void test_core_stream__register_tls(void)
{
git_stream *stream;
int error;
ctor_called = 0;
cl_git_pass(git_stream_register_tls(test_ctor));
cl_git_pass(git_tls_stream_new(&stream, "localhost", "443"));
cl_assert_equal_i(1, ctor_called);
cl_assert_equal_p(&test_stream, stream);
ctor_called = 0;
stream = NULL;
cl_git_pass(git_stream_register_tls(NULL));
error = git_tls_stream_new(&stream, "localhost", "443");
/* We don't have arbitrary TLS stream support on Windows
* or when openssl support is disabled (except on OSX
* with Security framework).
*/
#if defined(GIT_WIN32) || \
(!defined(GIT_SECURE_TRANSPORT) && !defined(GIT_OPENSSL))
cl_git_fail_with(-1, error);
#else
cl_git_pass(error);
#endif
cl_assert_equal_i(0, ctor_called);
cl_assert(&test_stream != stream);
git_stream_free(stream);
}
static void ssh_stream_free(git_smart_subtransport_stream *stream)
{
ssh_stream *s = (ssh_stream *)stream;
ssh_subtransport *t;
if (!stream)
return;
t = OWNING_SUBTRANSPORT(s);
t->current_stream = NULL;
if (s->channel) {
libssh2_channel_close(s->channel);
libssh2_channel_free(s->channel);
s->channel = NULL;
}
if (s->session) {
libssh2_session_free(s->session);
s->session = NULL;
}
if (s->io) {
git_stream_close(s->io);
git_stream_free(s->io);
s->io = NULL;
}
git__free(s->url);
git__free(s);
}
static int _git_receivepack_ls(
git_subtransport *t,
const char *url,
git_smart_subtransport_stream **stream)
{
char *host=NULL, *port=NULL, *path=NULL, *user=NULL, *pass=NULL;
const char *stream_url = url;
git_stream *s;
int error;
*stream = NULL;
if (!git__prefixcmp(url, prefix_git))
stream_url += strlen(prefix_git);
if (git_stream_alloc(t, stream_url, cmd_receivepack, stream) < 0)
return -1;
s = (git_stream *)*stream;
if (!(error = gitno_extract_url_parts(&host, &port, &path, &user, &pass, url, GIT_DEFAULT_PORT))) {
if (!(error = gitno_connect(&s->socket, host, port, 0)))
t->current_stream = s;
git__free(host);
git__free(port);
git__free(path);
git__free(user);
git__free(pass);
} else if (*stream)
git_stream_free(*stream);
return error;
}
void test_stream_deprecated__register_tls(void)
{
git_stream *stream;
int error;
ctor_called = 0;
cl_git_pass(git_stream_register_tls(test_stream_init));
cl_git_pass(git_tls_stream_new(&stream, "localhost", "443"));
cl_assert_equal_i(1, ctor_called);
cl_assert_equal_p(&test_stream, stream);
ctor_called = 0;
stream = NULL;
cl_git_pass(git_stream_register_tls(NULL));
error = git_tls_stream_new(&stream, "localhost", "443");
/*
* We don't have TLS support enabled, or we're on Windows,
* which has no arbitrary TLS stream support.
*/
#if defined(GIT_WIN32) || !defined(GIT_HTTPS)
cl_git_fail_with(-1, error);
#else
cl_git_pass(error);
#endif
cl_assert_equal_i(0, ctor_called);
cl_assert(&test_stream != stream);
git_stream_free(stream);
}
void openssl_free(git_stream *stream)
{
openssl_stream *st = (openssl_stream *) stream;
git__free(st->cert_info.data);
git_stream_free((git_stream *) st->socket);
git__free(st);
}
void openssl_free(git_stream *stream)
{
openssl_stream *st = (openssl_stream *) stream;
SSL_free(st->ssl);
git__free(st->host);
git__free(st->cert_info.data);
git_stream_free(st->io);
git__free(st);
}
static void stransport_free(git_stream *stream)
{
stransport_stream *st = (stransport_stream *) stream;
git_stream_free(st->io);
CFRelease(st->ctx);
if (st->der_data)
CFRelease(st->der_data);
git__free(st);
}
int git_stransport_stream_new(git_stream **out, const char *host, const char *port)
{
stransport_stream *st;
int error;
OSStatus ret;
assert(out && host);
st = git__calloc(1, sizeof(stransport_stream));
GITERR_CHECK_ALLOC(st);
#ifdef GIT_CURL
error = git_curl_stream_new(&st->io, host, port);
#else
error = git_socket_stream_new(&st->io, host, port);
#endif
if (error < 0){
git__free(st);
return error;
}
st->ctx = SSLCreateContext(NULL, kSSLClientSide, kSSLStreamType);
if (!st->ctx) {
giterr_set(GITERR_NET, "failed to create SSL context");
return -1;
}
if ((ret = SSLSetIOFuncs(st->ctx, read_cb, write_cb)) != noErr ||
(ret = SSLSetConnection(st->ctx, st->io)) != noErr ||
(ret = SSLSetSessionOption(st->ctx, kSSLSessionOptionBreakOnServerAuth, true)) != noErr ||
(ret = SSLSetProtocolVersionMin(st->ctx, kTLSProtocol1)) != noErr ||
(ret = SSLSetProtocolVersionMax(st->ctx, kTLSProtocol12)) != noErr ||
(ret = SSLSetPeerDomainName(st->ctx, host, strlen(host))) != noErr) {
git_stream_free((git_stream *)st);
return stransport_error(ret);
}
st->parent.version = GIT_STREAM_VERSION;
st->parent.encrypted = 1;
st->parent.proxy_support = git_stream_supports_proxy(st->io);
st->parent.connect = stransport_connect;
st->parent.certificate = stransport_certificate;
st->parent.set_proxy = stransport_set_proxy;
st->parent.read = stransport_read;
st->parent.write = stransport_write;
st->parent.close = stransport_close;
st->parent.free = stransport_free;
*out = (git_stream *) st;
return 0;
}
int git_openssl_stream_new(git_stream **out, const char *host, const char *port)
{
int error;
openssl_stream *st;
st = git__calloc(1, sizeof(openssl_stream));
GITERR_CHECK_ALLOC(st);
st->io = NULL;
#ifdef GIT_CURL
error = git_curl_stream_new(&st->io, host, port);
#else
error = git_socket_stream_new(&st->io, host, port);
#endif
if (error < 0)
goto out_err;
st->ssl = SSL_new(git__ssl_ctx);
if (st->ssl == NULL) {
giterr_set(GITERR_SSL, "failed to create ssl object");
error = -1;
goto out_err;
}
st->host = git__strdup(host);
GITERR_CHECK_ALLOC(st->host);
st->parent.version = GIT_STREAM_VERSION;
st->parent.encrypted = 1;
st->parent.proxy_support = git_stream_supports_proxy(st->io);
st->parent.connect = openssl_connect;
st->parent.certificate = openssl_certificate;
st->parent.set_proxy = openssl_set_proxy;
st->parent.read = openssl_read;
st->parent.write = openssl_write;
st->parent.close = openssl_close;
st->parent.free = openssl_free;
*out = (git_stream *) st;
return 0;
out_err:
git_stream_free(st->io);
git__free(st);
return error;
}
static void git_proto_stream_free(git_smart_subtransport_stream *stream)
{
git_proto_stream *s;
git_subtransport *t;
if (!stream)
return;
s = (git_proto_stream *)stream;
t = OWNING_SUBTRANSPORT(s);
t->current_stream = NULL;
git_stream_close(s->io);
git_stream_free(s->io);
git__free(s->url);
git__free(s);
}
static int _git_receivepack_ls(
git_subtransport *t,
const char *url,
git_smart_subtransport_stream **stream)
{
char *host, *port, *user=NULL, *pass=NULL;
git_stream *s;
*stream = NULL;
if (!git__prefixcmp(url, prefix_git))
url += strlen(prefix_git);
if (git_stream_alloc(t, url, cmd_receivepack, stream) < 0)
return -1;
s = (git_stream *)*stream;
if (gitno_extract_url_parts(&host, &port, &user, &pass, url, GIT_DEFAULT_PORT) < 0)
goto on_error;
if (gitno_connect(&s->socket, host, port, 0) < 0)
goto on_error;
t->current_stream = s;
git__free(host);
git__free(port);
git__free(user);
git__free(pass);
return 0;
on_error:
if (*stream)
git_stream_free(*stream);
git__free(host);
git__free(port);
return -1;
}
