summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Documentation/RelNotes/1.8.1.4.txt11
-rw-r--r--Documentation/RelNotes/1.8.1.5.txt37
-rw-r--r--Documentation/config.txt2
-rw-r--r--Documentation/git.txt3
-rw-r--r--Documentation/user-manual.txt135
-rw-r--r--Makefile14
-rw-r--r--builtin/check-ignore.c2
-rw-r--r--config.mak.in2
-rw-r--r--imap-send.c67
-rw-r--r--name-hash.c4
-rwxr-xr-xt/t0008-ignores.sh15
-rwxr-xr-xt/t7512-status-help.sh2
12 files changed, 223 insertions, 71 deletions
diff --git a/Documentation/RelNotes/1.8.1.4.txt b/Documentation/RelNotes/1.8.1.4.txt
new file mode 100644
index 0000000000..22af1d1643
--- /dev/null
+++ b/Documentation/RelNotes/1.8.1.4.txt
@@ -0,0 +1,11 @@
+Git 1.8.1.4 Release Notes
+=========================
+
+Fixes since v1.8.1.3
+--------------------
+
+ * "git imap-send" talking over imaps:// did make sure it received a
+ valid certificate from the other end, but did not check if the
+ certificate matched the host it thought it was talking to.
+
+Also contains various documentation fixes.
diff --git a/Documentation/RelNotes/1.8.1.5.txt b/Documentation/RelNotes/1.8.1.5.txt
new file mode 100644
index 0000000000..92da6b2777
--- /dev/null
+++ b/Documentation/RelNotes/1.8.1.5.txt
@@ -0,0 +1,37 @@
+Git 1.8.1.5 Release Notes
+=========================
+
+Fixes since v1.8.1.5
+--------------------
+
+ * "git apply --summary" has been taught to make sure the similarity
+ value shown in its output is sensible, even when the input had a
+ bogus value.
+
+ * "git clean" showed what it was going to do, but sometimes ended
+ up finding that it was not allowed to do so, which resulted in a
+ confusing output (e.g. after saying that it will remove an
+ untracked directory, it found an embedded git repository there
+ which it is not allowed to remove). It now performs the actions
+ and then reports the outcome more faithfully.
+
+ * "git clone" used to allow --bare and --separate-git-dir=$there
+ options at the same time, which was nonsensical.
+
+ * "git cvsimport" mishandled timestamps at DST boundary.
+
+ * We used to have an arbitrary 32 limit for combined diff input,
+ resulting in incorrect number of leading colons shown when showing
+ the "--raw --cc" output.
+
+ * The smart HTTP clients forgot to verify the content-type that comes
+ back from the server side to make sure that the request is being
+ handled properly.
+
+ * "git help remote-helpers" failed to find the documentation.
+
+ * "gitweb" pages served over HTTPS, when configured to show picon or
+ gravatar, referred to these external resources to be fetched via
+ HTTP, resulting in mixed contents warning in browsers.
+
+Also contains various documentation fixes.
diff --git a/Documentation/config.txt b/Documentation/config.txt
index 3bb53da522..bbba728d09 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -182,7 +182,7 @@ advice.*::
Advice shown when linkgit:git-merge[1] refuses to
merge to avoid overwriting local changes.
resolveConflict::
- Advices shown by various commands when conflicts
+ Advice shown by various commands when conflicts
prevent the operation from being performed.
implicitIdentity::
Advice on how to set your identity configuration when
diff --git a/Documentation/git.txt b/Documentation/git.txt
index 2d975e3b01..0847cdcc68 100644
--- a/Documentation/git.txt
+++ b/Documentation/git.txt
@@ -43,9 +43,10 @@ unreleased) version of Git, that is available from 'master'
branch of the `git.git` repository.
Documentation for older releases are available here:
-* link:v1.8.1.3/git.html[documentation for release 1.8.1.3]
+* link:v1.8.1.4/git.html[documentation for release 1.8.1.4]
* release notes for
+ link:RelNotes/1.8.1.4.txt[1.8.1.4],
link:RelNotes/1.8.1.3.txt[1.8.1.3],
link:RelNotes/1.8.1.2.txt[1.8.1.2],
link:RelNotes/1.8.1.1.txt[1.8.1.1],
diff --git a/Documentation/user-manual.txt b/Documentation/user-manual.txt
index 23689b0b93..5f36f8115f 100644
--- a/Documentation/user-manual.txt
+++ b/Documentation/user-manual.txt
@@ -2006,7 +2006,7 @@ Note that the target of a "push" is normally a
<<def_bare_repository,bare>> repository. You can also push to a
repository that has a checked-out working tree, but a push to update the
currently checked-out branch is denied by default to prevent confusion.
-See the description ofthe receive.denyCurrentBranch option
+See the description of the receive.denyCurrentBranch option
in linkgit:git-config[1] for details.
As with `git fetch`, you may also set up configuration options to
@@ -2306,17 +2306,13 @@ branch and then merge into each of the test and release branches. For
these changes, just apply directly to the "release" branch, and then
merge that into the "test" branch.
-To create diffstat and shortlog summaries of changes to include in a "please
-pull" request to Linus you can use:
+After pushing your work to `mytree`, you can use
+linkgit:git-request-pull[1] to prepare a "please pull" request message
+to send to Linus:
-------------------------------------------------
-$ git diff --stat origin..release
--------------------------------------------------
-
-and
-
--------------------------------------------------
-$ git log -p origin..release | git shortlog
+$ git push mytree
+$ git request-pull origin mytree release
-------------------------------------------------
Here are some of the scripts that simplify all this even further.
@@ -2557,6 +2553,12 @@ return mywork to the state it had before you started the rebase:
$ git rebase --abort
-------------------------------------------------
+If you need to reorder or edit a number of commits in a branch, it may
+be easier to use `git rebase -i`, which allows you to reorder and
+squash commits, as well as marking them for individual editing during
+the rebase. See <<interactive-rebase>> for details, and
+<<reordering-patch-series>> for alternatives.
+
[[rewriting-one-commit]]
Rewriting a single commit
-------------------------
@@ -2570,72 +2572,89 @@ $ git commit --amend
which will replace the old commit by a new commit incorporating your
changes, giving you a chance to edit the old commit message first.
+This is useful for fixing typos in your last commit, or for adjusting
+the patch contents of a poorly staged commit.
-You can also use a combination of this and linkgit:git-rebase[1] to
-replace a commit further back in your history and recreate the
-intervening changes on top of it. First, tag the problematic commit
-with
+If you need to amend commits from deeper in your history, you can
+use <<interactive-rebase,interactive rebase's `edit` instruction>>.
--------------------------------------------------
-$ git tag bad mywork~5
--------------------------------------------------
-
-(Either gitk or `git log` may be useful for finding the commit.)
+[[reordering-patch-series]]
+Reordering or selecting from a patch series
+-------------------------------------------
-Then check out that commit, edit it, and rebase the rest of the series
-on top of it (note that we could check out the commit on a temporary
-branch, but instead we're using a <<detached-head,detached head>>):
+Sometimes you want to edit a commit deeper in your history. One
+approach is to use `git format-patch` to create a series of patches
+and then reset the state to before the patches:
-------------------------------------------------
-$ git checkout bad
-$ # make changes here and update the index
-$ git commit --amend
-$ git rebase --onto HEAD bad mywork
+$ git format-patch origin
+$ git reset --hard origin
-------------------------------------------------
-When you're done, you'll be left with mywork checked out, with the top
-patches on mywork reapplied on top of your modified commit. You can
-then clean up with
+Then modify, reorder, or eliminate patches as needed before applying
+them again with linkgit:git-am[1]:
-------------------------------------------------
-$ git tag -d bad
+$ git am *.patch
-------------------------------------------------
-Note that the immutable nature of Git history means that you haven't really
-"modified" existing commits; instead, you have replaced the old commits with
-new commits having new object names.
+[[interactive-rebase]]
+Using interactive rebases
+-------------------------
-[[reordering-patch-series]]
-Reordering or selecting from a patch series
--------------------------------------------
+You can also edit a patch series with an interactive rebase. This is
+the same as <<reordering-patch-series,reordering a patch series using
+`format-patch`>>, so use whichever interface you like best.
-Given one existing commit, the linkgit:git-cherry-pick[1] command
-allows you to apply the change introduced by that commit and create a
-new commit that records it. So, for example, if "mywork" points to a
-series of patches on top of "origin", you might do something like:
+Rebase your current HEAD on the last commit you want to retain as-is.
+For example, if you want to reorder the last 5 commits, use:
-------------------------------------------------
-$ git checkout -b mywork-new origin
-$ gitk origin..mywork &
+$ git rebase -i HEAD~5
-------------------------------------------------
-and browse through the list of patches in the mywork branch using gitk,
-applying them (possibly in a different order) to mywork-new using
-cherry-pick, and possibly modifying them as you go using `git commit --amend`.
-The linkgit:git-gui[1] command may also help as it allows you to
-individually select diff hunks for inclusion in the index (by
-right-clicking on the diff hunk and choosing "Stage Hunk for Commit").
-
-Another technique is to use `git format-patch` to create a series of
-patches, then reset the state to before the patches:
+This will open your editor with a list of steps to be taken to perform
+your rebase.
-------------------------------------------------
-$ git format-patch origin
-$ git reset --hard origin
--------------------------------------------------
+pick deadbee The oneline of this commit
+pick fa1afe1 The oneline of the next commit
+...
-Then modify, reorder, or eliminate patches as preferred before applying
-them again with linkgit:git-am[1].
+# Rebase c0ffeee..deadbee onto c0ffeee
+#
+# Commands:
+# p, pick = use commit
+# r, reword = use commit, but edit the commit message
+# e, edit = use commit, but stop for amending
+# s, squash = use commit, but meld into previous commit
+# f, fixup = like "squash", but discard this commit's log message
+# x, exec = run command (the rest of the line) using shell
+#
+# These lines can be re-ordered; they are executed from top to bottom.
+#
+# If you remove a line here THAT COMMIT WILL BE LOST.
+#
+# However, if you remove everything, the rebase will be aborted.
+#
+# Note that empty commits are commented out
+-------------------------------------------------
+
+As explained in the comments, you can reorder commits, squash them
+together, edit commit messages, etc. by editing the list. Once you
+are satisfied, save the list and close your editor, and the rebase
+will begin.
+
+The rebase will stop where `pick` has been replaced with `edit` or
+when a step in the list fails to mechanically resolve conflicts and
+needs your help. When you are done editing and/or resolving conflicts
+you can continue with `git rebase --continue`. If you decide that
+things are getting too hairy, you can always bail out with `git rebase
+--abort`. Even after the rebase is complete, you can still recover
+the original branch by using the <<reflogs,reflog>>.
+
+For a more detailed discussion of the procedure and additional tips,
+see the "INTERACTIVE MODE" section of linkgit:git-rebase[1].
[[patch-series-tools]]
Other tools
@@ -3721,7 +3740,9 @@ module a
NOTE: The changes are still visible in the submodule's reflog.
-This is not the case if you did not commit your changes.
+If you have uncommitted changes in your submodule working tree, `git
+submodule update` will not overwrite them. Instead, you get the usual
+warning about not being able switch from a dirty branch.
[[low-level-operations]]
Low-level Git operations
diff --git a/Makefile b/Makefile
index ba8e243425..7c75e3b108 100644
--- a/Makefile
+++ b/Makefile
@@ -1821,12 +1821,14 @@ $(patsubst %.py,%,$(SCRIPT_PYTHON)): % : unimplemented.sh
mv $@+ $@
endif # NO_PYTHON
+CONFIGURE_RECIPE = $(RM) configure configure.ac+ && \
+ sed -e 's/@@GIT_VERSION@@/$(GIT_VERSION)/g' \
+ configure.ac >configure.ac+ && \
+ autoconf -o configure configure.ac+ && \
+ $(RM) configure.ac+
+
configure: configure.ac GIT-VERSION-FILE
- $(QUIET_GEN)$(RM) $@ $<+ && \
- sed -e 's/@@GIT_VERSION@@/$(GIT_VERSION)/g' \
- $< > $<+ && \
- autoconf -o $@ $<+ && \
- $(RM) $<+
+ $(QUIET_GEN)$(CONFIGURE_RECIPE)
ifdef AUTOCONFIGURED
# We avoid depending on 'configure' here, because it gets rebuilt
@@ -1835,7 +1837,7 @@ ifdef AUTOCONFIGURED
# do want to recheck when the platform/environment detection logic
# changes, hence this depends on configure.ac.
config.status: configure.ac
- $(QUIET_GEN)$(MAKE) configure && \
+ $(QUIET_GEN)$(CONFIGURE_RECIPE) && \
if test -f config.status; then \
./config.status --recheck; \
else \
diff --git a/builtin/check-ignore.c b/builtin/check-ignore.c
index 709535ce09..0240f99b57 100644
--- a/builtin/check-ignore.c
+++ b/builtin/check-ignore.c
@@ -89,7 +89,7 @@ static int check_ignore(const char *prefix, const char **pathspec)
? strlen(prefix) : 0, path);
full_path = check_path_for_gitlink(full_path);
die_if_path_beyond_symlink(full_path, prefix);
- if (!seen[i] && path[0]) {
+ if (!seen[i]) {
exclude = last_exclude_matching_path(&check, full_path,
-1, &dtype);
if (exclude) {
diff --git a/config.mak.in b/config.mak.in
index d7c49cd8f3..fa02bdd82a 100644
--- a/config.mak.in
+++ b/config.mak.in
@@ -8,6 +8,7 @@ LDFLAGS = @LDFLAGS@
AR = @AR@
TAR = @TAR@
DIFF = @DIFF@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
#INSTALL = @INSTALL@ # needs install-sh or install.sh in sources
prefix = @prefix@
@@ -17,6 +18,7 @@ gitexecdir = @libexecdir@/git-core
datarootdir = @datarootdir@
template_dir = @datadir@/git-core/templates
sysconfdir = @sysconfdir@
+docdir = @docdir@
mandir = @mandir@
htmldir = @htmldir@
diff --git a/imap-send.c b/imap-send.c
index 21dc20b57d..43ac4e0bdf 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -31,6 +31,7 @@ typedef void *SSL;
#else
#include <openssl/evp.h>
#include <openssl/hmac.h>
+#include <openssl/x509v3.h>
#endif
static const char imap_send_usage[] = "git imap-send < <mbox>";
@@ -200,12 +201,64 @@ static void socket_perror(const char *func, struct imap_socket *sock, int ret)
}
}
+#ifdef NO_OPENSSL
static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int verify)
{
-#ifdef NO_OPENSSL
fprintf(stderr, "SSL requested but SSL support not compiled in\n");
return -1;
+}
+
#else
+
+static int host_matches(const char *host, const char *pattern)
+{
+ if (pattern[0] == '*' && pattern[1] == '.') {
+ pattern += 2;
+ if (!(host = strchr(host, '.')))
+ return 0;
+ host++;
+ }
+
+ return *host && *pattern && !strcasecmp(host, pattern);
+}
+
+static int verify_hostname(X509 *cert, const char *hostname)
+{
+ int len;
+ X509_NAME *subj;
+ char cname[1000];
+ int i, found;
+ STACK_OF(GENERAL_NAME) *subj_alt_names;
+
+ /* try the DNS subjectAltNames */
+ found = 0;
+ if ((subj_alt_names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL))) {
+ int num_subj_alt_names = sk_GENERAL_NAME_num(subj_alt_names);
+ for (i = 0; !found && i < num_subj_alt_names; i++) {
+ GENERAL_NAME *subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
+ if (subj_alt_name->type == GEN_DNS &&
+ strlen((const char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
+ host_matches(hostname, (const char *)(subj_alt_name->d.ia5->data)))
+ found = 1;
+ }
+ sk_GENERAL_NAME_pop_free(subj_alt_names, GENERAL_NAME_free);
+ }
+ if (found)
+ return 0;
+
+ /* try the common name */
+ if (!(subj = X509_get_subject_name(cert)))
+ return error("cannot get certificate subject");
+ if ((len = X509_NAME_get_text_by_NID(subj, NID_commonName, cname, sizeof(cname))) < 0)
+ return error("cannot get certificate common name");
+ if (strlen(cname) == (size_t)len && host_matches(hostname, cname))
+ return 0;
+ return error("certificate owner '%s' does not match hostname '%s'",
+ cname, hostname);
+}
+
+static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int verify)
+{
#if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
const SSL_METHOD *meth;
#else
@@ -213,6 +266,7 @@ static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int ve
#endif
SSL_CTX *ctx;
int ret;
+ X509 *cert;
SSL_library_init();
SSL_load_error_strings();
@@ -256,9 +310,18 @@ static int ssl_socket_connect(struct imap_socket *sock, int use_tls_only, int ve
return -1;
}
+ if (verify) {
+ /* make sure the hostname matches that of the certificate */
+ cert = SSL_get_peer_certificate(sock->ssl);
+ if (!cert)
+ return error("unable to get peer certificate.");
+ if (verify_hostname(cert, server.host) < 0)
+ return -1;
+ }
+
return 0;
-#endif
}
+#endif
static int socket_read(struct imap_socket *sock, char *buf, int len)
{
diff --git a/name-hash.c b/name-hash.c
index d8d25c23e9..942c459622 100644
--- a/name-hash.c
+++ b/name-hash.c
@@ -24,11 +24,11 @@ static unsigned int hash_name(const char *name, int namelen)
{
unsigned int hash = 0x123;
- do {
+ while (namelen--) {
unsigned char c = *name++;
c = icase_hash(c);
hash = hash*101 + c;
- } while (--namelen);
+ }
return hash;
}
diff --git a/t/t0008-ignores.sh b/t/t0008-ignores.sh
index d7df7198c4..9c1bde1fd6 100755
--- a/t/t0008-ignores.sh
+++ b/t/t0008-ignores.sh
@@ -75,6 +75,16 @@ test_check_ignore () {
stderr_empty_on_success "$expect_code"
}
+# Runs the same code with 3 different levels of output verbosity,
+# expecting success each time. Takes advantage of the fact that
+# check-ignore --verbose output is the same as normal output except
+# for the extra first column.
+#
+# Arguments:
+# - (optional) prereqs for this test, e.g. 'SYMLINKS'
+# - test name
+# - output to expect from -v / --verbose mode
+# - code to run (should invoke test_check_ignore)
test_expect_success_multi () {
prereq=
if test $# -eq 4
@@ -128,6 +138,7 @@ test_expect_success 'setup' '
cat <<-\EOF >.gitignore &&
one
ignored-*
+ top-level-dir/
EOF
for dir in . a
do
@@ -167,6 +178,10 @@ test_expect_success 'setup' '
#
# test invalid inputs
+test_expect_success_multi '. corner-case' '' '
+ test_check_ignore . 1
+'
+
test_expect_success_multi 'empty command line' '' '
test_check_ignore "" 128 &&
stderr_contains "fatal: no path specified"
diff --git a/t/t7512-status-help.sh b/t/t7512-status-help.sh
index 51ab89411f..d2da89a5f5 100755
--- a/t/t7512-status-help.sh
+++ b/t/t7512-status-help.sh
@@ -5,7 +5,7 @@
# Grenoble INP Ensimag
#
-test_description='git status advices'
+test_description='git status advice'
. ./test-lib.sh