RubyGems - rugged - Versions diffs - 1.7.2 → 1.9.0 - Mend

rugged 1.7.2 → 1.9.0

Files changed (361) hide show

checksums.yaml +4 -4
data/lib/rugged/version.rb +1 -1
data/vendor/libgit2/AUTHORS +1 -0
data/vendor/libgit2/CMakeLists.txt +23 -10
data/vendor/libgit2/COPYING +195 -1
data/vendor/libgit2/cmake/{FindIconv.cmake → FindIntlIconv.cmake} +6 -0
data/vendor/libgit2/cmake/FindLLHTTP.cmake +39 -0
data/vendor/libgit2/cmake/SelectGSSAPI.cmake +1 -1
data/vendor/libgit2/cmake/SelectHTTPParser.cmake +23 -8
data/vendor/libgit2/cmake/SelectHTTPSBackend.cmake +17 -8
data/vendor/libgit2/cmake/SelectHashes.cmake +28 -11
data/vendor/libgit2/cmake/SelectRegex.cmake +6 -1
data/vendor/libgit2/cmake/SelectSSH.cmake +22 -17
data/vendor/libgit2/cmake/SelectZlib.cmake +4 -0
data/vendor/libgit2/deps/llhttp/CMakeLists.txt +8 -0
data/vendor/libgit2/deps/llhttp/LICENSE-MIT +22 -0
data/vendor/libgit2/deps/llhttp/api.c +510 -0
data/vendor/libgit2/deps/llhttp/http.c +170 -0
data/vendor/libgit2/deps/llhttp/llhttp.c +10168 -0
data/vendor/libgit2/deps/llhttp/llhttp.h +897 -0
data/vendor/libgit2/deps/ntlmclient/CMakeLists.txt +1 -1
data/vendor/libgit2/deps/ntlmclient/crypt_builtin_md4.c +311 -0
data/vendor/libgit2/deps/ntlmclient/crypt_commoncrypto.c +2 -1
data/vendor/libgit2/deps/ntlmclient/crypt_mbedtls.c +0 -20
data/vendor/libgit2/deps/ntlmclient/crypt_openssl.c +4 -4
data/vendor/libgit2/deps/ntlmclient/ntlm.c +21 -21
data/vendor/libgit2/deps/ntlmclient/unicode_builtin.c +5 -4
data/vendor/libgit2/deps/ntlmclient/unicode_iconv.c +2 -1
data/vendor/libgit2/deps/ntlmclient/utf8.h +1176 -721
data/vendor/libgit2/deps/ntlmclient/util.h +11 -0
data/vendor/libgit2/deps/pcre/CMakeLists.txt +1 -0
data/vendor/libgit2/deps/xdiff/xmerge.c +2 -2
data/vendor/libgit2/deps/zlib/CMakeLists.txt +6 -1
data/vendor/libgit2/deps/zlib/LICENSE +22 -0
data/vendor/libgit2/deps/zlib/adler32.c +5 -27
data/vendor/libgit2/deps/zlib/crc32.c +94 -167
data/vendor/libgit2/deps/zlib/deflate.c +358 -435
data/vendor/libgit2/deps/zlib/deflate.h +41 -10
data/vendor/libgit2/deps/zlib/gzguts.h +13 -18
data/vendor/libgit2/deps/zlib/infback.c +17 -30
data/vendor/libgit2/deps/zlib/inffast.c +1 -4
data/vendor/libgit2/deps/zlib/inffast.h +1 -1
data/vendor/libgit2/deps/zlib/inflate.c +36 -102
data/vendor/libgit2/deps/zlib/inftrees.c +6 -11
data/vendor/libgit2/deps/zlib/inftrees.h +6 -6
data/vendor/libgit2/deps/zlib/trees.c +287 -352
data/vendor/libgit2/deps/zlib/zconf.h +23 -14
data/vendor/libgit2/deps/zlib/zlib.h +202 -202
data/vendor/libgit2/deps/zlib/zutil.c +18 -44
data/vendor/libgit2/deps/zlib/zutil.h +13 -33
data/vendor/libgit2/include/git2/annotated_commit.h +12 -5
data/vendor/libgit2/include/git2/apply.h +27 -6
data/vendor/libgit2/include/git2/attr.h +17 -4
data/vendor/libgit2/include/git2/blame.h +133 -28
data/vendor/libgit2/include/git2/blob.h +71 -28
data/vendor/libgit2/include/git2/branch.h +22 -15
data/vendor/libgit2/include/git2/buffer.h +6 -4
data/vendor/libgit2/include/git2/cert.h +2 -1
data/vendor/libgit2/include/git2/checkout.h +83 -32
data/vendor/libgit2/include/git2/cherrypick.h +10 -3
data/vendor/libgit2/include/git2/clone.h +25 -9
data/vendor/libgit2/include/git2/commit.h +132 -3
data/vendor/libgit2/include/git2/common.h +120 -63
data/vendor/libgit2/include/git2/config.h +93 -23
data/vendor/libgit2/include/git2/credential.h +30 -2
data/vendor/libgit2/include/git2/credential_helpers.h +1 -0
data/vendor/libgit2/include/git2/deprecated.h +133 -3
data/vendor/libgit2/include/git2/describe.h +13 -1
data/vendor/libgit2/include/git2/diff.h +38 -8
data/vendor/libgit2/include/git2/email.h +9 -29
data/vendor/libgit2/include/git2/errors.h +46 -73
data/vendor/libgit2/include/git2/filter.h +14 -7
data/vendor/libgit2/include/git2/global.h +8 -1
data/vendor/libgit2/include/git2/graph.h +3 -2
data/vendor/libgit2/include/git2/ignore.h +10 -0
data/vendor/libgit2/include/git2/index.h +99 -14
data/vendor/libgit2/include/git2/indexer.h +21 -4
data/vendor/libgit2/include/git2/mailmap.h +7 -1
data/vendor/libgit2/include/git2/merge.h +46 -1
data/vendor/libgit2/include/git2/message.h +2 -2
data/vendor/libgit2/include/git2/net.h +3 -1
data/vendor/libgit2/include/git2/notes.h +9 -6
data/vendor/libgit2/include/git2/object.h +9 -8
data/vendor/libgit2/include/git2/odb.h +91 -49
data/vendor/libgit2/include/git2/odb_backend.h +80 -52
data/vendor/libgit2/include/git2/oid.h +23 -24
data/vendor/libgit2/include/git2/oidarray.h +7 -1
data/vendor/libgit2/include/git2/pack.h +13 -1
data/vendor/libgit2/include/git2/patch.h +2 -3
data/vendor/libgit2/include/git2/pathspec.h +9 -0
data/vendor/libgit2/include/git2/proxy.h +10 -0
data/vendor/libgit2/include/git2/rebase.h +9 -6
data/vendor/libgit2/include/git2/refdb.h +2 -2
data/vendor/libgit2/include/git2/reflog.h +3 -2
data/vendor/libgit2/include/git2/refs.h +9 -6
data/vendor/libgit2/include/git2/refspec.h +14 -4
data/vendor/libgit2/include/git2/remote.h +94 -18
data/vendor/libgit2/include/git2/repository.h +57 -21
data/vendor/libgit2/include/git2/reset.h +16 -3
data/vendor/libgit2/include/git2/revert.h +9 -4
data/vendor/libgit2/include/git2/revparse.h +3 -3
data/vendor/libgit2/include/git2/revwalk.h +3 -2
data/vendor/libgit2/include/git2/signature.h +46 -1
data/vendor/libgit2/include/git2/stash.h +17 -3
data/vendor/libgit2/include/git2/status.h +10 -6
data/vendor/libgit2/include/git2/stdint.h +87 -85
data/vendor/libgit2/include/git2/strarray.h +2 -3
data/vendor/libgit2/include/git2/submodule.h +20 -9
data/vendor/libgit2/include/git2/sys/alloc.h +12 -0
data/vendor/libgit2/include/git2/sys/commit.h +77 -3
data/vendor/libgit2/include/git2/sys/commit_graph.h +103 -62
data/vendor/libgit2/include/git2/sys/config.h +80 -4
data/vendor/libgit2/include/git2/sys/credential.h +4 -3
data/vendor/libgit2/include/git2/sys/diff.h +21 -1
data/vendor/libgit2/include/git2/sys/email.h +7 -0
data/vendor/libgit2/include/git2/sys/errors.h +76 -0
data/vendor/libgit2/include/git2/sys/filter.h +66 -3
data/vendor/libgit2/include/git2/sys/hashsig.h +11 -0
data/vendor/libgit2/include/git2/sys/index.h +3 -2
data/vendor/libgit2/include/git2/sys/mempack.h +32 -2
data/vendor/libgit2/include/git2/sys/merge.h +55 -7
data/vendor/libgit2/include/git2/sys/midx.h +43 -4
data/vendor/libgit2/include/git2/sys/odb_backend.h +7 -3
data/vendor/libgit2/include/git2/sys/openssl.h +8 -1
data/vendor/libgit2/include/git2/sys/path.h +12 -1
data/vendor/libgit2/include/git2/sys/refdb_backend.h +40 -36
data/vendor/libgit2/include/git2/sys/refs.h +3 -2
data/vendor/libgit2/include/git2/sys/remote.h +8 -1
data/vendor/libgit2/include/git2/sys/repository.h +63 -3
data/vendor/libgit2/include/git2/sys/stream.h +11 -2
data/vendor/libgit2/include/git2/sys/transport.h +24 -3
data/vendor/libgit2/include/git2/tag.h +3 -1
data/vendor/libgit2/include/git2/trace.h +9 -3
data/vendor/libgit2/include/git2/transaction.h +3 -2
data/vendor/libgit2/include/git2/transport.h +11 -3
data/vendor/libgit2/include/git2/tree.h +16 -5
data/vendor/libgit2/include/git2/types.h +19 -3
data/vendor/libgit2/include/git2/version.h +44 -8
data/vendor/libgit2/include/git2/worktree.h +16 -6
data/vendor/libgit2/src/CMakeLists.txt +6 -4
data/vendor/libgit2/src/cli/CMakeLists.txt +2 -2
data/vendor/libgit2/src/cli/cmd.c +1 -1
data/vendor/libgit2/src/cli/cmd.h +4 -0
data/vendor/libgit2/src/cli/cmd_blame.c +287 -0
data/vendor/libgit2/src/cli/cmd_cat_file.c +6 -8
data/vendor/libgit2/src/cli/cmd_clone.c +5 -7
data/vendor/libgit2/src/cli/cmd_config.c +241 -0
data/vendor/libgit2/src/cli/cmd_hash_object.c +6 -8
data/vendor/libgit2/src/cli/cmd_help.c +6 -7
data/vendor/libgit2/src/cli/cmd_index_pack.c +114 -0
data/vendor/libgit2/src/cli/cmd_init.c +102 -0
data/vendor/libgit2/src/cli/common.c +168 -0
data/vendor/libgit2/src/cli/common.h +63 -0
data/vendor/libgit2/src/cli/error.h +1 -1
data/vendor/libgit2/src/cli/main.c +52 -24
data/vendor/libgit2/src/cli/opt.c +29 -3
data/vendor/libgit2/src/cli/opt.h +21 -3
data/vendor/libgit2/src/cli/opt_usage.c +102 -33
data/vendor/libgit2/src/cli/opt_usage.h +6 -1
data/vendor/libgit2/src/cli/progress.c +51 -2
data/vendor/libgit2/src/cli/progress.h +12 -0
data/vendor/libgit2/src/cli/unix/sighandler.c +2 -1
data/vendor/libgit2/src/cli/win32/precompiled.h +1 -1
data/vendor/libgit2/src/cli/win32/sighandler.c +1 -1
data/vendor/libgit2/src/libgit2/CMakeLists.txt +26 -8
data/vendor/libgit2/src/libgit2/apply.c +10 -13
data/vendor/libgit2/src/libgit2/attr.c +30 -13
data/vendor/libgit2/src/libgit2/attr_file.c +7 -2
data/vendor/libgit2/src/libgit2/attr_file.h +2 -0
data/vendor/libgit2/src/libgit2/attrcache.c +69 -33
data/vendor/libgit2/src/libgit2/attrcache.h +5 -9
data/vendor/libgit2/src/libgit2/blame.c +130 -44
data/vendor/libgit2/src/libgit2/blame.h +1 -0
data/vendor/libgit2/src/libgit2/cache.c +22 -17
data/vendor/libgit2/src/libgit2/cache.h +7 -9
data/vendor/libgit2/src/libgit2/checkout.c +34 -24
data/vendor/libgit2/src/libgit2/checkout.h +0 -2
data/vendor/libgit2/src/libgit2/cherrypick.c +1 -2
data/vendor/libgit2/src/libgit2/clone.c +186 -166
data/vendor/libgit2/src/libgit2/clone.h +4 -1
data/vendor/libgit2/src/libgit2/commit.c +92 -0
data/vendor/libgit2/src/libgit2/commit_graph.c +67 -56
data/vendor/libgit2/src/libgit2/commit_graph.h +1 -2
data/vendor/libgit2/src/libgit2/config.c +389 -298
data/vendor/libgit2/src/libgit2/config.cmake.in +3 -0
data/vendor/libgit2/src/libgit2/config.h +9 -4
data/vendor/libgit2/src/libgit2/config_backend.h +8 -10
data/vendor/libgit2/src/libgit2/config_cache.c +4 -5
data/vendor/libgit2/src/libgit2/config_file.c +99 -88
data/vendor/libgit2/src/libgit2/config_list.c +285 -0
data/vendor/libgit2/src/libgit2/config_list.h +32 -0
data/vendor/libgit2/src/libgit2/config_mem.c +194 -40
data/vendor/libgit2/src/libgit2/config_parse.c +10 -9
data/vendor/libgit2/src/libgit2/config_snapshot.c +24 -31
data/vendor/libgit2/src/libgit2/describe.c +24 -24
data/vendor/libgit2/src/libgit2/diff.c +1 -1
data/vendor/libgit2/src/libgit2/diff_driver.c +12 -19
data/vendor/libgit2/src/libgit2/diff_driver.h +2 -2
data/vendor/libgit2/src/libgit2/diff_generate.c +3 -3
data/vendor/libgit2/src/libgit2/diff_parse.c +2 -2
data/vendor/libgit2/src/libgit2/diff_print.c +65 -9
data/vendor/libgit2/src/libgit2/diff_tform.c +36 -8
data/vendor/libgit2/src/libgit2/email.c +1 -0
data/vendor/libgit2/src/libgit2/fetch.c +5 -3
data/vendor/libgit2/src/libgit2/filter.c +5 -5
data/vendor/libgit2/src/libgit2/git2.rc +3 -3
data/vendor/libgit2/src/libgit2/grafts.c +18 -20
data/vendor/libgit2/src/libgit2/grafts.h +0 -1
data/vendor/libgit2/src/libgit2/graph.c +1 -1
data/vendor/libgit2/src/libgit2/hashmap_oid.h +30 -0
data/vendor/libgit2/src/libgit2/ignore.c +9 -5
data/vendor/libgit2/src/libgit2/index.c +68 -90
data/vendor/libgit2/src/libgit2/index.h +2 -2
data/vendor/libgit2/src/libgit2/index_map.c +95 -0
data/vendor/libgit2/src/libgit2/index_map.h +28 -0
data/vendor/libgit2/src/libgit2/indexer.c +34 -38
data/vendor/libgit2/src/libgit2/iterator.c +14 -8
data/vendor/libgit2/src/libgit2/libgit2.c +153 -368
data/vendor/libgit2/src/libgit2/mailmap.c +1 -1
data/vendor/libgit2/src/libgit2/merge.c +42 -37
data/vendor/libgit2/src/libgit2/merge_driver.c +2 -2
data/vendor/libgit2/src/libgit2/midx.c +28 -15
data/vendor/libgit2/src/libgit2/mwindow.c +38 -45
data/vendor/libgit2/src/libgit2/mwindow.h +4 -0
data/vendor/libgit2/src/libgit2/object.c +6 -5
data/vendor/libgit2/src/libgit2/odb.c +5 -4
data/vendor/libgit2/src/libgit2/odb_mempack.c +49 -17
data/vendor/libgit2/src/libgit2/odb_pack.c +13 -5
data/vendor/libgit2/src/libgit2/oid.c +32 -5
data/vendor/libgit2/src/libgit2/oid.h +11 -0
data/vendor/libgit2/src/libgit2/pack-objects.c +58 -31
data/vendor/libgit2/src/libgit2/pack-objects.h +12 -4
data/vendor/libgit2/src/libgit2/pack.c +30 -24
data/vendor/libgit2/src/libgit2/pack.h +15 -10
data/vendor/libgit2/src/libgit2/patch_parse.c +2 -2
data/vendor/libgit2/src/libgit2/path.c +1 -1
data/vendor/libgit2/src/libgit2/pathspec.c +1 -1
data/vendor/libgit2/src/libgit2/push.c +79 -28
data/vendor/libgit2/src/libgit2/push.h +1 -0
data/vendor/libgit2/src/libgit2/refdb_fs.c +128 -61
data/vendor/libgit2/src/libgit2/reflog.c +1 -2
data/vendor/libgit2/src/libgit2/reflog.h +2 -0
data/vendor/libgit2/src/libgit2/refs.c +26 -7
data/vendor/libgit2/src/libgit2/refs.h +6 -1
data/vendor/libgit2/src/libgit2/refspec.c +28 -1
data/vendor/libgit2/src/libgit2/refspec.h +8 -0
data/vendor/libgit2/src/libgit2/remote.c +121 -61
data/vendor/libgit2/src/libgit2/repository.c +231 -51
data/vendor/libgit2/src/libgit2/repository.h +10 -6
data/vendor/libgit2/src/libgit2/revert.c +1 -2
data/vendor/libgit2/src/libgit2/revparse.c +2 -2
data/vendor/libgit2/src/libgit2/revwalk.c +13 -10
data/vendor/libgit2/src/libgit2/revwalk.h +3 -3
data/vendor/libgit2/src/libgit2/settings.c +468 -0
data/vendor/libgit2/src/libgit2/settings.h +6 -2
data/vendor/libgit2/src/libgit2/signature.c +132 -15
data/vendor/libgit2/src/libgit2/signature.h +0 -1
data/vendor/libgit2/src/libgit2/status.c +1 -1
data/vendor/libgit2/src/libgit2/streams/mbedtls.c +54 -60
data/vendor/libgit2/src/libgit2/streams/openssl.c +32 -7
data/vendor/libgit2/src/libgit2/streams/openssl.h +2 -0
data/vendor/libgit2/src/libgit2/streams/openssl_dynamic.c +4 -0
data/vendor/libgit2/src/libgit2/streams/openssl_dynamic.h +3 -0
data/vendor/libgit2/src/libgit2/streams/stransport.c +39 -7
data/vendor/libgit2/src/libgit2/submodule.c +106 -63
data/vendor/libgit2/src/libgit2/submodule.h +6 -7
data/vendor/libgit2/src/libgit2/tag.c +1 -1
data/vendor/libgit2/src/libgit2/trailer.c +6 -6
data/vendor/libgit2/src/libgit2/transaction.c +26 -20
data/vendor/libgit2/src/libgit2/transaction.h +4 -1
data/vendor/libgit2/src/libgit2/transport.c +4 -1
data/vendor/libgit2/src/libgit2/transports/credential.c +1 -1
data/vendor/libgit2/src/libgit2/transports/http.c +1 -2
data/vendor/libgit2/src/libgit2/transports/http.h +0 -10
data/vendor/libgit2/src/libgit2/transports/httpclient.c +112 -72
data/vendor/libgit2/src/libgit2/transports/httpparser.c +128 -0
data/vendor/libgit2/src/libgit2/transports/httpparser.h +99 -0
data/vendor/libgit2/src/libgit2/transports/local.c +8 -7
data/vendor/libgit2/src/libgit2/transports/smart.c +20 -8
data/vendor/libgit2/src/libgit2/transports/smart.h +4 -2
data/vendor/libgit2/src/libgit2/transports/smart_pkt.c +2 -2
data/vendor/libgit2/src/libgit2/transports/smart_protocol.c +55 -10
data/vendor/libgit2/src/libgit2/transports/ssh.c +41 -1103
data/vendor/libgit2/src/libgit2/transports/ssh_exec.c +347 -0
data/vendor/libgit2/src/libgit2/transports/ssh_exec.h +26 -0
data/vendor/libgit2/src/libgit2/transports/ssh_libssh2.c +1126 -0
data/vendor/libgit2/src/libgit2/transports/ssh_libssh2.h +28 -0
data/vendor/libgit2/src/libgit2/transports/winhttp.c +35 -7
data/vendor/libgit2/src/libgit2/tree.c +34 -26
data/vendor/libgit2/src/libgit2/tree.h +3 -2
data/vendor/libgit2/src/libgit2/worktree.c +14 -17
data/vendor/libgit2/src/util/CMakeLists.txt +4 -6
data/vendor/libgit2/src/util/alloc.c +4 -1
data/vendor/libgit2/src/util/allocators/debugalloc.c +73 -0
data/vendor/libgit2/src/{cli/cli.h → util/allocators/debugalloc.h} +6 -9
data/vendor/libgit2/src/util/allocators/stdalloc.c +0 -10
data/vendor/libgit2/src/util/array.h +18 -17
data/vendor/libgit2/src/util/cc-compat.h +2 -0
data/vendor/libgit2/src/util/ctype_compat.h +70 -0
data/vendor/libgit2/src/util/date.c +22 -14
data/vendor/libgit2/src/util/date.h +12 -0
data/vendor/libgit2/src/util/errors.c +401 -0
data/vendor/libgit2/src/{libgit2 → util}/errors.h +21 -17
data/vendor/libgit2/src/util/fs_path.c +15 -4
data/vendor/libgit2/src/util/fs_path.h +23 -0
data/vendor/libgit2/src/util/futils.c +6 -5
data/vendor/libgit2/src/util/futils.h +13 -4
data/vendor/libgit2/src/util/git2_features.h.in +12 -1
data/vendor/libgit2/src/util/git2_util.h +6 -0
data/vendor/libgit2/src/util/hash/openssl.c +152 -0
data/vendor/libgit2/src/util/hash/openssl.h +17 -1
data/vendor/libgit2/src/util/hash/sha.h +4 -1
data/vendor/libgit2/src/util/hashmap.h +424 -0
data/vendor/libgit2/src/util/hashmap_str.h +43 -0
data/vendor/libgit2/src/util/integer.h +3 -1
data/vendor/libgit2/src/util/net.c +13 -7
data/vendor/libgit2/src/util/net.h +2 -0
data/vendor/libgit2/src/util/pool.c +1 -1
data/vendor/libgit2/src/util/pool.h +5 -0
data/vendor/libgit2/src/util/pqueue.h +1 -1
data/vendor/libgit2/src/util/process.h +222 -0
data/vendor/libgit2/src/util/rand.c +1 -7
data/vendor/libgit2/src/util/regexp.c +1 -1
data/vendor/libgit2/src/util/sortedcache.c +14 -13
data/vendor/libgit2/src/util/sortedcache.h +3 -3
data/vendor/libgit2/src/util/str.c +2 -2
data/vendor/libgit2/src/util/strlist.c +108 -0
data/vendor/libgit2/src/util/strlist.h +36 -0
data/vendor/libgit2/src/util/unix/posix.h +0 -2
data/vendor/libgit2/src/util/unix/process.c +629 -0
data/vendor/libgit2/src/util/unix/realpath.c +23 -5
data/vendor/libgit2/src/util/util.c +2 -2
data/vendor/libgit2/src/util/util.h +4 -38
data/vendor/libgit2/src/util/vector.c +3 -3
data/vendor/libgit2/src/util/vector.h +2 -2
data/vendor/libgit2/src/util/win32/posix_w32.c +29 -6
data/vendor/libgit2/src/util/win32/process.c +506 -0
metadata +45 -28
data/vendor/libgit2/deps/http-parser/CMakeLists.txt +0 -6
data/vendor/libgit2/deps/http-parser/COPYING +0 -23
data/vendor/libgit2/deps/http-parser/http_parser.c +0 -2182
data/vendor/libgit2/deps/http-parser/http_parser.h +0 -305
data/vendor/libgit2/deps/zlib/COPYING +0 -27
data/vendor/libgit2/include/git2/sys/reflog.h +0 -21
data/vendor/libgit2/src/libgit2/config_entries.c +0 -237
data/vendor/libgit2/src/libgit2/config_entries.h +0 -24
data/vendor/libgit2/src/libgit2/errors.c +0 -293
data/vendor/libgit2/src/libgit2/idxmap.c +0 -157
data/vendor/libgit2/src/libgit2/idxmap.h +0 -177
data/vendor/libgit2/src/libgit2/libgit2.h +0 -15
data/vendor/libgit2/src/libgit2/offmap.c +0 -101
data/vendor/libgit2/src/libgit2/offmap.h +0 -133
data/vendor/libgit2/src/libgit2/oidmap.c +0 -107
data/vendor/libgit2/src/libgit2/oidmap.h +0 -128
data/vendor/libgit2/src/libgit2/threadstate.c +0 -97
data/vendor/libgit2/src/libgit2/threadstate.h +0 -22
data/vendor/libgit2/src/libgit2/transports/ssh.h +0 -14
data/vendor/libgit2/src/util/khash.h +0 -615
data/vendor/libgit2/src/util/strmap.c +0 -100
data/vendor/libgit2/src/util/strmap.h +0 -131
/data/vendor/libgit2/cmake/{FindHTTPParser.cmake → FindHTTP_Parser.cmake} +0 -0

data/vendor/libgit2/src/libgit2/streams/mbedtls.c CHANGED Viewed

@@ -32,7 +32,6 @@
 # endif
 #endif
-#include <mbedtls/config.h>
 #include <mbedtls/ssl.h>
 #include <mbedtls/error.h>
 #include <mbedtls/entropy.h>
@@ -40,12 +39,18 @@
 #undef inline
-#define GIT_SSL_DEFAULT_CIPHERS "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-DSS-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-DSS-WITH-AES-256-GCM-SHA384:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-128-CBC-SHA256:TLS-DHE-DSS-WITH-AES-256-CBC-SHA256:TLS-DHE-DSS-WITH-AES-128-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-128-GCM-SHA256:TLS-RSA-WITH-AES-256-GCM-SHA384:TLS-RSA-WITH-AES-128-CBC-SHA256:TLS-RSA-WITH-AES-256-CBC-SHA256:TLS-RSA-WITH-AES-128-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA"
-#define GIT_SSL_DEFAULT_CIPHERS_COUNT 30
+#define GIT_SSL_DEFAULT_CIPHERS "TLS1-3-AES-128-GCM-SHA256:TLS1-3-AES-256-GCM-SHA384:TLS1-3-CHACHA20-POLY1305-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256:TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA:TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-RSA-WITH-AES-128-GCM-SHA256:TLS-RSA-WITH-AES-256-GCM-SHA384:TLS-RSA-WITH-AES-128-CBC-SHA256:TLS-RSA-WITH-AES-256-CBC-SHA256:TLS-RSA-WITH-AES-128-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA"
+#define GIT_SSL_DEFAULT_CIPHERS_COUNT 28
-static mbedtls_ssl_config *git__ssl_conf;
 static int ciphers_list[GIT_SSL_DEFAULT_CIPHERS_COUNT];
-static mbedtls_entropy_context *mbedtls_entropy;
+static bool initialized = false;
+static mbedtls_ssl_config mbedtls_config;
+static mbedtls_ctr_drbg_context mbedtls_rng;
+static mbedtls_entropy_context mbedtls_entropy;
+static bool has_ca_chain = false;
+static mbedtls_x509_crt mbedtls_ca_chain;
 /**
  * This function aims to clean-up the SSL context which
@@ -53,19 +58,16 @@ static mbedtls_entropy_context *mbedtls_entropy;
  */
 static void shutdown_ssl(void)
 {
-	if (git__ssl_conf) {
-		mbedtls_x509_crt_free(git__ssl_conf->ca_chain);
-		git__free(git__ssl_conf->ca_chain);
-		mbedtls_ctr_drbg_free(git__ssl_conf->p_rng);
-		git__free(git__ssl_conf->p_rng);
-		mbedtls_ssl_config_free(git__ssl_conf);
-		git__free(git__ssl_conf);
-		git__ssl_conf = NULL;
+	if (has_ca_chain) {
+		mbedtls_x509_crt_free(&mbedtls_ca_chain);
+		has_ca_chain = false;
 	}
-	if (mbedtls_entropy) {
-		mbedtls_entropy_free(mbedtls_entropy);
-		git__free(mbedtls_entropy);
-		mbedtls_entropy = NULL;
+	if (initialized) {
+		mbedtls_ctr_drbg_free(&mbedtls_rng);
+		mbedtls_ssl_config_free(&mbedtls_config);
+		mbedtls_entropy_free(&mbedtls_entropy);
+		initialized = false;
 	}
 }
@@ -74,32 +76,33 @@ int git_mbedtls_stream_global_init(void)
 	int loaded = 0;
 	char *crtpath = GIT_DEFAULT_CERT_LOCATION;
 	struct stat statbuf;
-	mbedtls_ctr_drbg_context *ctr_drbg = NULL;
 	size_t ciphers_known = 0;
 	char *cipher_name = NULL;
 	char *cipher_string = NULL;
 	char *cipher_string_tmp = NULL;
-	git__ssl_conf = git__malloc(sizeof(mbedtls_ssl_config));
-	GIT_ERROR_CHECK_ALLOC(git__ssl_conf);
+	mbedtls_ssl_config_init(&mbedtls_config);
+	mbedtls_entropy_init(&mbedtls_entropy);
+	mbedtls_ctr_drbg_init(&mbedtls_rng);
-	mbedtls_ssl_config_init(git__ssl_conf);
-	if (mbedtls_ssl_config_defaults(git__ssl_conf,
-		                            MBEDTLS_SSL_IS_CLIENT,
-		                            MBEDTLS_SSL_TRANSPORT_STREAM,
-		                            MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
+	if (mbedtls_ssl_config_defaults(&mbedtls_config,
+	                                MBEDTLS_SSL_IS_CLIENT,
+	                                MBEDTLS_SSL_TRANSPORT_STREAM,
+	                                MBEDTLS_SSL_PRESET_DEFAULT) != 0) {
 		git_error_set(GIT_ERROR_SSL, "failed to initialize mbedTLS");
 		goto cleanup;
 	}
-	/* configure TLSv1 */
-	mbedtls_ssl_conf_min_version(git__ssl_conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0);
+	/* configure TLSv1.1 or better */
+#ifdef MBEDTLS_SSL_MINOR_VERSION_2
+	mbedtls_ssl_conf_min_version(&mbedtls_config, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_2);
+#endif
 	/* verify_server_cert is responsible for making the check.
 	 * OPTIONAL because REQUIRED drops the certificate as soon as the check
 	 * is made, so we can never see the certificate and override it. */
-	mbedtls_ssl_conf_authmode(git__ssl_conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
+	mbedtls_ssl_conf_authmode(&mbedtls_config, MBEDTLS_SSL_VERIFY_OPTIONAL);
 	/* set the list of allowed ciphersuites */
 	ciphers_known = 0;
@@ -123,42 +126,33 @@ int git_mbedtls_stream_global_init(void)
 		git_error_set(GIT_ERROR_SSL, "no cipher could be enabled");
 		goto cleanup;
 	}
-	mbedtls_ssl_conf_ciphersuites(git__ssl_conf, ciphers_list);
+	mbedtls_ssl_conf_ciphersuites(&mbedtls_config, ciphers_list);
 	/* Seeding the random number generator */
-	mbedtls_entropy = git__malloc(sizeof(mbedtls_entropy_context));
-	GIT_ERROR_CHECK_ALLOC(mbedtls_entropy);
-	mbedtls_entropy_init(mbedtls_entropy);
-	ctr_drbg = git__malloc(sizeof(mbedtls_ctr_drbg_context));
-	GIT_ERROR_CHECK_ALLOC(ctr_drbg);
-	mbedtls_ctr_drbg_init(ctr_drbg);
-	if (mbedtls_ctr_drbg_seed(ctr_drbg,
-		                      mbedtls_entropy_func,
-		                      mbedtls_entropy, NULL, 0) != 0) {
+	if (mbedtls_ctr_drbg_seed(&mbedtls_rng, mbedtls_entropy_func,
+			&mbedtls_entropy, NULL, 0) != 0) {
 		git_error_set(GIT_ERROR_SSL, "failed to initialize mbedTLS entropy pool");
 		goto cleanup;
 	}
-	mbedtls_ssl_conf_rng(git__ssl_conf, mbedtls_ctr_drbg_random, ctr_drbg);
+	mbedtls_ssl_conf_rng(&mbedtls_config, mbedtls_ctr_drbg_random, &mbedtls_rng);
 	/* load default certificates */
 	if (crtpath != NULL && stat(crtpath, &statbuf) == 0 && S_ISREG(statbuf.st_mode))
 		loaded = (git_mbedtls__set_cert_location(crtpath, NULL) == 0);
 	if (!loaded && crtpath != NULL && stat(crtpath, &statbuf) == 0 && S_ISDIR(statbuf.st_mode))
 		loaded = (git_mbedtls__set_cert_location(NULL, crtpath) == 0);
+	initialized = true;
 	return git_runtime_shutdown_register(shutdown_ssl);
 cleanup:
-	mbedtls_ctr_drbg_free(ctr_drbg);
-	git__free(ctr_drbg);
-	mbedtls_ssl_config_free(git__ssl_conf);
-	git__free(git__ssl_conf);
-	git__ssl_conf = NULL;
+	mbedtls_ctr_drbg_free(&mbedtls_rng);
+	mbedtls_ssl_config_free(&mbedtls_config);
+	mbedtls_entropy_free(&mbedtls_entropy);
 	return -1;
 }
@@ -192,7 +186,7 @@ static int ssl_set_error(mbedtls_ssl_context *ssl, int error)
 		break;
 	case MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:
-		git_error_set(GIT_ERROR_SSL, "SSL error: %#04x [%x] - %s", error, ssl->session_negotiate->verify_result, errbuf);
+		git_error_set(GIT_ERROR_SSL, "SSL error: %#04x [%x] - %s", error, mbedtls_ssl_get_verify_result(ssl), errbuf);
 		ret = GIT_ECERTIFICATE;
 		break;
@@ -374,7 +368,7 @@ static int mbedtls_stream_wrap(
 	st->ssl = git__malloc(sizeof(mbedtls_ssl_context));
 	GIT_ERROR_CHECK_ALLOC(st->ssl);
 	mbedtls_ssl_init(st->ssl);
-	if (mbedtls_ssl_setup(st->ssl, git__ssl_conf)) {
+	if (mbedtls_ssl_setup(st->ssl, &mbedtls_config)) {
 		git_error_set(GIT_ERROR_SSL, "failed to create ssl object");
 		error = -1;
 		goto out_err;
@@ -441,30 +435,30 @@ int git_mbedtls__set_cert_location(const char *file, const char *path)
 {
 	int ret = 0;
 	char errbuf[512];
-	mbedtls_x509_crt *cacert;
 	GIT_ASSERT_ARG(file || path);
-	cacert = git__malloc(sizeof(mbedtls_x509_crt));
-	GIT_ERROR_CHECK_ALLOC(cacert);
+	if (has_ca_chain)
+		mbedtls_x509_crt_free(&mbedtls_ca_chain);
+	mbedtls_x509_crt_init(&mbedtls_ca_chain);
-	mbedtls_x509_crt_init(cacert);
 	if (file)
-		ret = mbedtls_x509_crt_parse_file(cacert, file);
+		ret = mbedtls_x509_crt_parse_file(&mbedtls_ca_chain, file);
 	if (ret >= 0 && path)
-		ret = mbedtls_x509_crt_parse_path(cacert, path);
+		ret = mbedtls_x509_crt_parse_path(&mbedtls_ca_chain, path);
 	/* mbedtls_x509_crt_parse_path returns the number of invalid certs on success */
 	if (ret < 0) {
-		mbedtls_x509_crt_free(cacert);
-		git__free(cacert);
+		mbedtls_x509_crt_free(&mbedtls_ca_chain);
 		mbedtls_strerror( ret, errbuf, 512 );
 		git_error_set(GIT_ERROR_SSL, "failed to load CA certificates: %#04x - %s", ret, errbuf);
 		return -1;
 	}
-	mbedtls_x509_crt_free(git__ssl_conf->ca_chain);
-	git__free(git__ssl_conf->ca_chain);
-	mbedtls_ssl_conf_ca_chain(git__ssl_conf, cacert, NULL);
+	mbedtls_ssl_conf_ca_chain(&mbedtls_config, &mbedtls_ca_chain, NULL);
+	has_ca_chain = true;
 	return 0;
 }

data/vendor/libgit2/src/libgit2/streams/openssl.c CHANGED Viewed

@@ -36,10 +36,11 @@
 # include <openssl/bio.h>
 #endif
-SSL_CTX *git__ssl_ctx;
+extern char *git__ssl_ciphers;
-#define GIT_SSL_DEFAULT_CIPHERS "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA"
+SSL_CTX *git__ssl_ctx;
+#define GIT_SSL_DEFAULT_CIPHERS "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA"
 static BIO_METHOD *git_stream_bio_method;
 static int init_bio_method(void);
@@ -105,7 +106,7 @@ static void git_openssl_free(void *mem)
 static int openssl_init(void)
 {
 	long ssl_opts = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
-	const char *ciphers = git_libgit2__ssl_ciphers();
+	const char *ciphers = git__ssl_ciphers;
 #ifdef VALGRIND
 	static bool allocators_initialized = false;
 #endif
@@ -133,10 +134,10 @@ static int openssl_init(void)
 	OPENSSL_init_ssl(0, NULL);
 	/*
-	 * Load SSLv{2,3} and TLSv1 so that we can talk with servers
-	 * which use the SSL hellos, which are often used for
-	 * compatibility. We then disable SSL so we only allow OpenSSL
-	 * to speak TLSv1 to perform the encryption itself.
+	 * Despite the name SSLv23_method, this is actually a version-
+	 * flexible context, which honors the protocol versions
+	 * specified in `ssl_opts`. So we only support TLSv1.0 and
+	 * higher.
 	 */
 	if (!(git__ssl_ctx = SSL_CTX_new(SSLv23_method())))
 		goto error;
@@ -720,6 +721,30 @@ int git_openssl__set_cert_location(const char *file, const char *path)
 	return 0;
 }
+int git_openssl__add_x509_cert(X509 *cert)
+{
+	X509_STORE *cert_store;
+	if (openssl_ensure_initialized() < 0)
+		return -1;
+	if (!(cert_store = SSL_CTX_get_cert_store(git__ssl_ctx)))
+		return -1;
+	if (cert && X509_STORE_add_cert(cert_store, cert) == 0) {
+		git_error_set(GIT_ERROR_SSL, "OpenSSL error: failed to add raw X509 certificate");
+		return -1;
+	}
+	return 0;
+}
+int git_openssl__reset_context(void)
+{
+	shutdown_ssl();
+	return openssl_init();
+}
 #else
 #include "stream.h"

data/vendor/libgit2/src/libgit2/streams/openssl.h CHANGED Viewed

@@ -24,6 +24,8 @@ extern int git_openssl_stream_global_init(void);
 #ifdef GIT_OPENSSL
 extern int git_openssl__set_cert_location(const char *file, const char *path);
+extern int git_openssl__add_x509_cert(X509 *cert);
+extern int git_openssl__reset_context(void);
 extern int git_openssl_stream_new(git_stream **out, const char *host, const char *port);
 extern int git_openssl_stream_wrap(git_stream **out, git_stream *in, const char *host);
 #endif

data/vendor/libgit2/src/libgit2/streams/openssl_dynamic.c CHANGED Viewed

@@ -65,6 +65,7 @@ int (*SSL_write)(SSL *ssl, const void *buf, int num);
 long (*SSL_CTX_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
 void (*SSL_CTX_free)(SSL_CTX *ctx);
 SSL_CTX *(*SSL_CTX_new)(const SSL_METHOD *method);
+X509_STORE *(*SSL_CTX_get_cert_store)(const SSL_CTX *);
 int (*SSL_CTX_set_cipher_list)(SSL_CTX *ctx, const char *str);
 int (*SSL_CTX_set_default_verify_paths)(SSL_CTX *ctx);
 long (*SSL_CTX_set_options)(SSL_CTX *ctx, long options);
@@ -80,6 +81,7 @@ int (*X509_NAME_get_index_by_NID)(X509_NAME *name, int nid, int lastpos);
 void (*X509_free)(X509 *a);
 void *(*X509_get_ext_d2i)(const X509 *x, int nid, int *crit, int *idx);
 X509_NAME *(*X509_get_subject_name)(const X509 *x);
+int (*X509_STORE_add_cert)(X509_STORE *ctx, X509 *x);
 int (*i2d_X509)(X509 *a, unsigned char **ppout);
@@ -194,6 +196,7 @@ int git_openssl_stream_dynamic_init(void)
 	SSL_CTX_ctrl = (long (*)(SSL_CTX *, int, long, void *))openssl_sym(&err, "SSL_CTX_ctrl", true);
 	SSL_CTX_free = (void (*)(SSL_CTX *))openssl_sym(&err, "SSL_CTX_free", true);
 	SSL_CTX_new = (SSL_CTX *(*)(const SSL_METHOD *))openssl_sym(&err, "SSL_CTX_new", true);
+	SSL_CTX_get_cert_store = (X509_STORE *(*)(const SSL_CTX *))openssl_sym(&err, "SSL_CTX_get_cert_store", true);
 	SSL_CTX_set_cipher_list = (int (*)(SSL_CTX *, const char *))openssl_sym(&err, "SSL_CTX_set_cipher_list", true);
 	SSL_CTX_set_default_verify_paths = (int (*)(SSL_CTX *ctx))openssl_sym(&err, "SSL_CTX_set_default_verify_paths", true);
 	SSL_CTX_set_options = (long (*)(SSL_CTX *, long))openssl_sym(&err, "SSL_CTX_set_options", false);
@@ -209,6 +212,7 @@ int git_openssl_stream_dynamic_init(void)
 	X509_free = (void (*)(X509 *))openssl_sym(&err, "X509_free", true);
 	X509_get_ext_d2i = (void *(*)(const X509 *x, int nid, int *crit, int *idx))openssl_sym(&err, "X509_get_ext_d2i", true);
 	X509_get_subject_name = (X509_NAME *(*)(const X509 *))openssl_sym(&err, "X509_get_subject_name", true);
+	X509_STORE_add_cert = (int (*)(X509_STORE *ctx, X509 *x))openssl_sym(&err, "X509_STORE_add_cert", true);
 	i2d_X509 = (int (*)(X509 *a, unsigned char **ppout))openssl_sym(&err, "i2d_X509", true);

data/vendor/libgit2/src/libgit2/streams/openssl_dynamic.h CHANGED Viewed

@@ -204,6 +204,7 @@ typedef void SSL_METHOD;
 typedef void X509;
 typedef void X509_NAME;
 typedef void X509_NAME_ENTRY;
+typedef void X509_STORE;
 typedef void X509_STORE_CTX;
 typedef struct {
@@ -309,6 +310,7 @@ extern int (*SSL_write)(SSL *ssl, const void *buf, int num);
 extern long (*SSL_CTX_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
 extern void (*SSL_CTX_free)(SSL_CTX *ctx);
 extern SSL_CTX *(*SSL_CTX_new)(const SSL_METHOD *method);
+extern X509_STORE *(*SSL_CTX_get_cert_store)(const SSL_CTX *ctx);
 extern int (*SSL_CTX_set_cipher_list)(SSL_CTX *ctx, const char *str);
 extern int (*SSL_CTX_set_default_verify_paths)(SSL_CTX *ctx);
 extern long (*SSL_CTX_set_options)(SSL_CTX *ctx, long options);
@@ -326,6 +328,7 @@ extern int (*X509_NAME_get_index_by_NID)(X509_NAME *name, int nid, int lastpos);
 extern void (*X509_free)(X509 *a);
 extern void *(*X509_get_ext_d2i)(const X509 *x, int nid, int *crit, int *idx);
 extern X509_NAME *(*X509_get_subject_name)(const X509 *x);
+extern int (*X509_STORE_add_cert)(X509_STORE *ctx, X509 *x);
 extern int (*i2d_X509)(X509 *a, unsigned char **ppout);

data/vendor/libgit2/src/libgit2/streams/stransport.c CHANGED Viewed

@@ -13,13 +13,16 @@
 #include <Security/SecureTransport.h>
 #include <Security/SecCertificate.h>
+#include "common.h"
+#include "trace.h"
 #include "git2/transport.h"
 #include "streams/socket.h"
 static int stransport_error(OSStatus ret)
 {
-	CFStringRef message;
+	CFStringRef message_ref = NULL;
+	const char *message_cstr = NULL;
+	char *message_ptr = NULL;
 	if (ret == noErr || ret == errSSLClosedGraceful) {
 		git_error_clear();
@@ -27,14 +30,39 @@ static int stransport_error(OSStatus ret)
 	}
 #if !TARGET_OS_IPHONE
-	message = SecCopyErrorMessageString(ret, NULL);
-	GIT_ERROR_CHECK_ALLOC(message);
+	message_ref = SecCopyErrorMessageString(ret, NULL);
+	GIT_ERROR_CHECK_ALLOC(message_ref);
+	/*
+	 * Attempt the cheap CFString conversion; this can return NULL
+	 * when that would be expensive. In that case, call the more
+	 * expensive function.
+	 */
+	message_cstr = CFStringGetCStringPtr(message_ref, kCFStringEncodingUTF8);
+	if (!message_cstr) {
+		/* Provide buffer to convert from UTF16 to UTF8 */
+		size_t message_size = CFStringGetLength(message_ref) * 2 + 1;
+		message_cstr = message_ptr = git__malloc(message_size);
+		GIT_ERROR_CHECK_ALLOC(message_ptr);
+		if (!CFStringGetCString(message_ref, message_ptr, message_size, kCFStringEncodingUTF8)) {
+			git_error_set(GIT_ERROR_NET, "SecureTransport error: %d", (unsigned int)ret);
+			goto done;
+		}
+	}
-	git_error_set(GIT_ERROR_NET, "SecureTransport error: %s", CFStringGetCStringPtr(message, kCFStringEncodingUTF8));
-	CFRelease(message);
+	git_error_set(GIT_ERROR_NET, "SecureTransport error: %s", message_cstr);
+done:
+	git__free(message_ptr);
+	CFRelease(message_ref);
 #else
 	git_error_set(GIT_ERROR_NET, "SecureTransport error: OSStatus %d", (unsigned int)ret);
-	GIT_UNUSED(message);
+	GIT_UNUSED(message_ref);
+	GIT_UNUSED(message_cstr);
+	GIT_UNUSED(message_ptr);
 #endif
 	return -1;
@@ -236,6 +264,10 @@ static ssize_t stransport_read(git_stream *stream, void *data, size_t len)
 	OSStatus ret;
 	if ((ret = SSLRead(st->ctx, data, len, &processed)) != noErr) {
+		/* This specific SecureTransport error is not well described */
+		if (ret == -9806)
+			git_trace(GIT_TRACE_INFO, "SecureTraceport error during SSLRead: returned -9806 (connection closed via error)");
 		if (st->error == GIT_TIMEOUT)
 			return GIT_TIMEOUT;