Commit Graph

9382 Commits

Author SHA1 Message Date
Junio C Hamano
42da484006 Merge branch 'tb/connect-ipv6-parse-fix'
We did not parse username followed by literal IPv6 address in SSH
transport URLs, e.g. ssh://user@[2001:db8::1]:22/repo.git
correctly.

* tb/connect-ipv6-parse-fix:
  t5500: show user name and host in diag-url
  t5601: add more test cases for IPV6
  connect.c: allow ssh://user@[2001:db8::1]/repo.git
2015-03-05 12:45:44 -08:00
Junio C Hamano
fa8baa4b2a Merge branch 'jc/diff-test-updates'
Test clean-up.

* jc/diff-test-updates:
  test_ln_s_add: refresh stat info of fake symbolic links
  t4008: modernise style
  t/diff-lib: check exact object names in compare_diff_raw
  tests: do not borrow from COPYING and README from the real source
  t4010: correct expected object names
  t9300: correct expected object names
  t4008: correct stale comments
2015-03-05 12:45:43 -08:00
Junio C Hamano
fd9de868c3 Merge branch 'mh/refs-have-new'
Simplify the ref transaction API around how "the ref should be
pointing at this object" is specified.

* mh/refs-have-new:
  refs.h: remove duplication in function docstrings
  update_ref(): improve documentation
  ref_transaction_verify(): new function to check a reference's value
  ref_transaction_delete(): check that old_sha1 is not null_sha1
  ref_transaction_create(): check that new_sha1 is valid
  commit: avoid race when creating orphan commits
  commit: add tests of commit races
  ref_transaction_delete(): remove "have_old" parameter
  ref_transaction_update(): remove "have_old" parameter
  struct ref_update: move "have_old" into "flags"
  refs.c: change some "flags" to "unsigned int"
  refs: remove the gap in the REF_* constant values
  refs: move REF_DELETING to refs.c
2015-03-05 12:45:39 -08:00
Junio C Hamano
4c3dbbf722 Merge branch 'jk/daemon-interpolate'
The "interpolated-path" option of "git daemon" inserted any string
client declared on the "host=" capability request without checking.
Sanitize and limit %H and %CH to a saner and a valid DNS name.

* jk/daemon-interpolate:
  daemon: sanitize incoming virtual hostname
  t5570: test git-daemon's --interpolated-path option
  git_connect: let user override virtual-host we send to daemon
2015-03-03 14:37:06 -08:00
Junio C Hamano
0278b3f609 Merge branch 'km/send-email-getopt-long-workarounds'
Even though we officially haven't dropped Perl 5.8 support, the
Getopt::Long package that came with it does not support "--no-"
prefix to negate a boolean option; manually add support to help
people with older Getopt::Long package.

* km/send-email-getopt-long-workarounds:
  git-send-email.perl: support no- prefix with older GetOptions
2015-03-03 14:37:03 -08:00
Junio C Hamano
71f19cce36 Merge branch 'jc/apply-beyond-symlink'
"git apply" was not very careful about reading from, removing,
updating and creating paths outside the working tree (under
--index/--cached) or the current directory (when used as a
replacement for GNU patch).

* jc/apply-beyond-symlink:
  apply: do not touch a file beyond a symbolic link
  apply: do not read from beyond a symbolic link
  apply: do not read from the filesystem under --index
  apply: reject input that touches outside the working area
2015-03-03 14:37:01 -08:00
Junio C Hamano
75b49bb181 Merge branch 'jk/sanity'
The tests that wanted to see that file becomes unreadable after
running "chmod a-r file", and the tests that wanted to make sure it
is not run as root, we used "can we write into the / directory?" as
a cheap substitute, but on some platforms that is not a good
heuristics.  The tests and their prerequisites have been updated to
check what they really require.

* jk/sanity:
  test-lib.sh: set prerequisite SANITY by testing what we really need
  tests: correct misuses of POSIXPERM
  t/lib-httpd: switch SANITY check for NOT_ROOT
2015-02-25 15:40:18 -08:00
Johannes Sixt
817d03e105 test_ln_s_add: refresh stat info of fake symbolic links
We have a helper function test_ln_s_add that inserts a symbolic link
into the index even if the file system does not support symbolic links.
There is a small flaw in the emulation path: the added entry does not
pick up stat information of the fake symbolic link from the file system,
as a consequence, the index is not exactly the same as for the "regular"
path (where symbolic links are available). To fix this, just call
git update-index again.

This flaw was revealed by the earlier change that tightened
compare_diff_raw(), because a test case in t4008 depends on the
correctly updated index.

Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-23 11:45:39 -08:00
Junio C Hamano
7cf6232e2c Merge branch 'jk/prune-mtime'
In v2.2.0, we broke "git prune" that runs in a repository that
borrows from an alternate object store.

* jk/prune-mtime:
  sha1_file: fix iterating loose alternate objects
  for_each_loose_file_in_objdir: take an optional strbuf path
2015-02-22 12:28:28 -08:00
Junio C Hamano
070f6fed05 Merge branch 'ps/submodule-sanitize-path-upon-add'
"git submodule add" failed to squash "path/to/././submodule" to
"path/to/submodule".

* ps/submodule-sanitize-path-upon-add:
  git-submodule.sh: fix '/././' path normalization
2015-02-22 12:28:26 -08:00
Junio C Hamano
f11f76b2bb Merge branch 'ab/merge-file-prefix'
"git merge-file" did not work correctly in a subdirectory.

* ab/merge-file-prefix:
  merge-file: correctly open files when in a subdir
2015-02-22 12:28:25 -08:00
Torsten Bögershausen
3f55ccab8e t5500: show user name and host in diag-url
The URL for ssh may have include a username before the hostname,
like ssh://user@host/repo.
When literal IPV6 addresses are used together with a username,
the substring "user@[::1]" must be converted into "user@::1".

Make that conversion visible for the user, and write userandhost
in the diagnostics

Signed-off-by: Torsten Bögershausen <tboegi@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-22 12:04:01 -08:00
Torsten Bögershausen
9f6976528b t5601: add more test cases for IPV6
Test the parsing of literall IPV6 addresses more systematically:
- with and without brackets (e.g. ::1 [::1])
- with brackets and port number: (e.g. [::1]:22)
- with username (e.g. user@::1)
- with username and brackets:
  Because user@[::1] was not supported on older Git version,
  [user@::1] had to be used as a workaround.
  Test that user@::1 user@[::1] and [user@::1] all do the same.

Signed-off-by: Torsten Bögershausen <tboegi@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-22 12:03:54 -08:00
Torsten Bögershausen
86ceb337ec connect.c: allow ssh://user@[2001:db8::1]/repo.git
The ssh:// syntax was added in 2386d658 (Add first cut at "git
protocol" connect logic., 2005-07-13), it accepted
ssh://user@2001:db8::1/repo.git, which is now legacy.

Over the years the parser was improved to support [] and port numbers,
but the combination of ssh://user@[2001:db8::1]:222/repo.git did
never work.

The only only way to use a user name, a literall IPV6 address and a port
number was ssh://[user@2001:db8::1]:222/repo.git

(Thanks to Christian Taube <lists@hcf.yourweb.de> for reporting this long
standing issue)

New users would use ssh://user@[2001:db8::1]:222/repo.git,
so change the parser to handle it correctly.

Support the old legacy URLs as well, to be backwards compatible,
and avoid regressions for users which upgrade an existing installation
to a later Git version.

Signed-off-by: Torsten Bögershausen <tboegi@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-22 12:02:59 -08:00
Junio C Hamano
de15bdb058 Merge branch 'jk/config-no-ungetc-eof'
Reading configuration from a blob object, when it ends with a lone
CR, use to confuse the configuration parser.

* jk/config-no-ungetc-eof:
  config_buf_ungetc: warn when pushing back a random character
  config: do not ungetc EOF
2015-02-18 11:45:01 -08:00
Junio C Hamano
d3e73b5b31 Merge branch 'ch/new-gpg-drops-rfc-1991'
Older GnuPG implementations may not correctly import the keyring
material we prepare for the tests to use.

* ch/new-gpg-drops-rfc-1991:
  t/lib-gpg: sanity-check that we can actually sign
  t/lib-gpg: include separate public keys in keyring.gpg
2015-02-18 11:44:58 -08:00
Junio C Hamano
f18e3896f7 Merge branch 'ye/http-accept-language'
Using environment variable LANGUAGE and friends on the client side,
HTTP-based transports now send Accept-Language when making requests.

* ye/http-accept-language:
  http: add Accept-Language header if possible
2015-02-18 11:44:57 -08:00
Jeff King
b485373052 daemon: sanitize incoming virtual hostname
We use the daemon_avoid_alias function to make sure that the
pathname the user gives us is sane. However, after applying
that check, we might then interpolate the path using a
string given by the server admin, but which may contain more
untrusted data from the client. We should be sure to
sanitize this data, as well.

We cannot use daemon_avoid_alias here, as it is more strict
than we need in requiring a leading '/'. At the same time,
we can be much more strict here. We are interpreting a
hostname, which should not contain slashes or excessive runs
of dots, as those things are not allowed in DNS names.

Note that in addition to cleansing the hostname field, we
must check the "canonical hostname" (%CH) as well as the
port (%P), which we take as a raw string.  For the canonical
hostname, this comes from an actual DNS lookup on the
accessed IP, which makes it a much less likely vector for
problems. But it does not hurt to sanitize it in the same
way. Unfortunately we cannot test this case easily, as it
would involve a custom hostname lookup.

We do not need to check %IP, as it comes straight from
inet_ntop, so must have a sane form.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-17 13:15:30 -08:00
Jeff King
5248f2dd4f t5570: test git-daemon's --interpolated-path option
We did not test this at all; let's just give a basic sanity
check that we can find a path based on virtual hosting, and
that the downcase canonicalization works.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-17 13:15:07 -08:00
Michael Haggerty
a933c23e66 commit: avoid race when creating orphan commits
If HEAD doesn't point at anything during the initial check, then we
should make sure that it *still* doesn't point at anything when we are
ready to update the reference. Otherwise, another process might commit
while we are working (e.g., while we are waiting for the user to edit
the commit message) and we will silently overwrite it.

This fixes a failing test in t7516.

Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
Reviewed-by: Stefan Beller <sbeller@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-17 11:24:20 -08:00
Michael Haggerty
a908a31c34 commit: add tests of commit races
Committing involves the following steps:

1. Determine the current value of HEAD (if any).
2. Create the new commit object.
3. Update HEAD.

Please note that step 2 can take arbitrarily long, because it might
involve the user editing a commit message.

If a second process sneaks in a commit during step 2, then the first
commit process should fail. This is usually done correctly, because
step 3 verifies that HEAD still points at the same commit that it
pointed to during step 1.

However, if there is a race when creating an *orphan* commit, then the
test in step 3 is skipped.

Add tests for proper handling of such races. One of the new tests
fails. It will be fixed in a moment.

Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-17 11:23:54 -08:00
Junio C Hamano
445bb5b74d Merge branch 'jc/t4122-use-test-write-lines'
* jc/t4122-use-test-write-lines:
  t4122: use test_write_lines from test-lib-functions
2015-02-17 10:15:29 -08:00
Junio C Hamano
b93b5b21b5 Merge branch 'jk/dumb-http-idx-fetch-fix'
A broken pack .idx file in the receiving repository prevented the
dumb http transport from fetching a good copy of it from the other
side.

* jk/dumb-http-idx-fetch-fix:
  dumb-http: do not pass NULL path to parse_pack_index
2015-02-17 10:15:25 -08:00
Junio C Hamano
38459ee6af Merge branch 'jc/apply-ws-fix-expands'
"git apply --whitespace=fix" used to under-allocate the memory
when the fix resulted in a longer text than the original patch.

* jc/apply-ws-fix-expands:
  apply: count the size of postimage correctly
  apply: make update_pre_post_images() sanity check the given postlen
  apply.c: typofix
2015-02-17 10:15:21 -08:00
Junio C Hamano
9f55a77777 Merge branch 'ks/rebase-i-abbrev'
The insn sheet "git rebase -i" creates did not fully honor
core.abbrev settings.

* ks/rebase-i-abbrev:
  rebase -i: use full object name internally throughout the script
2015-02-17 10:15:18 -08:00
Junio C Hamano
a6c68158e5 Merge branch 'mh/deref-symref-over-helper-transport'
"git fetch" over a remote-helper that cannot respond to "list"
command could not fetch from a symbolic reference e.g. HEAD.

* mh/deref-symref-over-helper-transport:
  transport-helper: do not request symbolic refs to remote helpers
2015-02-17 10:15:18 -08:00
Kyle J. McKay
f471494303 git-send-email.perl: support no- prefix with older GetOptions
Only Perl version 5.8.0 or later is required, but that comes with
an older Getopt::Long (2.32) that does not support the 'no-'
prefix.  Support for that was added in Getopt::Long version 2.33.

Since the help only mentions the 'no-' prefix and not the 'no'
prefix, add explicit support for the 'no-' prefix to support
older GetOptions versions.

Reported-by: Tom G. Christensen <tgc@statsbiblioteket.dk>
Signed-off-by: Kyle J. McKay <mackyle@gmail.com>
Tested-by: Tom G. Christensen <tgc@statsbiblioteket.dk>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-16 13:26:51 -08:00
Torsten Bögershausen
f400e51c13 test-lib.sh: set prerequisite SANITY by testing what we really need
What we wanted out of the SANITY precondition is that the filesystem
behaves sensibly with permission bits settings.

 - You should not be able to remove a file in a read-only directory,

 - You should not be able to tell if a file in a directory exists if
   the directory lacks read or execute permission bits.

We used to cheat by approximating that condition with "is the /
writable?" test and/or "are we running as root?" test.  Neither test
is sufficient or appropriate in environments like Cygwin.

Signed-off-by: Torsten Bögershausen <tboegi@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-15 15:48:38 -08:00
Junio C Hamano
db7b9e3ad3 t4008: modernise style
Update this ancient test script to a more modern style in which the
expected result is prepared inside the body of the test that uses
it.  Also, instead of using $tree, a shell variable, throughout the
test script, create a tag that points at it, to make it easier to
manually debug the test script in its trash directory.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-15 15:38:16 -08:00
Junio C Hamano
bd9150b7e5 t/diff-lib: check exact object names in compare_diff_raw
The "sanitize" helper wanted to strip the similarity and
dissimilarity scores when making comparison, but it was
stripping away the object names as well.

While we do not want to require the exact object names the tests
expect to be maintained, as it would be seen as an extra burden,
this would have prevented us catching a silly bug such as showing
non 0{40} object name on the preimage side of an addition or on the
postimage side of a deletion, because all [0-9a-f]{40} strings were
considered equally OK.

In the longer term, when a test only wants to see the status of the
change without having to worry about object names, it should be
rewritten not to inspect the raw format.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-15 15:38:16 -08:00
Junio C Hamano
459b8d22e5 tests: do not borrow from COPYING and README from the real source
These two files have been modified since the tests started using
as test input, making the exact object names they expect to be
different from what actually happens in the trash repository they
use to run tests.

Instead, take a snapshot of these two files and keep them in
t/diff-lib/ so that we can update the real ones without having to
worry about breaking tests.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-15 15:38:10 -08:00
Junio C Hamano
bb8db1b553 t4010: correct expected object names
The output the test expects is bogus.

It was left unnoticed only because compare_diff_raw, which only
cares about the add/delete/rename/copy was used to check the result.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-15 15:38:10 -08:00
Junio C Hamano
2c0ab4d49d t9300: correct expected object names
The output the test #36 expects is bogus.  There are no blob objects
whose names are 36a590... or 046d037... when this test was run.

It was left unnoticed only because compare_diff_raw, which only
cares about the add/delete/rename/copy was used to check the result.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-15 15:38:09 -08:00
Junio C Hamano
f2b4f0a23b t4008: correct stale comments
A complete rewrite of a single file was originally designed to be
expressed as a deletion immediately followed by a creation of the
same file, and the comments in the test updated here were written to
reflect that design decision made in f345b0a0 (Add -B flag to diff-*
brothers., 2005-05-30).  However, we later realized that a complete
rewrite is merely how a textual diff should be represented at
366175ef (Rework -B output., 2005-06-19), and updated the actual
tests.  But we forgot to update the introductory text while doing
so.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-15 15:38:09 -08:00
Junio C Hamano
cba07bb6ff Merge branch 'jc/push-to-checkout'
Extending the js/push-to-deploy topic, the behaviour of "git push"
when updating the working tree and the index with an update to the
branch that is checked out can be tweaked by push-to-checkout hook.

* jc/push-to-checkout:
  receive-pack: support push-to-checkout hook
  receive-pack: refactor updateInstead codepath
2015-02-11 13:43:56 -08:00
Junio C Hamano
39fa6112ec Merge branch 'sb/atomic-push'
"git push" has been taught a "--atomic" option that makes push to
update more than one ref an "all-or-none" affair.

* sb/atomic-push:
  Document receive.advertiseatomic
  t5543-atomic-push.sh: add basic tests for atomic pushes
  push.c: add an --atomic argument
  send-pack.c: add --atomic command line argument
  send-pack: rename ref_update_to_be_sent to check_to_send_update
  receive-pack.c: negotiate atomic push support
  receive-pack.c: add execute_commands_atomic function
  receive-pack.c: move transaction handling in a central place
  receive-pack.c: move iterating over all commands outside execute_commands
  receive-pack.c: die instead of error in case of possible future bug
  receive-pack.c: shorten the execute_commands loop over all commands
2015-02-11 13:43:51 -08:00
Junio C Hamano
1ba6e860b9 Merge branch 'cj/log-invert-grep'
"git log --invert-grep --grep=WIP" will show only commits that do
not have the string "WIP" in their messages.

* cj/log-invert-grep:
  log: teach --invert-grep option
2015-02-11 13:42:39 -08:00
Junio C Hamano
35d28f32e6 Merge branch 'dk/format-patch-ignore-diff-submodule'
Setting diff.submodule to 'log' made "git format-patch" produce
broken patches.

* dk/format-patch-ignore-diff-submodule:
  format-patch: ignore diff.submodule setting
  t4255: test am submodule with diff.submodule
2015-02-11 13:41:52 -08:00
Junio C Hamano
7706d85453 Merge branch 'ld/p4-exclude-in-sync'
Like the "clone" subcommand, allow excluding subdirectories in the
"sync" subcommand.

* ld/p4-exclude-in-sync:
  git-p4: support excluding paths on sync
2015-02-11 13:38:42 -08:00
Luke Diamand
51334bb094 git-p4: support excluding paths on sync
The clone subcommand has long had support for excluding
subdirectories, but sync has not. This is a nuisance,
since as soon as you do a sync, any changed files that
were initially excluded start showing up.

Move the "exclude" command-line option into the parent
class; the actual behavior was already present there so
it simply had to be exposed.

Signed-off-by: Luke Diamand <luke@diamand.org>
Reviewed-by: Pete Wyckoff <pw@padd.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-11 13:38:29 -08:00
Junio C Hamano
14f563031d Merge branch 'ak/typofixes'
* ak/typofixes:
  t/lib-terminal.sh: fix typo
  pack-bitmap: fix typo
2015-02-11 13:37:39 -08:00
Aleksander Boruch-Gruszecki
204a8ffe67 merge-file: correctly open files when in a subdir
run_setup_gently() is called before merge-file. This may result in changing
current working directory, which wasn't taken into account when opening a file
for writing.

Fix by prepending the passed prefix. Previous var is left so that error
messages keep referring to the file from the user's working directory
perspective.

Signed-off-by: Aleksander Boruch-Gruszecki <aleksander.boruchgruszecki@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-11 11:01:50 -08:00
Junio C Hamano
e0d201b616 apply: do not touch a file beyond a symbolic link
Because Git tracks symbolic links as symbolic links, a path that
has a symbolic link in its leading part (e.g. path/to/dir/file,
where path/to/dir is a symbolic link to somewhere else, be it
inside or outside the working tree) can never appear in a patch
that validly applies, unless the same patch first removes the
symbolic link to allow a directory to be created there.

Detect and reject such a patch.

Things to note:

 - Unfortunately, we cannot reuse the has_symlink_leading_path()
   from dir.c, as that is only about the working tree, but "git
   apply" can be told to apply the patch only to the index or to
   both the index and to the working tree.

 - We cannot directly use has_symlink_leading_path() even when we
   are applying only to the working tree, as an early patch of a
   valid input may remove a symbolic link path/to/dir and then a
   later patch of the input may create a path path/to/dir/file, but
   "git apply" first checks the input without touching either the
   index or the working tree.  The leading symbolic link check must
   be done on the interim result we compute in-core (i.e. after the
   first patch, there is no path/to/dir symbolic link and it is
   perfectly valid to create path/to/dir/file).

   Similarly, when an input creates a symbolic link path/to/dir and
   then creates a file path/to/dir/file, we need to flag it as an
   error without actually creating path/to/dir symbolic link in the
   filesystem.

Instead, for any patch in the input that leaves a path (i.e. a non
deletion) in the result, we check all leading paths against the
resulting tree that the patch would create by inspecting all the
patches in the input and then the target of patch application
(either the index or the working tree).

This way, we catch a mischief or a mistake to add a symbolic link
path/to/dir and a file path/to/dir/file at the same time, while
allowing a valid patch that removes a symbolic link path/to/dir and
then adds a file path/to/dir/file.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-10 14:19:48 -08:00
Junio C Hamano
fdc2c3a926 apply: do not read from beyond a symbolic link
We should reject a patch, whether it renames/copies dir/file to
elsewhere with or without modificiation, or updates dir/file in
place, if "dir/" part is actually a symbolic link to elsewhere,
by making sure that the code to read the preimage does not read
from a path that is beyond a symbolic link.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-10 13:41:39 -08:00
Junio C Hamano
c536c0755f apply: reject input that touches outside the working area
By default, a patch that affects outside the working area (either a
Git controlled working tree, or the current working directory when
"git apply" is used as a replacement of GNU patch) is rejected as a
mistake (or a mischief).  Git itself does not create such a patch,
unless the user bends over backwards and specifies a non-standard
prefix to "git diff" and friends.

When `git apply` is used as a "better GNU patch", the user can pass
the `--unsafe-paths` option to override this safety check. This
option has no effect when `--index` or `--cached` is in use.

The new test was stolen from Jeff King with slight enhancements.
Note that a few new tests for touching outside the working area by
following a symbolic link are still expected to fail at this step,
but will be fixed in later steps.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-10 13:40:20 -08:00
Jonathon Mah
b0a4264277 sha1_file: fix iterating loose alternate objects
The string in 'base' contains a path suffix to a specific object;
when its value is used, the suffix must either be filled (as in
stat_sha1_file, open_sha1_file, check_and_freshen_nonlocal) or
cleared (as in prepare_packed_git) to avoid junk at the end.

660c889e (sha1_file: add for_each iterators for loose and packed
objects, 2014-10-15) introduced loose_from_alt_odb(), but this did
neither and treated 'base' as a complete path to the "base" object
directory, instead of a pointer to the "base" of the full path
string.

The trailing path after 'base' is still initialized to NUL, hiding
the bug in some common cases.  Additionally the descendent
for_each_file_in_obj_subdir() function swallows ENOENT, so an error
only shows if the alternate's path was last filled with a valid
object (where statting /path/to/existing/00/0bjectfile/00 fails).

Signed-off-by: Jonathon Mah <me@JonathonMah.com>
Helped-by: Kyle J. McKay <mackyle@gmail.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-09 14:14:56 -08:00
Jeff King
5e0be134d3 config: do not ungetc EOF
When we are parsing a config value, if we see a carriage
return, we fgetc the next character to see if it is a
line feed (in which case we silently drop the CR). If it
isn't, we then ungetc the character, and take the literal
CR.

But we never check whether we in fact got a character at
all. If the config file ends in CR, we will get EOF here,
and try to ungetc EOF. This works OK for a real stdio
stream. The ungetc returns an error, and the next fgetc will
then return EOF again.

However, our custom buffer-based stream is not so fortunate.
It happily rewinds the position of the stream by one
character, ignoring the fact that we fed it EOF. The next
fgetc call returns the final CR again, over and over, and we
end up in an infinite loop.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-05 12:37:36 -08:00
Patrick Steinhardt
8196e72895 git-submodule.sh: fix '/././' path normalization
When we add a new submodule the path of the submodule is being
normalized. We fail to normalize multiple adjacent '/./', though.
Thus 'path/to/././submodule' will become 'path/to/./submodule' where
it should be 'path/to/submodule' instead.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
Acked-by: Jens Lehmann <Jens.Lehmann@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-02-02 12:35:16 -08:00
Jeff King
1f985d60ef t/lib-gpg: sanity-check that we can actually sign
Some older versions of gpg (reportedly v1.2.6 from RHEL4) cannot
import the keyrings found in our test suite, and thus cannot even
make a signature.  The previous change works it around, but we
cannot anticipate breakages update to GPG would cause in the future.

Do a test-sign before declaring the GPG prerequisite fulfilled
to future-proof our tests.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-01-29 12:35:05 -08:00
Jeff King
830ff021aa t/lib-gpg: include separate public keys in keyring.gpg
Since 1e3eefb (tests: replace binary GPG keyrings with
ASCII-armored keys, 2014-12-12), we import our test GPG keys
from a single file. Each keypair in the import stream
contains both the secret and public keys. However, older
versions of gpg reportedly fail to import the public half of
the key. We can solve this by including duplicates of the
public keys separately. The duplicates are ignored by modern
gpg, and this makes older versions work.

Reported by Tom G. Christensen <tgc@statsbiblioteket.dk> on
gpg 1.2.6 (from RHEL4).

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-01-29 11:56:19 -08:00