Bug: 431552
Change-Id: I469316f5645205016e1fa6b0fbd2ff3b509b14bc
Signed-off-by: Robin Stocker <robin@nibor.org>

If the user provided wrong credentials or credentials changed we
shouldn't give up immediately but retry to get valid credentials from
the credentials provider. Reset the credentials provider if
authentication failed to avoid it reuses wrong credentials in
case it stored them in a persistent store.

Bug: 338048
Bug: 342592
Bug: 427735
Change-Id: Ibd62ef3da17be6454991c43f524c8bbc7ca3c37e
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

JGit wants to control retries during ssh authentication. But JSch by
default already retries 6 times. Hence disable retries in JSch. Without
this the credentials provider isn't reset if e.g. wrong credentials are
specified.

Bug: 430210
Change-Id: I6fa726a14a84b06411e7010608c7a1e2bfb8bfe8

Verifying 100 new objects are fully connected to the existing DAG
is usually very cheap. Checking the entire Linux kernel history is
fully connected when pushing it to a new repository can take 30-60
seconds. Display a progress counter during this time so the client
knows the server is still working.

Change-Id: Iababe3ee1d35cb82f2bef2f12da7a2ecd03282b0

fsck.allowLeadingZeroFileMode may be set true to permit pushing
broken trees with leading '0' in the file mode.

fsck.safeForWindows may be set true to require new trees to have
only file names that are safe on the Windows platform.

fsck.safeForMacOS may be set true to require new trees to have
only file names that do not cause collisions or confusion on the
Mac OS platform.

Change-Id: I1a225c1b3cd13c0d1a0d43fffe79355c501f49b7

git-core configures fsck during fetch using these two variables.
JGit use of fsck in fetch predates the usage in git-core and had
reused receive.fsckobjects, which does not match behavior.

Change-Id: Ie4d5f082258c4b2928c7ecc3780c6363fa587f34

ReceivePack should configure itself with receive.fsckObjects,
and if not defined, transfer.fsckObjects. This is the order
used by git-core.

Change-Id: I41f243633dacb606dbcc3132972f63bbaba174d1

PackParser permits supplying a specific ObjectChecker instance.
Allow this to be passed through ReceivePack, giving the caller
more flexibility to configure the implementation.

Change-Id: I9440dd25588008626222f33bfd697f57c05b439e

PostReceiveHooks can make use of this information to, for example,
update a cached size of the Git repository.

Change-Id: I2bf1200959a50531e2155a7609c96035ba45b10d
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

usable"

This reverts commit 2670fd427c.

By returning an instance of File from the ReceivePack.getPackFile the
abstraction of the persistence implementation was broken.

Change-Id: I28e3ebf3a659a7cbc94be51bba9e1ad338f2b786
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

Having access to the pack file that was created by the ReceivePack
may be useful for post receive hooks. For example, a hook may want
to check the size of the received pack and the created index.

Change-Id: I4d51758e4565d32c9f8892242947eb72644b847d
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

The maxPackSizeLimit, when set, will reject a pack if it exceeds
that limit.

This feature is intended to provide a mechanism to control disk space
quota on Git repositories.

Change-Id: I83d8db670875c395f8171461b402083323e623a5
CQ: 7896

This move avoids that all consumers of org.eclipse.jgit depend on Apache
httpclient. Also add another feature to make this optional for OSGi
consumers as well.

Change-Id: I5ef5e00c53678b9e1d7cfd54bbca3ff6f1c1c967
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

This change implements the http connection abstraction with the help of
org.apache.http.client.HttpClient. The default implementation used by
JGit is still the JDK HttpURLConnection. But now JGit users have the
possibility to switch completely to org.apache.httpclient. The reason
for this is that in certain (e.g. cloud) environments you are forced to
use the org.apache classes.

Change-Id: I0b357f23243ed13a014c79ba179fa327dfe318b2
Signed-off-by: Christian Halstrick <christian.halstrick@sap.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

Previously all HTTP communication was done with the help of
java.net.HttpUrlConnection. In order to make JGit usable in environments
where the direct usage of such connections is not allowed but where the
environment provides other means to get network connections an
abstraction for connections is introduced. The idea is that new
implementations of this interface will be introduced which will not use
java.net.HttpUrlConnection but use e.g.
org.apache.client.http.HttpClient to provide network connections.

One example: certain cloud infrastructures don't allow that components
in the cloud communicate directly with HttpUrlConnection. Instead they
provide services where a component can ask for a connection (given a
symbolic name for the destination) and where the infrastructure returns
a preconfigured org.apache.http.client.HttpClient. In order to allow
JGit to be running in such environments we need the abstraction
introduced in this commit.

Change-Id: I3b06629f90a118bd284e55bb3f6465fe7d10463d
Signed-off-by: Christian Halstrick <christian.halstrick@sap.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

For example with following URL,

  amazon-s3://.jgit@mybucket/foo.git

if ~/.jgit is missing, jgit command will throw a NullPointerException.

With this patch, a reasonable error message will be emitted:

  fatal: Cannot read file /Users/jamesyonan/.jgit

Change-Id: I1d366f2d55e170d2972715c657c8e2d10c8d87d2
Signed-off-by: James Yonan <james@openvpn.net>

Formerly the 4-arg constructor did not do this, which was unfortunate
as that constructor's the only way for an external user of JGit to set
the /type/ of the ref-update - which you might want to do to indicate
that the update is expected to be a UPDATE_NONFASTFORWARD, and thus does
not require expensive isMergedInto() calculations:

http://dev.eclipse.org/mhonarc/lists/jgit-dev/msg02258.html

Change-Id: I84c5e4927131e105bed93e31a62da6367c78de32
Signed-off-by: Roberto Tyley <roberto.tyley@gmail.com>

In certain cases a JGit server updating an existing shallow client
selected a common ancestor that was behind the shallow edge of
the client. This allowed the server to assume the client had some
objects it did not have and allowed creation of pack deltas the
client could never inflate.

Any commit the client has advertised as shallow must be treated
by UploadPack server as though it has no parents. With no parents
the walker cannot visit graph history the client does not have,
and PackWriter cannot consider delta base candidates the client
is lacking.

Change-Id: I4922b9354df9f490966a586fb693762e897345a2

Change-Id: Ic4fabec818d6fe336d3256ddc95934271272914a
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

This avoids the server from referencing the client code directly.

Change-Id: Ie6ade781b5a689646ad8b0b2988ef2b544412195

This allows subclasses to configure the HTTP connection (for example,
to add headers to the request).

Bug: 400724
Change-Id: I6f9d699e158a7b9d813c8fa8d273992a28994e41
Signed-off-by: Michael Nelson <michael.nelson@tasktop.com>
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>

Change-Id: I1e5bea968b3c79df4f600b75fde5b547ebadde36
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

IOException did not add a (String, Throwable) constructor until 1.5.
Instead use the String super constructor and initCause to initialize
the exception.

Fixes bug 418889

Change-Id: Ide735ecfc7d04884981b79b57a4275863ce17006

ServiceMayNotContinueException usually wraps an underlying exception.
Add convenience constructors that take Throwable. In the case a
string is not provided, the message defaults to "internal server error",
since it may be reported to the client.

Change-Id: I15dc20306826c352f69e88afb7ed6927c12b6c1f

Currently, Repository.getAllRefs() and Repository.getTags() silently
ignores an IOException and instead returns an empty map. Repository
is a public API and as such cannot be changed until the next major
revision change. Where possible, update the internal jgit APIs to
use the RefDatabase directly, since it propagates the error.

Change-Id: I4e4537d8bd0fa772f388262684c5c4ca1929dc4c

The original code was able to process only one WWW-Authenticate
header in an HTTP response, and if this header was not one of
two expected, authentication failed regardless of that there
could be other headers in the response.

All WWW-Authenticate headers in an HTTP response have to be
browsed to find one of supported, i.e. Basic or Digest.
By that if both are present, the Digest one should be used
as more preferable.

Bug: 357719
Change-Id: Icf601a41fec63f7d40308f3c85aaa4f71a7c095b
Signed-off-by: Alex Rukhlin <arukhlin@microsoft.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

Change-Id: I5e80b3befca5cf1dcb06075862d6d48e6491cc0f

Change-Id: I9754e2124c0fe6ad2dbde5597c3ed10f1c3efef5
Signed-off-by: Lars Vogel <Lars.Vogel@gmail.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

With reference hiding, it is possible for a repository to appear
empty when all refs are hidden. This causes capabilities to not be
advertised either, since they are published with the first reference,
breaking fetch by SHA1 support.

Always advertise the capabilites by publishing the symbolic capabilities
reference when the repository has no references to advertise (similar to
the receive service).

Change-Id: I8060e430ee03571dc51239e702864c85e888505c

UploadPack can be invoked with no capabilities selected by the
client if the client is an ancient version of Git that nobody in
their right mind should still be using. Or if the client is very
broken and does not want to use any of the newer features added to
the protocol since its inception.

Change-Id: I3baa6f90e6a41a37a8eab8449a3cc41f4efcb91a

The NullProgressMonitor does not report progress anywhere. Inform the
server not to send progress by enabling the no-progress capability.

Change-Id: Id18dbc754c814d1a5534a284c947030bf201c569

Instead of RevObject list, this allows a custom request validator to be called
on SHA-1's corresponding to objects that may not exist in repository storage

Change-Id: I19bb667beff0d0c144150a61d7a1dc6c9703be7f
Signed-off-by: Greg Hill <greghill@google.com>

Can be used for listing remote refs for a repository on the file system
without having a local repository.

Bug: 413400
Change-Id: I397f5092c5eafb62236e9f9e74d9183f56903cc6
Signed-off-by: Robin Stocker <robin@nibor.org>
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>

Setting the walk and other fields to null will result in NPEs when the
user e.g. calls fetch on the connection, but at least the advertised
refs can be read like that without having a local repository.

Bug: 413389
Change-Id: I39c8363e81a1c7e6cb3412ba88542ead669e69ed
Signed-off-by: Robin Stocker <robin@nibor.org>
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>

Change-Id: I2d1076b46695dac84961b8ae663bfc5cb123b3a3
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>

Change-Id: I6f672249d7ca014c63fb939cd0836689eb27ab90
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

Make the existing concrete implementations public as well so custom
implementations may delegate to them where appropriate. Treat all custom
implementations as providing allow-tip-sha1 in want.

Change-Id: If386fe25c0d3b4551a97c16a22350714453b03e9

Associate each RequestPolicy with an implementation of a
RequestValidator interface that contains the validation logic. The
checkWants method is only called if there are wants that were not
advertised, since clients may always request any advertised want
according to the git protocol. Calling the method only once at the
end of parsing the want list also means policy implementations can be
stateful, unlike the previous switch statement inside a loop.

For the special handling of unidirectional pipes, simply check
isBiDirectional() and delegate to other implementations if necessary.

Change-Id: I52a174999ac3a5aca46d3469cb0b81edd1710580

Teach TransportConfig to respect uploadpack.hiderefs, which is new in
C git 1.8.2.

Change-Id: Id12e7f00b9a60258e996410f67fa10616459f53f

C git 1.8.2 supports setting the equivalent of RequestPolicy.TIP with
uploadpack.allowtipsha1. Parse this into TransportConfig and use it
from UploadPack. An explicitly set RequestPolicy overrides the config,
and the policy may still be upgraded on a unidirectional connection to
avoid races.

Defer figuring out the effective RequestPolicy to later in the
process. This is a minor semantic change to fix a bug: previously,
calling setRequestPolicy(ADVERTISED) _after_ calling
setBiDirectionalPipe(true) would have reintroduced the race condition
otherwise fixed by 01888db892.

Change-Id: I264e028a76574434cecb34904d9f5944b290df78

This protocol capability, new in C git 1.8.2, corresponds to
RequestPolicy.TIP, so advertise it if that request policy was set.

Change-Id: I0d52af8a7747e951a87f060a5124f822ce1b2b26

Users of UploadPack may set a custom RefFilter or AdvertisedRefsHook
that limits which refs are advertised, but clients may learn of a
SHA-1 that the server should have as a ref tip through some
alternative means. Support serving such objects from the server side
with a new RequestPolicy.

As with ADVERTISED, we need a special relaxed RequestPolicy to allow
commits reachable from the set of valid tips for unidirectional
connections.

Change-Id: I0d0cc4f8ee04d265e5be8221b9384afb1b374315

The original code was able to process only one WWW-Authenticate
header in an HTTP response, and if this header was not one of
two expected, authentication failed regardless of that there
could be other headers in the response.

All WWW-Authenticate headers in an HTTP response have to be
browsed to find one of supported, i.e. Basic or Digest.
By that if both are present, the Digest one should be used
as more preferable.

Bug: 357719
Change-Id: Icf601a41fec63f7d40308f3c85aaa4f71a7c095b
Signed-off-by: Alex Rukhlin <arukhlin@microsoft.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

Change-Id: I5e80b3befca5cf1dcb06075862d6d48e6491cc0f

Change-Id: I7f2c155cab4b5be55f7e849ff2595c8c5d804f05
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

The following refspec, which can be used to fetch GitHub pull requests,
is supported by C Git but was not yet by JGit:

  +refs/pull/*/head:refs/remotes/origin/pr/*

The reason is that the wildcard in the source is in the middle.

This change also includes more validation (e.g. "refs//heads" is not
valid) and test cases.

Bug: 405099
Change-Id: I9bcef7785a0762ed0a98ca95a0bdf8879d5702aa

Change-Id: I9304cb3a6502ceb0cba21eb841e466f932ab3c01

The stream should not throw IllegalStateException if it is off.
Flush the stream after the hook runs, in case any messages need
to be sent ahead of the pack.

Change-Id: I21c7a0258ab1308406d226293fa0e7da69b4f57b

Before transmitting to the client a hook may want to send along
a text message ahead of the pack, such as a "message of the day".
Enable this usage by mirroring the message sending API from
ReceivePack on the UploadPack instance, using the side band.

Change-Id: I31cd254a4ddb816641397a3e9c2c20212471c37f

When either --tags or a tag ref is explicitly specified on fetch, C Git
updates existing local tags if they are different.

Before this change, JGit returned REJECTED in such a case. Now it
updates it and returns FORCED.

Example:

    % mkdir a
    % cd a
    % git init -q
    % touch test.txt
    % git add test.txt
    % git commit -q -m 'Initial'
    % git tag v1
    % cd ..
    % git clone -q a b
    % cd a
    % echo Test > test.txt
    % git commit -q -a -m 'Second'
    % git tag -f v1
    Updated tag 'v1' (was bc85c08)
    % cd ../b
    % git fetch --tags
     - [tag update]      v1         -> v1

Bug: 388095
Change-Id: I5d5494c2ad1a2cdb8e9e614d3de445289734edfe