym(&err, "SSL_CTX_free", true);
 	SSL_CTX_new = (SSL_CTX *(*)(const SSL_METHOD *))openssl_sym(&err, "SSL_CTX_new", true);
+	SSL_CTX_get_cert_store = (X509_STORE *(*)(const SSL_CTX *))openssl_sym(&err, "SSL_CTX_get_cert_store", true);
 	SSL_CTX_set_cipher_list = (int (*)(SSL_CTX *, const char *))openssl_sym(&err, "SSL_CTX_set_cipher_list", true);
 	SSL_CTX_set_default_verify_paths = (int (*)(SSL_CTX *ctx))openssl_sym(&err, "SSL_CTX_set_default_verify_paths", true);
 	SSL_CTX_set_options = (long (*)(SSL_CTX *, long))openssl_sym(&err, "SSL_CTX_set_options", false);
@@ -209,6 +212,7 @@ int git_openssl_stream_dynamic_init(void)
 	X509_free = (void (*)(X509 *))openssl_sym(&err, "X509_free", true);
 	X509_get_ext_d2i = (void *(*)(const X509 *x, int nid, int *crit, int *idx))openssl_sym(&err, "X509_get_ext_d2i", true);
 	X509_get_subject_name = (X509_NAME *(*)(const X509 *))openssl_sym(&err, "X509_get_subject_name", true);
+	X509_STORE_add_cert = (int (*)(X509_STORE *ctx, X509 *x))openssl_sym(&err, "X509_STORE_add_cert", true);
 	i2d_X509 = (int (*)(X509 *a, unsigned char **ppout))openssl_sym(&err, "i2d_X509", true);

data/vendor/libgit2/src/libgit2/streams/openssl_dynamic.h CHANGED Viewed

@@ -204,6 +204,7 @@ typedef void SSL_METHOD;
 typedef void X509;
 typedef void X509_NAME;
 typedef void X509_NAME_ENTRY;
+typedef void X509_STORE;
 typedef void X509_STORE_CTX;
 typedef struct {
@@ -309,6 +310,7 @@ extern int (*SSL_write)(SSL *ssl, const void *buf, int num);
 extern long (*SSL_CTX_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
 extern void (*SSL_CTX_free)(SSL_CTX *ctx);
 extern SSL_CTX *(*SSL_CTX_new)(const SSL_METHOD *method);
+extern X509_STORE *(*SSL_CTX_get_cert_store)(const SSL_CTX *ctx);
 extern int (*SSL_CTX_set_cipher_list)(SSL_CTX *ctx, const char *str);
 extern int (*SSL_CTX_set_default_verify_paths)(SSL_CTX *ctx);
 extern long (*SSL_CTX_set_options)(SSL_CTX *ctx, long options);
@@ -326,6 +328,7 @@ extern int (*X509_NAME_get_index_by_NID)(X509_NAME *name, int nid, int lastpos);
 extern void (*X509_free)(X509 *a);
 extern void *(*X509_get_ext_d2i)(const X509 *x, int nid, int *crit, int *idx);
 extern X509_NAME *(*X509_get_subject_name)(const X509 *x);
+extern int (*X509_STORE_add_cert)(X509_STORE *ctx, X509 *x);
 extern int (*i2d_X509)(X509 *a, unsigned char **ppout);

data/vendor/libgit2/src/libgit2/streams/stransport.c CHANGED Viewed

@@ -13,13 +13,16 @@
 #include <Security/SecureTransport.h>
 #include <Security/SecCertificate.h>
+#include "common.h"
+#include "trace.h"
 #include "git2/transport.h"
 #include "streams/socket.h"
 static int stransport_error(OSStatus ret)
 {
-	CFStringRef message;
+	CFStringRef message_ref = NULL;
+	const char *message_cstr = NULL;
+	char *message_ptr = NULL;
 	if (ret == noErr || ret == errSSLClosedGraceful) {
 		git_error_clear();
@@ -27,14 +30,39 @@ static int stransport_error(OSStatus ret)
 	}
 #if !TARGET_OS_IPHONE
-	message = SecCopyErrorMessageString(ret, NULL);
-	GIT_ERROR_CHECK_ALLOC(message);
+	message_ref = SecCopyErrorMessageString(ret, NULL);
+	GIT_ERROR_CHECK_ALLOC(message_ref);
+	/*
+	 * Attempt the cheap CFString conversion; this can return NULL
+	 * when that would be expensive. In that case, call the more
+	 * expensive function.
+	 */
+	message_cstr = CFStringGetCStringPtr(message_ref, kCFStringEncodingUTF8);
+	if (!message_cstr) {
+		/* Provide buffer to convert from UTF16 to UTF8 */
+		size_t message_size = CFStringGetLength(message_ref) * 2 + 1;
+		message_cstr = message_ptr = git__malloc(message_size);
+		GIT_ERROR_CHECK_ALLOC(message_ptr);
+		if (!CFStringGetCString(message_ref, message_ptr, message_size, kCFStringEncodingUTF8)) {
+			git_error_set(GIT_ERROR_NET, "SecureTransport error: %d", (unsigned int)ret);
+			goto done;
+		}
+	}
-	git_error_set(GIT_ERROR_NET, "SecureTransport error: %s", CFStringGetCStringPtr(message, kCFStringEncodingUTF8));
-	CFRelease(message);
+	git_error_set(GIT_ERROR_NET, "SecureTransport error: %s", message_cstr);
+done:
+	git__free(message_ptr);
+	CFRelease(message_ref);
 #else
 	git_error_set(GIT_ERROR_NET, "SecureTransport error: OSStatus %d", (unsigned int)ret);
-	GIT_UNUSED(message);
+	GIT_UNUSED(message_ref);
+	GIT_UNUSED(message_cstr);
+	GIT_UNUSED(message_ptr);
 #endif
 	return -1;
@@ -236,6 +264,10 @@ static ssize_t stransport_read(git_stream *stream, void *data, size_t len)
 	OSStatus ret;
 	if ((ret = SSLRead(st->ctx, data, len, &processed)) != noErr) {
+		/* This specific SecureTransport error is not well described */
+		if (ret == -9806)
+			git_trace(GIT_TRACE_INFO, "SecureTraceport error during SSLRead: returned -9806 (connection closed via error)");
 		if (st->error == GIT_TIMEOUT)
 			return GIT_TIMEOUT;