diff --git a/cmake/SelectHTTPSBackend.cmake b/cmake/SelectHTTPSBackend.cmake index 0316b3a1c..f7d46c0da 100644 --- a/cmake/SelectHTTPSBackend.cmake +++ b/cmake/SelectHTTPSBackend.cmake @@ -48,7 +48,7 @@ if(USE_HTTPS) message(FATAL_ERROR "Cannot use SecureTransport backend, SSLCreateContext not supported") endif() - set(GIT_SECURE_TRANSPORT 1) + set(GIT_HTTPS_SECURETRANSPORT 1) list(APPEND LIBGIT2_SYSTEM_INCLUDES ${SECURITY_INCLUDE_DIR}) list(APPEND LIBGIT2_SYSTEM_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS}) list(APPEND LIBGIT2_PC_LIBS ${COREFOUNDATION_LDFLAGS} ${SECURITY_LDFLAGS}) @@ -57,7 +57,7 @@ if(USE_HTTPS) message(FATAL_ERROR "Asked for OpenSSL TLS backend, but it wasn't found") endif() - set(GIT_OPENSSL 1) + set(GIT_HTTPS_OPENSSL 1) list(APPEND LIBGIT2_SYSTEM_INCLUDES ${OPENSSL_INCLUDE_DIR}) list(APPEND LIBGIT2_SYSTEM_LIBS ${OPENSSL_LIBRARIES}) # Static OpenSSL (lib crypto.a) requires libdl, include it explicitly @@ -102,13 +102,12 @@ if(USE_HTTPS) if(CERT_LOCATION) if(NOT EXISTS ${CERT_LOCATION}) - message(FATAL_ERROR "Cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist") + message(FATAL_ERROR "cannot use CERT_LOCATION=${CERT_LOCATION} as it doesn't exist") endif() - add_feature_info(CERT_LOCATION ON "using certificates from ${CERT_LOCATION}") add_definitions(-DGIT_DEFAULT_CERT_LOCATION="${CERT_LOCATION}") endif() - set(GIT_MBEDTLS 1) + set(GIT_HTTPS_MBEDTLS 1) list(APPEND LIBGIT2_SYSTEM_INCLUDES ${MBEDTLS_INCLUDE_DIR}) list(APPEND LIBGIT2_SYSTEM_LIBS ${MBEDTLS_LIBRARIES}) # mbedTLS has no pkgconfig file, hence we can't require it @@ -116,12 +115,12 @@ if(USE_HTTPS) # For now, pass its link flags as our own list(APPEND LIBGIT2_PC_LIBS ${MBEDTLS_LIBRARIES}) elseif(USE_HTTPS STREQUAL "Schannel") - set(GIT_SCHANNEL 1) + set(GIT_HTTPS_SCHANNEL 1) list(APPEND LIBGIT2_SYSTEM_LIBS "rpcrt4" "crypt32" "ole32") list(APPEND LIBGIT2_PC_LIBS "-lrpcrt4" "-lcrypt32" "-lole32") elseif(USE_HTTPS STREQUAL "WinHTTP") - set(GIT_WINHTTP 1) + set(GIT_HTTPS_WINHTTP 1) # Since MinGW does not come with headers or an import library for winhttp, # we have to include a private header and generate our own import library @@ -137,16 +136,20 @@ if(USE_HTTPS) list(APPEND LIBGIT2_SYSTEM_LIBS "rpcrt4" "crypt32" "ole32") list(APPEND LIBGIT2_PC_LIBS "-lrpcrt4" "-lcrypt32" "-lole32") elseif(USE_HTTPS STREQUAL "OpenSSL-Dynamic") - set(GIT_OPENSSL 1) - set(GIT_OPENSSL_DYNAMIC 1) + set(GIT_HTTPS_OPENSSL_DYNAMIC 1) list(APPEND LIBGIT2_SYSTEM_LIBS dl) else() message(FATAL_ERROR "unknown HTTPS backend: ${USE_HTTPS}") endif() set(GIT_HTTPS 1) - add_feature_info(HTTPS GIT_HTTPS "using ${USE_HTTPS}") + + if(USE_HTTPS STREQUAL "mbedTLS" AND CERT_LOCATION) + add_feature_info("HTTPS" GIT_HTTPS "using ${USE_HTTPS} (certificate location: ${CERT_LOCATION})") + else() + add_feature_info("HTTPS" GIT_HTTPS "using ${USE_HTTPS}") + endif() else() set(GIT_HTTPS 0) - add_feature_info(HTTPS NO "HTTPS support is disabled") + add_feature_info("HTTPS" NO "HTTPS support is disabled") endif() diff --git a/cmake/SelectHashes.cmake b/cmake/SelectHashes.cmake index 6f6e0f056..b5180d2fd 100644 --- a/cmake/SelectHashes.cmake +++ b/cmake/SelectHashes.cmake @@ -34,7 +34,6 @@ elseif(USE_SHA1 STREQUAL "OpenSSL") elseif(USE_SHA1 STREQUAL "OpenSSL-FIPS") set(GIT_SHA1_OPENSSL_FIPS 1) elseif(USE_SHA1 STREQUAL "OpenSSL-Dynamic") - set(GIT_SHA1_OPENSSL 1) set(GIT_SHA1_OPENSSL_DYNAMIC 1) list(APPEND LIBGIT2_SYSTEM_LIBS dl) elseif(USE_SHA1 STREQUAL "CommonCrypto") @@ -80,7 +79,6 @@ elseif(USE_SHA256 STREQUAL "OpenSSL") elseif(USE_SHA256 STREQUAL "OpenSSL-FIPS") set(GIT_SHA256_OPENSSL_FIPS 1) elseif(USE_SHA256 STREQUAL "OpenSSL-Dynamic") - set(GIT_SHA256_OPENSSL 1) set(GIT_SHA256_OPENSSL_DYNAMIC 1) list(APPEND LIBGIT2_SYSTEM_LIBS dl) elseif(USE_SHA256 STREQUAL "CommonCrypto") diff --git a/src/libgit2/libgit2.c b/src/libgit2/libgit2.c index 4bdb6ba6e..37e0bd012 100644 --- a/src/libgit2/libgit2.c +++ b/src/libgit2/libgit2.c @@ -126,17 +126,17 @@ const char *git_libgit2_feature_backend(git_feature_t feature) break; case GIT_FEATURE_HTTPS: -#if defined(GIT_HTTPS) && defined(GIT_OPENSSL) +#if defined(GIT_HTTPS_OPENSSL) return "openssl"; -#elif defined(GIT_HTTPS) && defined(GIT_OPENSSL_DYNAMIC) +#elif defined(GIT_HTTPS_OPENSSL_DYNAMIC) return "openssl-dynamic"; -#elif defined(GIT_HTTPS) && defined(GIT_MBEDTLS) +#elif defined(GIT_HTTPS_MBEDTLS) return "mbedtls"; -#elif defined(GIT_HTTPS) && defined(GIT_SECURE_TRANSPORT) +#elif defined(GIT_HTTPS_SECURETRANSPORT) return "securetransport"; -#elif defined(GIT_HTTPS) && defined(GIT_SCHANNEL) +#elif defined(GIT_HTTPS_SCHANNEL) return "schannel"; -#elif defined(GIT_HTTPS) && defined(GIT_WINHTTP) +#elif defined(GIT_HTTPS_WINHTTP) return "winhttp"; #elif defined(GIT_HTTPS) GIT_ASSERT_WITH_RETVAL(!"Unknown HTTPS backend", NULL); diff --git a/src/libgit2/settings.c b/src/libgit2/settings.c index f4c2453a4..5c7c9cb15 100644 --- a/src/libgit2/settings.c +++ b/src/libgit2/settings.c @@ -204,13 +204,13 @@ int git_libgit2_opts(int key, ...) break; case GIT_OPT_SET_SSL_CERT_LOCATIONS: -#ifdef GIT_OPENSSL +#if defined(GIT_HTTPS_OPENSSL) || defined(GIT_HTTPS_OPENSSL_DYNAMIC) { const char *file = va_arg(ap, const char *); const char *path = va_arg(ap, const char *); error = git_openssl__set_cert_location(file, path); } -#elif defined(GIT_MBEDTLS) +#elif defined(GIT_HTTPS_MBEDTLS) { const char *file = va_arg(ap, const char *); const char *path = va_arg(ap, const char *); @@ -223,7 +223,7 @@ int git_libgit2_opts(int key, ...) break; case GIT_OPT_ADD_SSL_X509_CERT: -#ifdef GIT_OPENSSL +#if defined(GIT_HTTPS_OPENSSL) || defined(GIT_HTTPS_OPENSSL_DYNAMIC) { X509 *cert = va_arg(ap, X509 *); error = git_openssl__add_x509_cert(cert); @@ -303,7 +303,9 @@ int git_libgit2_opts(int key, ...) break; case GIT_OPT_SET_SSL_CIPHERS: -#if (GIT_OPENSSL || GIT_MBEDTLS) +#if defined(GIT_HTTPS_OPENSSL) || \ + defined(GIT_HTTPS_OPENSSL_DYNAMIC) || \ + defined(GIT_HTTPS_MBEDTLS) { git__free(git__ssl_ciphers); git__ssl_ciphers = git__strdup(va_arg(ap, const char *)); diff --git a/src/libgit2/streams/mbedtls.c b/src/libgit2/streams/mbedtls.c index a3839c2ce..ccf0f1103 100644 --- a/src/libgit2/streams/mbedtls.c +++ b/src/libgit2/streams/mbedtls.c @@ -7,7 +7,7 @@ #include "streams/mbedtls.h" -#ifdef GIT_MBEDTLS +#ifdef GIT_HTTPS_MBEDTLS #include diff --git a/src/libgit2/streams/mbedtls.h b/src/libgit2/streams/mbedtls.h index bcca6dd40..76c0627a2 100644 --- a/src/libgit2/streams/mbedtls.h +++ b/src/libgit2/streams/mbedtls.h @@ -13,7 +13,7 @@ extern int git_mbedtls_stream_global_init(void); -#ifdef GIT_MBEDTLS +#ifdef GIT_HTTPS_MBEDTLS extern int git_mbedtls__set_cert_location(const char *file, const char *path); extern int git_mbedtls_stream_new(git_stream **out, const char *host, const char *port); diff --git a/src/libgit2/streams/openssl.c b/src/libgit2/streams/openssl.c index ca64e460b..f12b699f9 100644 --- a/src/libgit2/streams/openssl.c +++ b/src/libgit2/streams/openssl.c @@ -9,7 +9,7 @@ #include "streams/openssl_legacy.h" #include "streams/openssl_dynamic.h" -#ifdef GIT_OPENSSL +#if defined(GIT_HTTPS_OPENSSL) || defined(GIT_HTTPS_OPENSSL_DYNAMIC) #include @@ -29,7 +29,7 @@ # include #endif -#ifndef GIT_OPENSSL_DYNAMIC +#ifndef GIT_HTTPS_OPENSSL_DYNAMIC # include # include # include @@ -64,7 +64,7 @@ static void shutdown_ssl(void) } #ifdef VALGRIND -# if !defined(GIT_OPENSSL_LEGACY) && !defined(GIT_OPENSSL_DYNAMIC) +# if !defined(GIT_HTTPS_OPENSSL_LEGACY) && !defined(GIT_HTTPS_OPENSSL_DYNAMIC) static void *git_openssl_malloc(size_t bytes, const char *file, int line) { @@ -86,7 +86,7 @@ static void git_openssl_free(void *mem, const char *file, int line) GIT_UNUSED(line); git__free(mem); } -# else /* !GIT_OPENSSL_LEGACY && !GIT_OPENSSL_DYNAMIC */ +# else /* !GIT_HTTPS_OPENSSL_LEGACY && !GIT_HTTPS_OPENSSL_DYNAMIC */ static void *git_openssl_malloc(size_t bytes) { return git__calloc(1, bytes); @@ -101,7 +101,7 @@ static void git_openssl_free(void *mem) { git__free(mem); } -# endif /* !GIT_OPENSSL_LEGACY && !GIT_OPENSSL_DYNAMIC */ +# endif /* !GIT_HTTPS_OPENSSL_LEGACY && !GIT_HTTPS_OPENSSL_DYNAMIC */ #endif /* VALGRIND */ static int openssl_init(void) @@ -181,7 +181,7 @@ bool openssl_initialized; int git_openssl_stream_global_init(void) { -#ifndef GIT_OPENSSL_DYNAMIC +#ifndef GIT_HTTPS_OPENSSL_DYNAMIC return openssl_init(); #else if (git_mutex_init(&openssl_mutex) != 0) @@ -193,7 +193,7 @@ int git_openssl_stream_global_init(void) static int openssl_ensure_initialized(void) { -#ifdef GIT_OPENSSL_DYNAMIC +#ifdef GIT_HTTPS_OPENSSL_DYNAMIC int error = 0; if (git_mutex_lock(&openssl_mutex) != 0) @@ -214,7 +214,7 @@ static int openssl_ensure_initialized(void) #endif } -#if !defined(GIT_OPENSSL_LEGACY) && !defined(GIT_OPENSSL_DYNAMIC) +#if !defined(GIT_HTTPS_OPENSSL_LEGACY) && !defined(GIT_HTTPS_OPENSSL_DYNAMIC) int git_openssl_set_locking(void) { # ifdef GIT_THREADS diff --git a/src/libgit2/streams/openssl.h b/src/libgit2/streams/openssl.h index a3ef1a933..2a5f04099 100644 --- a/src/libgit2/streams/openssl.h +++ b/src/libgit2/streams/openssl.h @@ -15,14 +15,14 @@ extern int git_openssl_stream_global_init(void); -#if defined(GIT_OPENSSL) && !defined(GIT_OPENSSL_DYNAMIC) +#if defined(GIT_HTTPS_OPENSSL) # include # include # include # include # endif -#ifdef GIT_OPENSSL +#if defined(GIT_HTTPS_OPENSSL) || defined(GIT_HTTPS_OPENSSL_DYNAMIC) extern int git_openssl__set_cert_location(const char *file, const char *path); extern int git_openssl__add_x509_cert(X509 *cert); extern int git_openssl__reset_context(void); diff --git a/src/libgit2/streams/openssl_dynamic.c b/src/libgit2/streams/openssl_dynamic.c index fe679526f..3ab292073 100644 --- a/src/libgit2/streams/openssl_dynamic.c +++ b/src/libgit2/streams/openssl_dynamic.c @@ -8,7 +8,7 @@ #include "streams/openssl.h" #include "streams/openssl_dynamic.h" -#if defined(GIT_OPENSSL) && defined(GIT_OPENSSL_DYNAMIC) +#ifdef GIT_HTTPS_OPENSSL_DYNAMIC #include "runtime.h" @@ -128,7 +128,8 @@ int git_openssl_stream_dynamic_init(void) (openssl_handle = dlopen("libssl.so.1.0.0", RTLD_NOW)) == NULL && (openssl_handle = dlopen("libssl.1.0.0.dylib", RTLD_NOW)) == NULL && (openssl_handle = dlopen("libssl.so.10", RTLD_NOW)) == NULL && - (openssl_handle = dlopen("libssl.so.3", RTLD_NOW)) == NULL) { + (openssl_handle = dlopen("libssl.so.3", RTLD_NOW)) == NULL && + (openssl_handle = dlopen("libssl.3.dylib", RTLD_NOW)) == NULL) { git_error_set(GIT_ERROR_SSL, "could not load ssl libraries"); return -1; } @@ -314,4 +315,4 @@ void GENERAL_NAMES_free(GENERAL_NAME *sk) sk_free(sk); } -#endif /* GIT_OPENSSL && GIT_OPENSSL_DYNAMIC */ +#endif /* GIT_HTTPS_OPENSSL_DYNAMIC */ diff --git a/src/libgit2/streams/openssl_dynamic.h b/src/libgit2/streams/openssl_dynamic.h index 0d7ef0f2a..07a650b91 100644 --- a/src/libgit2/streams/openssl_dynamic.h +++ b/src/libgit2/streams/openssl_dynamic.h @@ -149,7 +149,7 @@ #ifndef INCLUDE_streams_openssl_dynamic_h__ #define INCLUDE_streams_openssl_dynamic_h__ -#ifdef GIT_OPENSSL_DYNAMIC +#ifdef GIT_HTTPS_OPENSSL_DYNAMIC # define BIO_CTRL_FLUSH 11 @@ -348,6 +348,6 @@ extern void GENERAL_NAMES_free(GENERAL_NAME *sk); extern int git_openssl_stream_dynamic_init(void); -#endif /* GIT_OPENSSL_DYNAMIC */ +#endif /* GIT_HTTPS_OPENSSL_DYNAMIC */ #endif diff --git a/src/libgit2/streams/openssl_legacy.c b/src/libgit2/streams/openssl_legacy.c index e61e6efbb..7d361263f 100644 --- a/src/libgit2/streams/openssl_legacy.c +++ b/src/libgit2/streams/openssl_legacy.c @@ -11,14 +11,14 @@ #include "runtime.h" #include "git2/sys/openssl.h" -#if defined(GIT_OPENSSL) && !defined(GIT_OPENSSL_DYNAMIC) +#if defined(GIT_HTTPS_OPENSSL) && !defined(GIT_HTTPS_OPENSSL_DYNAMIC) # include # include # include # include #endif -#if defined(GIT_OPENSSL_LEGACY) || defined(GIT_OPENSSL_DYNAMIC) +#if defined(GIT_HTTPS_OPENSSL_LEGACY) || defined(GIT_HTTPS_OPENSSL_DYNAMIC) /* * OpenSSL 1.1 made BIO opaque so we have to use functions to interact with it @@ -173,7 +173,7 @@ int git_openssl_set_locking(void) return -1; #endif -#ifdef GIT_OPENSSL_DYNAMIC +#ifdef GIT_HTTPS_OPENSSL_DYNAMIC /* * This function is required on legacy versions of OpenSSL; when building * with dynamically-loaded OpenSSL, we detect whether we loaded it or not. @@ -200,4 +200,4 @@ int git_openssl_set_locking(void) } #endif /* GIT_THREADS */ -#endif /* GIT_OPENSSL_LEGACY || GIT_OPENSSL_DYNAMIC */ +#endif /* GIT_HTTPS_OPENSSL_LEGACY || GIT_HTTPS_OPENSSL_DYNAMIC */ diff --git a/src/libgit2/streams/openssl_legacy.h b/src/libgit2/streams/openssl_legacy.h index e6dae9572..205c984ad 100644 --- a/src/libgit2/streams/openssl_legacy.h +++ b/src/libgit2/streams/openssl_legacy.h @@ -9,7 +9,7 @@ #include "streams/openssl_dynamic.h" -#if defined(GIT_OPENSSL) && !defined(GIT_OPENSSL_DYNAMIC) +#if defined(GIT_HTTPS_OPENSSL) && !defined(GIT_HTTPS_OPENSSL_DYNAMIC) # include # include # include @@ -17,11 +17,11 @@ # if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L) || \ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L) -# define GIT_OPENSSL_LEGACY +# define GIT_HTTPS_OPENSSL_LEGACY # endif #endif -#if defined(GIT_OPENSSL_LEGACY) && !defined(GIT_OPENSSL_DYNAMIC) +#if defined(GIT_HTTPS_OPENSSL_LEGACY) && !defined(GIT_HTTPS_OPENSSL_DYNAMIC) # define OPENSSL_init_ssl OPENSSL_init_ssl__legacy # define BIO_meth_new BIO_meth_new__legacy # define BIO_meth_free BIO_meth_free__legacy @@ -39,7 +39,7 @@ # define ASN1_STRING_get0_data ASN1_STRING_get0_data__legacy #endif -#if defined(GIT_OPENSSL_LEGACY) || defined(GIT_OPENSSL_DYNAMIC) +#if defined(GIT_HTTPS_OPENSSL_LEGACY) || defined(GIT_HTTPS_OPENSSL_DYNAMIC) extern int OPENSSL_init_ssl__legacy(uint64_t opts, const void *settings); extern BIO_METHOD *BIO_meth_new__legacy(int type, const char *name); diff --git a/src/libgit2/streams/schannel.c b/src/libgit2/streams/schannel.c index f09615819..062758a25 100644 --- a/src/libgit2/streams/schannel.c +++ b/src/libgit2/streams/schannel.c @@ -7,7 +7,7 @@ #include "streams/schannel.h" -#ifdef GIT_SCHANNEL +#ifdef GIT_HTTPS_SCHANNEL #define SECURITY_WIN32 diff --git a/src/libgit2/streams/schannel.h b/src/libgit2/streams/schannel.h index 3584970d1..153bdbf96 100644 --- a/src/libgit2/streams/schannel.h +++ b/src/libgit2/streams/schannel.h @@ -11,7 +11,7 @@ #include "git2/sys/stream.h" -#ifdef GIT_SCHANNEL +#ifdef GIT_HTTPS_SCHANNEL extern int git_schannel_stream_new( git_stream **out, diff --git a/src/libgit2/streams/stransport.c b/src/libgit2/streams/stransport.c index 2d4cc55b5..3dbc403b7 100644 --- a/src/libgit2/streams/stransport.c +++ b/src/libgit2/streams/stransport.c @@ -7,7 +7,7 @@ #include "streams/stransport.h" -#ifdef GIT_SECURE_TRANSPORT +#ifdef GIT_HTTPS_SECURETRANSPORT #include #include diff --git a/src/libgit2/streams/stransport.h b/src/libgit2/streams/stransport.h index 1026e204b..e1b936b53 100644 --- a/src/libgit2/streams/stransport.h +++ b/src/libgit2/streams/stransport.h @@ -11,7 +11,7 @@ #include "git2/sys/stream.h" -#ifdef GIT_SECURE_TRANSPORT +#ifdef GIT_HTTPS_SECURETRANSPORT extern int git_stransport_stream_new(git_stream **out, const char *host, const char *port); extern int git_stransport_stream_wrap(git_stream **out, git_stream *in, const char *host); diff --git a/src/libgit2/streams/tls.c b/src/libgit2/streams/tls.c index 246ac9ca7..47ef2689f 100644 --- a/src/libgit2/streams/tls.c +++ b/src/libgit2/streams/tls.c @@ -28,13 +28,14 @@ int git_tls_stream_new(git_stream **out, const char *host, const char *port) if ((error = git_stream_registry_lookup(&custom, GIT_STREAM_TLS)) == 0) { init = custom.init; } else if (error == GIT_ENOTFOUND) { -#ifdef GIT_SECURE_TRANSPORT +#if defined(GIT_HTTPS_SECURETRANSPORT) init = git_stransport_stream_new; -#elif defined(GIT_OPENSSL) +#elif defined(GIT_HTTPS_OPENSSL) || \ + defined(GIT_HTTPS_OPENSSL_DYNAMIC) init = git_openssl_stream_new; -#elif defined(GIT_MBEDTLS) +#elif defined(GIT_HTTPS_MBEDTLS) init = git_mbedtls_stream_new; -#elif defined(GIT_SCHANNEL) +#elif defined(GIT_HTTPS_SCHANNEL) init = git_schannel_stream_new; #endif } else { @@ -60,13 +61,14 @@ int git_tls_stream_wrap(git_stream **out, git_stream *in, const char *host) if (git_stream_registry_lookup(&custom, GIT_STREAM_TLS) == 0) { wrap = custom.wrap; } else { -#ifdef GIT_SECURE_TRANSPORT +#if defined(GIT_HTTPS_SECURETRANSPORT) wrap = git_stransport_stream_wrap; -#elif defined(GIT_OPENSSL) +#elif defined(GIT_HTTPS_OPENSSL) || \ + defined(GIT_HTTPS_OPENSSL_DYNAMIC) wrap = git_openssl_stream_wrap; -#elif defined(GIT_MBEDTLS) +#elif defined(GIT_HTTPS_MBEDTLS) wrap = git_mbedtls_stream_wrap; -#elif defined(GIT_SCHANNEL) +#elif defined(GIT_HTTPS_SCHANNEL) wrap = git_schannel_stream_wrap; #endif } diff --git a/src/libgit2/transports/auth_ntlm.h b/src/libgit2/transports/auth_ntlm.h index b6610d940..d83d1c4cd 100644 --- a/src/libgit2/transports/auth_ntlm.h +++ b/src/libgit2/transports/auth_ntlm.h @@ -15,14 +15,6 @@ #if defined(GIT_AUTH_NTLM) -#if defined(GIT_OPENSSL) -# define CRYPT_OPENSSL -#elif defined(GIT_MBEDTLS) -# define CRYPT_MBEDTLS -#elif defined(GIT_SECURE_TRANSPORT) -# define CRYPT_COMMONCRYPTO -#endif - extern int git_http_auth_ntlm( git_http_auth_context **out, const git_net_url *url); diff --git a/src/libgit2/transports/http.c b/src/libgit2/transports/http.c index ea8199520..923a825fa 100644 --- a/src/libgit2/transports/http.c +++ b/src/libgit2/transports/http.c @@ -7,7 +7,7 @@ #include "common.h" -#ifndef GIT_WINHTTP +#ifndef GIT_HTTPS_WINHTTP #include "net.h" #include "remote.h" @@ -762,4 +762,4 @@ int git_smart_subtransport_http(git_smart_subtransport **out, git_transport *own return 0; } -#endif /* !GIT_WINHTTP */ +#endif /* !GIT_HTTPS_WINHTTP */ diff --git a/src/libgit2/transports/winhttp.c b/src/libgit2/transports/winhttp.c index b83ef990d..7141c2846 100644 --- a/src/libgit2/transports/winhttp.c +++ b/src/libgit2/transports/winhttp.c @@ -7,7 +7,7 @@ #include "common.h" -#ifdef GIT_WINHTTP +#ifdef GIT_HTTPS_WINHTTP #include "git2.h" #include "git2/transport.h" @@ -1715,4 +1715,4 @@ int git_smart_subtransport_http(git_smart_subtransport **out, git_transport *own return 0; } -#endif /* GIT_WINHTTP */ +#endif /* GIT_HTTPS_WINHTTP */ diff --git a/src/util/git2_features.h.in b/src/util/git2_features.h.in index cd6bfc54c..02a5c8113 100644 --- a/src/util/git2_features.h.in +++ b/src/util/git2_features.h.in @@ -49,13 +49,13 @@ #cmakedefine GIT_AUTH_NEGOTIATE_GSSAPI 1 #cmakedefine GIT_AUTH_NEGOTIATE_SSPI 1 -#cmakedefine GIT_WINHTTP 1 #cmakedefine GIT_HTTPS 1 -#cmakedefine GIT_OPENSSL 1 -#cmakedefine GIT_OPENSSL_DYNAMIC 1 -#cmakedefine GIT_SECURE_TRANSPORT 1 -#cmakedefine GIT_MBEDTLS 1 -#cmakedefine GIT_SCHANNEL 1 +#cmakedefine GIT_HTTPS_OPENSSL 1 +#cmakedefine GIT_HTTPS_OPENSSL_DYNAMIC 1 +#cmakedefine GIT_HTTPS_SECURETRANSPORT 1 +#cmakedefine GIT_HTTPS_MBEDTLS 1 +#cmakedefine GIT_HTTPS_SCHANNEL 1 +#cmakedefine GIT_HTTPS_WINHTTP 1 #cmakedefine GIT_HTTPPARSER_HTTPPARSER 1 #cmakedefine GIT_HTTPPARSER_LLHTTP 1 diff --git a/src/util/hash/openssl.c b/src/util/hash/openssl.c index 1ed1b4409..8d58cfbc1 100644 --- a/src/util/hash/openssl.c +++ b/src/util/hash/openssl.c @@ -7,7 +7,7 @@ #include "openssl.h" -#ifdef GIT_OPENSSL_DYNAMIC +#if defined(GIT_SHA1_OPENSSL_DYNAMIC) || defined(GIT_SHA256_OPENSSL_DYNAMIC) # include static int handle_count; @@ -31,7 +31,8 @@ static int git_hash_openssl_global_init(void) (openssl_handle = dlopen("libssl.so.1.0.0", RTLD_NOW)) == NULL && (openssl_handle = dlopen("libssl.1.0.0.dylib", RTLD_NOW)) == NULL && (openssl_handle = dlopen("libssl.so.10", RTLD_NOW)) == NULL && - (openssl_handle = dlopen("libssl.so.3", RTLD_NOW)) == NULL) { + (openssl_handle = dlopen("libssl.so.3", RTLD_NOW)) == NULL && + (openssl_handle = dlopen("libssl.3.dylib", RTLD_NOW)) == NULL) { git_error_set(GIT_ERROR_SSL, "could not load ssl libraries"); return -1; } @@ -46,17 +47,13 @@ static int git_hash_openssl_global_init(void) #endif -#ifdef GIT_SHA1_OPENSSL - -# ifdef GIT_OPENSSL_DYNAMIC +#ifdef GIT_SHA1_OPENSSL_DYNAMIC static int (*SHA1_Init)(SHA_CTX *c); static int (*SHA1_Update)(SHA_CTX *c, const void *data, size_t len); static int (*SHA1_Final)(unsigned char *md, SHA_CTX *c); -# endif int git_hash_sha1_global_init(void) { -#ifdef GIT_OPENSSL_DYNAMIC if (git_hash_openssl_global_init() < 0) return -1; @@ -67,10 +64,17 @@ int git_hash_sha1_global_init(void) git_error_set(GIT_ERROR_SSL, "could not load hash function: %s", msg ? msg : "unknown error"); return -1; } -#endif return 0; } +#elif GIT_SHA1_OPENSSL +int git_hash_sha1_global_init(void) +{ + return 0; +} +#endif + +#if defined(GIT_SHA1_OPENSSL) || defined(GIT_SHA1_OPENSSL_DYNAMIC) int git_hash_sha1_ctx_init(git_hash_sha1_ctx *ctx) { @@ -196,17 +200,13 @@ int git_hash_sha1_final(unsigned char *out, git_hash_sha1_ctx *ctx) #endif -#ifdef GIT_SHA256_OPENSSL - -# ifdef GIT_OPENSSL_DYNAMIC +#ifdef GIT_SHA256_OPENSSL_DYNAMIC static int (*SHA256_Init)(SHA256_CTX *c); static int (*SHA256_Update)(SHA256_CTX *c, const void *data, size_t len); static int (*SHA256_Final)(unsigned char *md, SHA256_CTX *c); -#endif int git_hash_sha256_global_init(void) { -#ifdef GIT_OPENSSL_DYNAMIC if (git_hash_openssl_global_init() < 0) return -1; @@ -217,10 +217,17 @@ int git_hash_sha256_global_init(void) git_error_set(GIT_ERROR_SSL, "could not load hash function: %s", msg ? msg : "unknown error"); return -1; } -#endif return 0; } +#elif GIT_SHA256_OPENSSL +int git_hash_sha256_global_init(void) +{ + return 0; +} +#endif + +#if defined(GIT_SHA256_OPENSSL) || defined(GIT_SHA256_OPENSSL_DYNAMIC) int git_hash_sha256_ctx_init(git_hash_sha256_ctx *ctx) { diff --git a/src/util/hash/openssl.h b/src/util/hash/openssl.h index 8be37fd44..2ab73c989 100644 --- a/src/util/hash/openssl.h +++ b/src/util/hash/openssl.h @@ -10,31 +10,33 @@ #include "hash/sha.h" -#ifndef GIT_OPENSSL_DYNAMIC -# if defined(GIT_SHA1_OPENSSL_FIPS) || defined(GIT_SHA256_OPENSSL_FIPS) -# include -# else -# include -# endif -#else +#if defined(GIT_SHA1_OPENSSL_FIPS) || defined(GIT_SHA256_OPENSSL_FIPS) +# include +#endif +#if defined(GIT_SHA1_OPENSSL) || defined(GIT_SHA256_OPENSSL) +# include +#endif + +#if defined(GIT_SHA1_OPENSSL_DYNAMIC) typedef struct { unsigned int h0, h1, h2, h3, h4; unsigned int Nl, Nh; unsigned int data[16]; unsigned int num; } SHA_CTX; +#endif +#if defined(GIT_SHA256_OPENSSL_DYNAMIC) typedef struct { unsigned int h[8]; unsigned int Nl, Nh; unsigned int data[16]; unsigned int num, md_len; } SHA256_CTX; - #endif -#ifdef GIT_SHA1_OPENSSL +#if defined(GIT_SHA1_OPENSSL) || defined(GIT_SHA1_OPENSSL_DYNAMIC) struct git_hash_sha1_ctx { SHA_CTX c; }; @@ -46,7 +48,7 @@ struct git_hash_sha1_ctx { }; #endif -#ifdef GIT_SHA256_OPENSSL +#if defined(GIT_SHA256_OPENSSL) || defined(GIT_SHA256_OPENSSL_DYNAMIC) struct git_hash_sha256_ctx { SHA256_CTX c; }; diff --git a/src/util/hash/sha.h b/src/util/hash/sha.h index eb418c0d6..f9d048142 100644 --- a/src/util/hash/sha.h +++ b/src/util/hash/sha.h @@ -22,8 +22,10 @@ typedef struct git_hash_sha256_ctx git_hash_sha256_ctx; #endif #if defined(GIT_SHA1_OPENSSL) || \ + defined(GIT_SHA1_OPENSSL_DYNAMIC) || \ defined(GIT_SHA1_OPENSSL_FIPS) || \ defined(GIT_SHA256_OPENSSL) || \ + defined(GIT_SHA256_OPENSSL_DYNAMIC) || \ defined(GIT_SHA256_OPENSSL_FIPS) # include "openssl.h" #endif diff --git a/src/util/win32/error.c b/src/util/win32/error.c index dfd6fa1e8..141b1ad4c 100644 --- a/src/util/win32/error.c +++ b/src/util/win32/error.c @@ -9,7 +9,7 @@ #include "utf-conv.h" -#ifdef GIT_WINHTTP +#ifdef GIT_HTTPS_WINHTTP # include #endif @@ -24,7 +24,7 @@ char *git_win32_get_error_message(DWORD error_code) if (!error_code) return NULL; -#ifdef GIT_WINHTTP +#ifdef GIT_HTTPS_WINHTTP /* Errors raised by WinHTTP are not in the system resource table */ if (error_code >= WINHTTP_ERROR_BASE && error_code <= WINHTTP_ERROR_LAST) diff --git a/tests/libgit2/core/features.c b/tests/libgit2/core/features.c index 66211fb64..f8c6679c2 100644 --- a/tests/libgit2/core/features.c +++ b/tests/libgit2/core/features.c @@ -92,17 +92,17 @@ void test_core_features__backends(void) cl_assert(threads == NULL); #endif -#if defined(GIT_HTTPS) && defined(GIT_OPENSSL) +#if defined(GIT_HTTPS_OPENSSL) cl_assert_equal_s("openssl", https); -#elif defined(GIT_HTTPS) && defined(GIT_OPENSSL_DYNAMIC) +#elif defined(GIT_HTTPS_OPENSSL_DYNAMIC) cl_assert_equal_s("openssl-dynamic", https); -#elif defined(GIT_HTTPS) && defined(GIT_MBEDTLS) +#elif defined(GIT_HTTPS_MBEDTLS) cl_assert_equal_s("mbedtls", https); -#elif defined(GIT_HTTPS) && defined(GIT_SECURE_TRANSPORT) +#elif defined(GIT_HTTPS_SECURETRANSPORT) cl_assert_equal_s("securetransport", https); -#elif defined(GIT_HTTPS) && defined(GIT_SCHANNEL) +#elif defined(GIT_HTTPS_SCHANNEL) cl_assert_equal_s("schannel", https); -#elif defined(GIT_HTTPS) && defined(GIT_WINHTTP) +#elif defined(GIT_HTTPS_WINHTTP) cl_assert_equal_s("winhttp", https); #elif defined(GIT_HTTPS) cl_assert(0); diff --git a/tests/libgit2/online/clone.c b/tests/libgit2/online/clone.c index 6e9c8ea50..be0990d86 100644 --- a/tests/libgit2/online/clone.c +++ b/tests/libgit2/online/clone.c @@ -1373,7 +1373,7 @@ void test_online_clone__sha256(void) void test_online_clone__connect_timeout_configurable(void) { -#ifdef GIT_WINHTTP +#ifdef GIT_HTTPS_WINHTTP cl_skip(); #else uint64_t start, finish; @@ -1392,7 +1392,7 @@ void test_online_clone__connect_timeout_configurable(void) void test_online_clone__connect_timeout_default(void) { -#ifdef GIT_WINHTTP +#ifdef GIT_HTTPS_WINHTTP cl_skip(); #else /* This test takes ~ 75 seconds on Unix. */ @@ -1410,7 +1410,7 @@ void test_online_clone__connect_timeout_default(void) void test_online_clone__timeout_configurable_times_out(void) { -#ifdef GIT_WINHTTP +#ifdef GIT_HTTPS_WINHTTP cl_skip(); #else git_repository *failed_repo; @@ -1427,7 +1427,7 @@ void test_online_clone__timeout_configurable_times_out(void) void test_online_clone__timeout_configurable_succeeds_slowly(void) { -#ifdef GIT_WINHTTP +#ifdef GIT_HTTPS_WINHTTP cl_skip(); #else if (!_remote_speed_slow) diff --git a/tests/libgit2/online/customcert.c b/tests/libgit2/online/customcert.c index 89694b5f4..ef05bb4ea 100644 --- a/tests/libgit2/online/customcert.c +++ b/tests/libgit2/online/customcert.c @@ -10,7 +10,7 @@ #include "str.h" #include "streams/openssl.h" -#if (GIT_OPENSSL && !GIT_OPENSSL_DYNAMIC) +#ifdef GIT_HTTPS_OPENSSL # include # include # include @@ -30,13 +30,13 @@ #define CUSTOM_CERT_THREE_URL "https://test.libgit2.org:3443/anonymous/test.git" #define CUSTOM_CERT_THREE_FILE "three.pem.raw" -#if (GIT_OPENSSL || GIT_MBEDTLS) +#if (GIT_HTTPS_OPENSSL || GIT_HTTPS_OPENSSL_DYNAMIC || GIT_HTTPS_MBEDTLS) static git_repository *g_repo; #endif void test_online_customcert__initialize(void) { -#if (GIT_OPENSSL || GIT_MBEDTLS) +#if (GIT_HTTPS_OPENSSL || GIT_HTTPS_OPENSSL_DYNAMIC || GIT_HTTPS_MBEDTLS) git_str path = GIT_STR_INIT, file = GIT_STR_INIT; char cwd[GIT_PATH_MAX]; @@ -58,7 +58,7 @@ void test_online_customcert__initialize(void) void test_online_customcert__cleanup(void) { -#if (GIT_OPENSSL || GIT_MBEDTLS) +#if (GIT_HTTPS_OPENSSL || GIT_HTTPS_OPENSSL_DYNAMIC || GIT_HTTPS_MBEDTLS) if (g_repo) { git_repository_free(g_repo); g_repo = NULL; @@ -68,14 +68,14 @@ void test_online_customcert__cleanup(void) cl_fixture_cleanup(CUSTOM_CERT_DIR); #endif -#ifdef GIT_OPENSSL +#if (GIT_HTTPS_OPENSSL || GIT_HTTPS_OPENSSL_DYNAMIC) git_openssl__reset_context(); #endif } void test_online_customcert__file(void) { -#if (GIT_OPENSSL || GIT_MBEDTLS) +#if (GIT_HTTPS_OPENSSL || GIT_HTTPS_OPENSSL_DYNAMIC || GIT_HTTPS_MBEDTLS) cl_git_pass(git_clone(&g_repo, CUSTOM_CERT_ONE_URL, "./cloned", NULL)); cl_assert(git_fs_path_exists("./cloned/master.txt")); #endif @@ -83,7 +83,7 @@ void test_online_customcert__file(void) void test_online_customcert__path(void) { -#if (GIT_OPENSSL || GIT_MBEDTLS) +#if (GIT_HTTPS_OPENSSL || GIT_HTTPS_OPENSSL_DYNAMIC || GIT_HTTPS_MBEDTLS) cl_git_pass(git_clone(&g_repo, CUSTOM_CERT_TWO_URL, "./cloned", NULL)); cl_assert(git_fs_path_exists("./cloned/master.txt")); #endif @@ -91,7 +91,7 @@ void test_online_customcert__path(void) void test_online_customcert__raw_x509(void) { -#if (GIT_OPENSSL && !GIT_OPENSSL_DYNAMIC) +#if GIT_HTTPS_OPENSSL X509* x509_cert = NULL; char cwd[GIT_PATH_MAX]; git_str raw_file = GIT_STR_INIT, diff --git a/tests/libgit2/stream/registration.c b/tests/libgit2/stream/registration.c index ccaecee8c..e1ce54a5d 100644 --- a/tests/libgit2/stream/registration.c +++ b/tests/libgit2/stream/registration.c @@ -84,7 +84,7 @@ void test_stream_registration__tls(void) /* We don't have TLS support enabled, or we're on Windows * with WinHTTP, which is not actually TLS stream support. */ -#if defined(GIT_WINHTTP) || !defined(GIT_HTTPS) +#if defined(GIT_HTTPS_WINHTTP) || !defined(GIT_HTTPS) cl_git_fail_with(-1, error); #else cl_git_pass(error);