-
-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update to LibGit2 v0.26.0 #22614
Update to LibGit2 v0.26.0 #22614
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
0d6fd3ed9265c6804349149b23ae6362 |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
88a8a42bb8d18a5a722938404e048266d0899362ac89fdfedfa9f71aeb90408d8d98b4d9b9ea2ff46755d0a2cd8686ff04d31e85827566e1290a9536b8b36ac8 |
This file was deleted.
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -37,7 +37,7 @@ LIBGIT2_OPTS += -DCURL_INCLUDE_DIRS=$(build_includedir) -DCURL_LIBRARIES="-L$(bu | |
endif | ||
|
||
ifeq ($(OS),Linux) | ||
LIBGIT2_OPTS += -DUSE_OPENSSL=OFF -DUSE_MBEDTLS=ON -DCMAKE_INSTALL_RPATH="\$$ORIGIN" | ||
LIBGIT2_OPTS += -DUSE_HTTPS=ON -DTLS_BACKEND="mbedTLS" -DCMAKE_INSTALL_RPATH="\$$ORIGIN" | ||
endif | ||
ifeq ($(OS),FreeBSD) | ||
LIBGIT2_OPTS += -DCMAKE_INSTALL_RPATH="\$$ORIGIN" | ||
|
@@ -78,29 +78,14 @@ $(LIBGIT2_SRC_PATH)/libgit2-agent-nonfatal.patch-applied: $(LIBGIT2_SRC_PATH)/so | |
patch -p1 -f < $(SRCDIR)/patches/libgit2-agent-nonfatal.patch | ||
echo 1 > $@ | ||
|
||
$(LIBGIT2_SRC_PATH)/libgit2-mbedtls-writer-fix.patch-applied: $(LIBGIT2_SRC_PATH)/source-extracted | $(LIBGIT2_SRC_PATH)/libgit2-mbedtls.patch-applied | ||
cd $(LIBGIT2_SRC_PATH) && \ | ||
patch -p1 -f < $(SRCDIR)/patches/libgit2-mbedtls-writer-fix.patch | ||
echo 1 > $@ | ||
|
||
$(LIBGIT2_SRC_PATH)/libgit2-mbedtls-verify.patch-applied: $(LIBGIT2_SRC_PATH)/source-extracted | $(LIBGIT2_SRC_PATH)/libgit2-mbedtls-writer-fix.patch-applied | ||
$(LIBGIT2_SRC_PATH)/libgit2-mbedtls-verify.patch-applied: $(LIBGIT2_SRC_PATH)/source-extracted | $(LIBGIT2_SRC_PATH)/libgit2-agent-nonfatal.patch-applied | ||
cd $(LIBGIT2_SRC_PATH) && \ | ||
patch -p1 -f < $(SRCDIR)/patches/libgit2-mbedtls-verify.patch | ||
echo 1 > $@ | ||
|
||
$(LIBGIT2_SRC_PATH)/libgit2-gitconfig-symlink.patch-applied: $(LIBGIT2_SRC_PATH)/source-extracted | $(LIBGIT2_SRC_PATH)/libgit2-mbedtls-verify.patch-applied | ||
cd $(LIBGIT2_SRC_PATH) && \ | ||
patch -p1 -f < $(SRCDIR)/patches/libgit2-gitconfig-symlink.patch | ||
echo 1 > $@ | ||
|
||
$(LIBGIT2_SRC_PATH)/libgit2-free-config.patch-applied: $(LIBGIT2_SRC_PATH)/source-extracted | $(LIBGIT2_SRC_PATH)/libgit2-gitconfig-symlink.patch-applied | ||
cd $(LIBGIT2_SRC_PATH) && \ | ||
patch -p1 -f < $(SRCDIR)/patches/libgit2-free-config.patch | ||
echo 1 > $@ | ||
|
||
$(LIBGIT2_SRC_PATH)/libgit2-remote-push-NULL.patch-applied: $(LIBGIT2_SRC_PATH)/source-extracted | $(LIBGIT2_SRC_PATH)/libgit2-free-config.patch-applied | ||
$(LIBGIT2_SRC_PATH)/libgit2-mbedtls-fixup.patch-applied: $(LIBGIT2_SRC_PATH)/source-extracted | $(LIBGIT2_SRC_PATH)/libgit2-mbedtls-verify.patch-applied | ||
cd $(LIBGIT2_SRC_PATH) && \ | ||
patch -p1 -f < $(SRCDIR)/patches/libgit2-remote-push-NULL.patch | ||
patch -p1 -f < $(SRCDIR)/patches/libgit2-mbedtls-fixup.patch | ||
echo 1 > $@ | ||
|
||
$(build_datarootdir)/julia/cert.pem: $(CERTFILE) | ||
|
@@ -111,11 +96,8 @@ $(BUILDDIR)/$(LIBGIT2_SRC_DIR)/build-configured: \ | |
$(LIBGIT2_SRC_PATH)/libgit2-mbedtls.patch-applied \ | ||
$(LIBGIT2_SRC_PATH)/libgit2-ssh.patch-applied \ | ||
$(LIBGIT2_SRC_PATH)/libgit2-agent-nonfatal.patch-applied \ | ||
$(LIBGIT2_SRC_PATH)/libgit2-mbedtls-writer-fix.patch-applied \ | ||
$(LIBGIT2_SRC_PATH)/libgit2-mbedtls-verify.patch-applied \ | ||
$(LIBGIT2_SRC_PATH)/libgit2-gitconfig-symlink.patch-applied \ | ||
$(LIBGIT2_SRC_PATH)/libgit2-free-config.patch-applied \ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. should this file be deleted? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yes it should. Good catch |
||
$(LIBGIT2_SRC_PATH)/libgit2-remote-push-NULL.patch-applied | ||
$(LIBGIT2_SRC_PATH)/libgit2-mbedtls-fixup.patch-applied | ||
|
||
ifneq ($(CERTFILE),) | ||
$(BUILDDIR)/$(LIBGIT2_SRC_DIR)/build-configured: $(build_datarootdir)/julia/cert.pem | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
LIBGIT2_BRANCH=v0.25.1 | ||
LIBGIT2_SHA1=2fcb8705e584ca61f6c4657525c9d2713f6a39d2 | ||
LIBGIT2_BRANCH=v0.26.0 | ||
LIBGIT2_SHA1=15e119375018fba121cf58e02a9f17fe22df0df8 | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. should delete the old checksum files, and add the new ones There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I haven't interacted with our checksum files before. What's the standard procedure? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Oh interesting. I was thinking I would have to retrieve the checksum myself. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. if you locally build a new dependency version and the checksum files aren't already present, it'll create them the first time - we add them to git so they get checked for everyone else There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Done |
This file was deleted.
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
commit de8721ae70dfae529fdb50224a47eadf6d29c574 | ||
Author: Curtis Vogt <[email protected]> | ||
Date: Thu Jun 29 16:31:08 2017 -0500 | ||
|
||
Corrections to mbedtls support with LibGit2 0.26.0 | ||
|
||
diff --git a/src/settings.c b/src/settings.c | ||
index 3a46f0d..4d976a0 100644 | ||
--- a/src/settings.c | ||
+++ b/src/settings.c | ||
@@ -179,14 +179,18 @@ int git_libgit2_opts(int key, ...) | ||
const char *path = va_arg(ap, const char *); | ||
error = git_openssl_set_cert_file(file, path); | ||
} | ||
-#elif GIT_MBEDTLS | ||
+#elif defined(GIT_MBEDTLS) | ||
{ | ||
const char *file = va_arg(ap, const char *); | ||
const char *path = va_arg(ap, const char *); | ||
- if (file) | ||
+ if (file) { | ||
error = git_mbedtls_set_cert_file(file, 0); | ||
- if (error && path) | ||
- error = git_mbedtls_set_cert_file(path, 0); | ||
+ } else if (path) { | ||
+ error = git_mbedtls_set_cert_file(path, 1); | ||
+ } else { | ||
+ giterr_set(GITERR_NET, "cannot set certificate locations: no file or path given"); | ||
+ error = -1; | ||
+ } | ||
} | ||
#else | ||
giterr_set(GITERR_NET, "cannot set certificate locations: OpenSSL or mbedTLS is not enabled"); | ||
diff --git a/src/streams/mbedtls.c b/src/streams/mbedtls.c | ||
index e456ea8..b4eb991 100644 | ||
--- a/src/streams/mbedtls.c | ||
+++ b/src/streams/mbedtls.c | ||
@@ -205,12 +205,12 @@ static int ssl_set_error(mbedtls_ssl_context *ssl, int error) | ||
break; | ||
|
||
case MBEDTLS_ERR_X509_CERT_VERIFY_FAILED: | ||
- giterr_set(GITERR_SSL, "SSL error: %x[%x] - %s", error, ssl->session_negotiate->verify_result, errbuf); | ||
+ giterr_set(GITERR_SSL, "SSL error: 0x%04x [%x] - %s", error, ssl->session_negotiate->verify_result, errbuf); | ||
ret = GIT_ECERTIFICATE; | ||
break; | ||
|
||
default: | ||
- giterr_set(GITERR_SSL, "SSL error: %x - %s", error, errbuf); | ||
+ giterr_set(GITERR_SSL, "SSL error: 0x%04x - %s", error, errbuf); | ||
} | ||
|
||
return ret; | ||
@@ -236,7 +236,7 @@ static int verify_server_cert(mbedtls_ssl_context *ssl, const char *host) | ||
if ((ret = mbedtls_ssl_get_verify_result(ssl)) != 0) { | ||
char vrfy_buf[512]; | ||
mbedtls_x509_crt_verify_info(vrfy_buf, sizeof(vrfy_buf), "", ret); | ||
- giterr_set(GITERR_SSL, "The SSL certificate is invalid: %x - %s", ret, vrfy_buf); | ||
+ giterr_set(GITERR_SSL, "The SSL certificate is invalid: 0x%04x - %s", ret, vrfy_buf); | ||
return GIT_ECERTIFICATE; | ||
} | ||
|
||
@@ -430,7 +430,7 @@ int git_mbedtls_set_cert_file(const char *path, int is_dir) | ||
ret = mbedtls_x509_crt_parse_file(cacert, path); | ||
} | ||
// mbedtls_x509_crt_parse_path returns the number of invalid certs on success | ||
- if (ret <= 0) { | ||
+ if (ret < 0) { | ||
mbedtls_x509_crt_free(cacert); | ||
git__free(cacert); | ||
mbedtls_strerror( ret, errbuf, 512 ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we didn't upstream this one?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, I'll double check
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't look like we did https://github.com/libgit2/libgit2/blob/master/src/transports/ssh.c#L300-L301
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
#17459 (comment)