aboutsummaryrefslogtreecommitdiff
path: root/http.c
Commit message (Collapse)AuthorAge
* http: make curl callbacks match contracts from curl headerDan McGee2011-05-04
| | | | | | | | | | | Yes, these don't match perfectly with the void* first parameter of the fread/fwrite in the standard library, but they do match the curl expected method signature. This is needed when a refactor passes a curl_write_callback around, which would otherwise give incorrect parameter warnings. Signed-off-by: Dan McGee <dpmcgee@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* Merge branch 'sp/maint-clear-postfields'Junio C Hamano2011-04-28
|\ | | | | | | | | * sp/maint-clear-postfields: http: clear POSTFIELDS when initializing a slot
| * http: clear POSTFIELDS when initializing a slotJunio C Hamano2011-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | After posting a short request using CURLOPT_POSTFIELDS, if the slot is reused for posting a large payload, the slot ends up having both POSTFIELDS (which now points at a random garbage) and READFUNCTION, in which case the curl library tries to use the stale POSTFIELDS. Clear it as part of the general slot initialization in get_active_slot(). Heavylifting-by: Shawn Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com> Acked-by: Shawn Pearce <spearce@spearce.org>
* | Merge branch 'tc/http-urls-ends-with-slash'Junio C Hamano2010-12-12
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tc/http-urls-ends-with-slash: http-fetch: rework url handling http-push: add trailing slash at arg-parse time, instead of later on http-push: check path length before using it http-push: Normalise directory names when pushing to some WebDAV servers http-backend: use end_url_with_slash() url: add str wrapper for end_url_with_slash() shift end_url_with_slash() from http.[ch] to url.[ch] t5550-http-fetch: add test for http-fetch t5550-http-fetch: add missing '&&'
| * | shift end_url_with_slash() from http.[ch] to url.[ch]Tay Ray Chuan2010-11-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | This allows non-http/curl users to access it too (eg. http-backend.c). Update include headers in end_url_with_slash() users too. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | | Merge branch 'gc/http-with-non-ascii-username-url'Junio C Hamano2010-12-08
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * gc/http-with-non-ascii-username-url: Fix username and password extraction from HTTP URLs t5550: test HTTP authentication and userinfo decoding Conflicts: t/lib-httpd/apache.conf
| * | | Fix username and password extraction from HTTP URLsGabriel Corona2010-11-17
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | Change the authentification initialisation to percent-decode username and password for HTTP URLs. Signed-off-by: Gabriel Corona <gabriel.corona@enst-bretagne.fr> Acked-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | | smart-http: Don't change POST to GET when following redirectTay Ray Chuan2010-09-27
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For a long time (29508e1 "Isolate shared HTTP request functionality", Fri Nov 18 11:02:58 2005), we've followed HTTP redirects with CURLOPT_FOLLOWLOCATION. However, when the remote HTTP server returns a redirect the default libcurl action is to change a POST request into a GET request while following the redirect, but the remote http backend does not expect that. Fix this by telling libcurl to always keep the request as type POST with CURLOPT_POSTREDIR. For users of libcurl older than 7.19.1, use CURLOPT_POST301 instead, which only follows 301s instead of both 301s and 302s. Signed-off-by: Andreas Schwab <schwab@linux-m68k.org> Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | Allow HTTP user agent string to be modified.Spencer E. Olson2010-08-11
| | | | | | | | | | | | | | | | | | | | | | | | Some firewalls restrict HTTP connections based on the clients user agent. This commit provides the user the ability to modify the user agent string via either a new config option (http.useragent) or by an environment variable (GIT_HTTP_USER_AGENT). Relevant documentation is added to Documentation/config.txt. Signed-off-by: Spencer E. Olson <olsonse@umich.edu> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | Merge branch 'sp/maint-dumb-http-pack-reidx'Junio C Hamano2010-05-21
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sp/maint-dumb-http-pack-reidx: http.c::new_http_pack_request: do away with the temp variable filename http-fetch: Use temporary files for pack-*.idx until verified http-fetch: Use index-pack rather than verify-pack to check packs Allow parse_pack_index on temporary files Extract verify_pack_index for reuse from verify_pack Introduce close_pack_index to permit replacement http.c: Remove unnecessary strdup of sha1_to_hex result http.c: Don't store destination name in request structures http.c: Drop useless != NULL test in finish_http_pack_request http.c: Tiny refactoring of finish_http_pack_request t5550-http-fetch: Use subshell for repository operations http.c: Remove bad free of static block
| * | http.c::new_http_pack_request: do away with the temp variable filenameTay Ray Chuan2010-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | Now that the temporary variable char *filename is only used in one place, do away with it and just call sha1_pack_name() directly. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Acked-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | http-fetch: Use temporary files for pack-*.idx until verifiedShawn O. Pearce2010-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Verify that a downloaded pack-*.idx file is consistent and valid as an index file before we rename it into its final destination. This prevents a corrupt index file from later being treated as a usable file, confusing readers. Check that we do not have the pack index file before invoking fetch_pack_index(); that way, we can do without the has_pack_index() check in fetch_pack_index(). Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | http-fetch: Use index-pack rather than verify-pack to check packsShawn O. Pearce2010-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To ensure we don't leave a corrupt pack file positioned as though it were a valid pack file, run index-pack on the temporary pack before we rename it to its final name. If index-pack crashes out when it discovers file corruption (e.g. GitHub's error HTML at the end of the file), simply delete the temporary files to cleanup. By waiting until the pack has been validated before we move it to its final name, we eliminate a race condition where another concurrent reader might try to access the pack at the same time that we are still trying to verify its not corrupt. Switching from verify-pack to index-pack is a change in behavior, but it should turn out better for users. The index-pack algorithm tries to minimize disk seeks, as well as the number of times any given object is inflated, by organizing its work along delta chains. The verify-pack logic does not attempt to do this, thrashing the delta base cache and the filesystem cache. By recreating the index file locally, we also can automatically upgrade from a v1 pack table of contents to v2. This makes the CRC32 data available for use during later repacks, even if the server didn't have them on hand. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Acked-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | Allow parse_pack_index on temporary filesShawn O. Pearce2010-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The easiest way to verify a pack index is to open it through the standard parse_pack_index function, permitting the header check to happen when the file is mapped. However, the dumb HTTP client needs to verify a pack index before its moved into its proper file name within the objects/pack directory, to prevent a corrupt index from being made available. So permit the caller to specify the exact path of the index file. For now we're still using the final destination name within the sole call site in http.c, but eventually we will start to parse the temporary path instead. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | http.c: Remove unnecessary strdup of sha1_to_hex resultShawn O. Pearce2010-04-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most of the time the dumb HTTP transport is run without the verbose flag set, so we only need the result of sha1_to_hex(sha1) once, to construct the pack URL. Don't bother with an unnecessary malloc, copy, free chain of this buffer. If verbose is set, we'll format the SHA-1 twice now. But this tiny extra CPU time spent is nothing compared to the slowdown that is usually imposed by the verbose messages being sent to the tty, and is entirely trivial compared to the latency involved with the remote HTTP server sending something as big as a pack file. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Acked-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | http.c: Don't store destination name in request structuresShawn O. Pearce2010-04-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The destination name within the object store is easily computed on demand, reusing a static buffer held by sha1_file.c. We don't need to copy the entire path into the request structure for safe keeping, when it can be easily reformatted after the download has been completed. This reduces the size of the per-request structure, and removes yet another PATH_MAX based limit. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | http.c: Drop useless != NULL test in finish_http_pack_requestShawn O. Pearce2010-04-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The test preq->packfile != NULL is always true. If packfile was actually NULL when entering this function the ftell() above would crash out with a SIGSEGV, resulting in never reaching this point. Simplify the code by just removing the conditional. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | http.c: Tiny refactoring of finish_http_pack_requestShawn O. Pearce2010-04-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Always remove the struct packed_git from the active list, even if the rename of the temporary file fails. While we are here, simplify the code a bit by using a common local variable name ("p") to hold the relevant packed_git. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | http.c: Remove bad free of static blockShawn O. Pearce2010-04-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The filename variable here is pointing to a block of memory that was allocated by sha1_file.c and is also held in a static variable scoped within the sha1_pack_name() function. Doing a free() here is returning that memory to the allocator while we might still try to reuse it on a subsequent sha1_pack_name() invocation. That's not acceptable, so don't free it. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | | Merge branch 'rc/maint-curl-helper'Junio C Hamano2010-05-08
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * rc/maint-curl-helper: remote-curl: ensure that URLs have a trailing slash http: make end_url_with_slash() public t5541-http-push: add test for URLs with trailing slash Conflicts: remote-curl.c
| * | | http: make end_url_with_slash() publicTay Ray Chuan2010-04-09
| |/ / | | | | | | | | | | | | Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | | Prompt for a username when an HTTP request 401sScott Chacon2010-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When an HTTP request returns a 401, Git will currently fail with a confusing message saying that it got a 401, which is not very descriptive. Currently if a user wants to use Git over HTTP, they have to use one URL with the username in the URL (e.g. "http://user@host.com/repo.git") for write access and another without the username for unauthenticated read access (unless they want to be prompted for the password each time). However, since the HTTP servers will return a 401 if an action requires authentication, we can prompt for username and password if we see this, allowing us to use a single URL for both purposes. This patch changes http_request to prompt for the username and password, then return HTTP_REAUTH so http_get_strbuf can try again. If it gets a 401 even when a user/pass is supplied, http_request will now return HTTP_NOAUTH which remote_curl can then use to display a more intelligent error message that is less confusing. Signed-off-by: Scott Chacon <schacon@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | | git-core: Support retrieving passwords with GIT_ASKPASSFrank Li2010-03-04
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git tries to read a password from the terminal in imap-send and when talking to a http server that requires authentication. When a GUI is driving git, however, the end user is not paying attention to the terminal (there may not even be a terminal). GUI would appear to hang forever. Fix this problem by allowing a password-retrieving command to be specified in GIT_ASKPASS Signed-off-by: Frank Li <lznuaa@gmail.com> Signed-off-by: Johannes Sixt <j6t@kdbg.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | http.c: mark file-local functions staticJunio C Hamano2010-01-12
| | | | | | | | Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | Merge branch 'tr/http-updates'Junio C Hamano2010-01-10
|\ \ | | | | | | | | | | | | | | | | | | | | | * tr/http-updates: Remove http.authAny Allow curl to rewind the RPC read buffer Add an option for using any HTTP authentication scheme, not only basic http: maintain curl sessions
| * | Remove http.authAnyJunio C Hamano2009-12-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Back when the feature to use different HTTP authentication methods was originally written, it needed an extra HTTP request for everything when the feature was in effect, because we didn't reuse curl sessions. However, b8ac923 (Add an option for using any HTTP authentication scheme, not only basic, 2009-11-27) builds on top of an updated codebase that does reuse curl sessions; there is no need to manually avoid the extra overhead by making this configurable anymore. Acked-by: Martin Storsjo <martin@martin.st> Acked-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | Add an option for using any HTTP authentication scheme, not only basicMartin Storsjö2009-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the configuration option http.authAny (overridable with the environment variable GIT_HTTP_AUTH_ANY), for instructing curl to allow any HTTP authentication scheme, not only basic (which sends the password in plaintext). When this is enabled, curl has to do double requests most of the time, in order to discover which HTTP authentication method to use, which lowers the performance slightly. Therefore this isn't enabled by default. One example of another authentication scheme to use is digest, which doesn't send the password in plaintext, but uses a challenge-response mechanism instead. Using digest authentication in practice requires at least curl 7.18.1, due to bugs in the digest handling in earlier versions of curl. Signed-off-by: Martin Storsjö <martin@martin.st> Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * | http: maintain curl sessionsTay Ray Chuan2009-11-27
| |/ | | | | | | | | | | | | | | | | | | | | | | Allow curl sessions to be kept alive (ie. not ended with curl_easy_cleanup()) even after the request is completed, the number of which is determined by the configuration setting http.minSessions. Add a count for curl sessions, and update it, across slots, when starting and ending curl sessions. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | Use warning function instead of fprintf(stderr, "Warning: ...").Thiago Farina2010-01-03
|/ | | | | Signed-off-by: Thiago Farina <tfransosi@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* Smart push over HTTP: client sideShawn O. Pearce2009-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | The git-remote-curl backend detects if the remote server supports the git-receive-pack service, and if so, runs git-send-pack in a pipe to dump the command and pack data as a single POST request. The advertisements from the server that were obtained during the discovery are passed into git-send-pack before the POST request starts. This permits git-send-pack to operate largely unmodified. For smaller packs (those under 1 MiB) a HTTP/1.0 POST with a Content-Length is used, permitting interaction with any server. The 1 MiB limit is arbitrary, but is sufficent to fit most deltas created by human authors against text sources with the occasional small binary file (e.g. few KiB icon image). The configuration option http.postBuffer can be used to increase (or shink) this buffer if the default is not sufficient. For larger packs which cannot be spooled entirely into the helper's memory space (due to http.postBuffer being too small), the POST request requires HTTP/1.1 and sets "Transfer-Encoding: chunked". This permits the client to upload an unknown amount of data in one HTTP transaction without needing to pregenerate the entire pack file locally. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> CC: Daniel Barkalow <barkalow@iabervon.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* Merge branch 'maint'Junio C Hamano2009-09-14
|\ | | | | | | | | * maint: http.c: avoid freeing an uninitialized pointer
| * http.c: avoid freeing an uninitialized pointerJunio C Hamano2009-09-14
| | | | | | | | | | | | | | | | An earlier 59b8d38 (http.c: remove verification of remote packs) left the variable "url" uninitialized; "goto cleanup" codepath can free it which is not very nice. Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | Merge branch 'maint'Junio C Hamano2009-09-13
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | * maint: GIT 1.6.4.3 svn: properly escape arguments for authors-prog http.c: remove verification of remote packs grep: accept relative paths outside current working directory grep: fix exit status if external_grep() punts Conflicts: GIT-VERSION-GEN RelNotes
| * http.c: remove verification of remote packsTay Ray Chuan2009-09-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make http.c::fetch_pack_index() no longer check for the remote pack with a HEAD request before fetching the corresponding pack index file. Not only does sending a HEAD request before we do a GET incur a performance penalty, it does not offer any significant error- prevention advantages (pack fetching in the *_http_pack_request() methods is capable of handling any errors on its own). This addresses an issue raised elsewhere: http://code.google.com/p/msysgit/issues/detail?id=323 http://support.github.com/discussions/repos/957-cant-clone-over-http-or-git Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | Merge branch 'maint'Junio C Hamano2009-08-28
|\ \ | |/ | | | | | | * maint: http.c: set slot callback members to NULL when releasing object
| * Merge branch 'rc/maint-http-fix' into maintJunio C Hamano2009-08-28
| |\ | | | | | | | | | | | | * rc/maint-http-fix: http.c: don't assume that urls don't end with slash
| * | http.c: set slot callback members to NULL when releasing objectTay Ray Chuan2009-08-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set the members callback_func and callback_data of freq->slot to NULL when releasing a http_object_request. release_active_slot() is also invoked on the slot to remove the curl handle associated with the slot from the multi stack (CURLM *curlm in http.c). These prevent the callback function and data from being used in http methods (like http.c::finish_active_slot()) after a http_object_request has been free'd. Noticed by Ali Polatel, who later tested this patch to verify that it fixes the problem he saw; Dscho helped to identify the problem spot. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | | Merge branch 'rc/maint-http-fix'Junio C Hamano2009-08-18
|\ \ \ | | |/ | |/| | | | | | | * rc/maint-http-fix: http.c: don't assume that urls don't end with slash
| * | http.c: don't assume that urls don't end with slashTay Ray Chuan2009-08-18
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make append_remote_object_url() (and by implication, get_remote_object_url) use end_url_with_slash() to ensure that the url ends with a slash. Previously, they assumed that the url did not end with a slash and as a result appended a slash, sometimes errorneously. This fixes an issue introduced in 5424bc5 ("http*: add helper methods for fetching objects (loose)"), where the append_remote_object_url() implementation in http-push.c, which assumed that urls end with a slash, was replaced by another one in http.c, which assumed urls did not end with a slash. The above issue was raised by Thomas Schlichter: http://marc.info/?l=git&m=125043105231327 Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Tested-by: Thomas Schlichter <thomas.schlichter@web.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | Check return value of ftruncate call in http.cJeff Lasslett2009-08-10
| | | | | | | | | | | | | | | | | | In new_http_object_request(), check ftruncate() call return value and handle possible errors. Signed-off-by: Jeff Lasslett <jeff.lasslett@gmail.com> Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | http.c: replace usage of temporary variable for urlsTay Ray Chuan2009-08-10
| | | | | | | | | | | | | | | | | | Use preq->url in new_http_pack_request and freq->url in new_http_object_request when calling curl_setopt(CURLOPT_URL), instead of using an intermediate variable, 'url'. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | http.c: free preq when abortingTay Ray Chuan2009-08-10
|/ | | | | | | | Free preq in new_http_pack_request when aborting. preq was allocated before jumping to the 'abort' label so this is safe. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* Merge branch 'ml/http'Junio C Hamano2009-07-09
|\ | | | | | | | | | | | | | | | | * ml/http: http.c: add http.sslCertPasswordProtected option http.c: prompt for SSL client certificate password Conflicts: http.c
| * http.c: add http.sslCertPasswordProtected optionMark Lodato2009-06-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a configuration option, http.sslCertPasswordProtected, and associated environment variable, GIT_SSL_CERT_PASSWORD_PROTECTED, to enable SSL client certificate password prompt from within git. If this option is false and if the environment variable does not exist, git falls back to OpenSSL's prompts (as in earlier versions of git). The environment variable may only be used to enable, not to disable git's password prompt. This behavior mimics GIT_NO_VERIFY; the mere existence of the variable is all that is checked. Signed-off-by: Mark Lodato <lodatom@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
| * http.c: prompt for SSL client certificate passwordMark Lodato2009-06-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If an SSL client certificate is enabled (via http.sslcert or GIT_SSL_CERT), prompt for the certificate password rather than defaulting to OpenSSL's password prompt. This causes the prompt to only appear once each run. Previously, OpenSSL prompted the user *many* times, causing git to be unusable over HTTPS with client-side certificates. Note that the password is stored in memory in the clear while the program is running. This may be a security problem if git crashes and core dumps. The user is always prompted, even if the certificate is not encrypted. This should be fine; unencrypted certificates are rare and a security risk anyway. Signed-off-by: Mark Lodato <lodatom@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | Merge branch 'maint'Junio C Hamano2009-06-18
|\ \ | | | | | | | | | | | | | | | | | | * maint: http.c: fix compiling with libcurl 7.9.2 import-tars: support symlinks pull, rebase: simplify to use die()
| * | http.c: fix compiling with libcurl 7.9.2Mark Lodato2009-06-18
| |/ | | | | | | | | | | | | | | | | | | Change the minimimum required libcurl version for the http.sslKey option to 7.9.3. Previously, preprocessor macros checked for >= 7.9.2, which is incorrect because CURLOPT_SSLKEY was introduced in 7.9.3. This now allows git to compile with libcurl 7.9.2. Signed-off-by: Mark Lodato <lodatom@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | http*: add helper methods for fetching objects (loose)Tay Ray Chuan2009-06-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code handling the fetching of loose objects in http-push.c and http-walker.c have been refactored into new methods and a new struct (object_http_request) in http.c. They are not meant to be invoked elsewhere. The new methods in http.c are - new_http_object_request - process_http_object_request - finish_http_object_request - abort_http_object_request - release_http_object_request and the new struct is http_object_request. RANGER_HEADER_SIZE and no_pragma_header is no longer made available outside of http.c, since after the above changes, there are no other instances of usage outside of http.c. Remove members of the transfer_request struct in http-push.c and http-walker.c, including filename, real_sha1 and zret, as they are used no longer used. Move the methods append_remote_object_url() and get_remote_object_url() from http-push.c to http.c. Additionally, get_remote_object_url() is no longer defined only when USE_CURL_MULTI is defined, since non-USE_CURL_MULTI code in http.c uses it (namely, in new_http_object_request()). Refactor code from http-push.c::start_fetch_loose() and http-walker.c::start_object_fetch_request() that deals with the details of coming up with the filename to store the retrieved object, resuming a previously aborted request, and making a new curl request, into a new function, new_http_object_request(). Refactor code from http-walker.c::process_object_request() into the function, process_http_object_request(). Refactor code from http-push.c::finish_request() and http-walker.c::finish_object_request() into a new function, finish_http_object_request(). It returns the result of the move_temp_to_file() invocation. Add a function, release_http_object_request(), which cleans up object request data. http-push.c and http-walker.c invoke this function separately; http-push.c::release_request() and http-walker.c::release_object_request() do not invoke this function. Add a function, abort_http_object_request(), which unlink()s the object file and invokes release_http_object_request(). Update http-walker.c::abort_object_request() to use this. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | http*: add helper methods for fetching packsTay Ray Chuan2009-06-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code handling the fetching of packs in http-push.c and http-walker.c have been refactored into new methods and a new struct (http_pack_request) in http.c. They are not meant to be invoked elsewhere. The new methods in http.c are - new_http_pack_request - finish_http_pack_request - release_http_pack_request and the new struct is http_pack_request. Add a function, new_http_pack_request(), that deals with the details of coming up with the filename to store the retrieved packfile, resuming a previously aborted request, and making a new curl request. Update http-push.c::start_fetch_packed() and http-walker.c::fetch_pack() to use this. Add a function, finish_http_pack_request(), that deals with renaming the pack, advancing the pack list, and installing the pack. Update http-push.c::finish_request() and http-walker.c::fetch_pack to use this. Update release_request() in http-push.c and http-walker.c to invoke release_http_pack_request() to clean up pack request helper data. The local_stream member of the transfer_request struct in http-push.c has been removed, as the packfile pointer will be managed in the struct http_pack_request. Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
* | http: use new http API in fetch_index()Tay Ray Chuan2009-06-06
| | | | | | | | | | Signed-off-by: Tay Ray Chuan <rctay89@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>