Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upGitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
Use managed HTTP stack #1618
Use managed HTTP stack #1618
Conversation
|
We could create a nuget package for this, so that @tmat can try it out. eg, |
|
May I ask this is about server side smart transport? |
No, libgit2 has no support for that. This is intended to allow us to use the .NET HTTP stack instead of using libgit2's networking stack. That means that we don't need to take a dependency on openssl or curl on non-Windows platforms, which has become incredibly problematic. |
|
Note to self: the certificate validation callback mechanism in libgit2 assumes that there is always a certificate callback and so things get quite crashy when there isn't. We'll need to support this when it's unset. |
924f342
to
8e5c177
420908c
to
ea06a88
| @@ -1,7 +1,7 @@ | |||
| <Project Sdk="Microsoft.NET.Sdk"> | |||
|
|
|||
| <PropertyGroup> | |||
| <TargetFrameworks>netstandard2.0;net461</TargetFrameworks> | |||
| <TargetFrameworks>netcoreapp2.0;net472</TargetFrameworks> | |||
bording
Nov 10, 2018
Member
While it's ok to change the test projects to net472 if you really want to, these can't be changed like this. They need to stay as netstandard2.0;net461.
We probably shouldn't change the test projects either, though.
While it's ok to change the test projects to net472 if you really want to, these can't be changed like this. They need to stay as netstandard2.0;net461.
We probably shouldn't change the test projects either, though.
bording
Nov 10, 2018
Member
Right, and that's why I'm saying we need a net461 target. .NET Standard 2.0 works with net461 even if its "broken", so you need to provide a net461 target to ensure that gets chosen over the netstandard2.0 target.
See https://docs.microsoft.com/en-us/dotnet/standard/library-guidance/cross-platform-targeting for more on that.
Libraries shouldn't target netcoreapp2.0, so that leads us back to netstandard2.0;net461 being the correct targets here.
Right, and that's why I'm saying we need a net461 target. .NET Standard 2.0 works with net461 even if its "broken", so you need to provide a net461 target to ensure that gets chosen over the netstandard2.0 target.
See https://docs.microsoft.com/en-us/dotnet/standard/library-guidance/cross-platform-targeting for more on that.
Libraries shouldn't target netcoreapp2.0, so that leads us back to netstandard2.0;net461 being the correct targets here.
| var httpClientHandler = CreateClientHandler(); | ||
| httpClientHandler.Credentials = credentials; | ||
|
|
||
| using (var httpClient = new HttpClient(httpClientHandler)) |
bording
Nov 10, 2018
Member
I assume you'll be changing to use the httpClient field instead? Even though the HttpClient class implements IDisposable, you're not supposed to create one and dispose it per request.
I assume you'll be changing to use the httpClient field instead? Even though the HttpClient class implements IDisposable, you're not supposed to create one and dispose it per request.
ethomson
Nov 10, 2018
Author
Member
Unclear: the credentials belong to the handler and it appears that credentials can't be changed after a request has been issued. It's not clear if using a CredentialCache will be sufficient to satisfy that and support default credentials both. Possible that I could implement my own ICredentials mechanism as a last resort.
Unclear: the credentials belong to the handler and it appears that credentials can't be changed after a request has been issued. It's not clear if using a CredentialCache will be sufficient to satisfy that and support default credentials both. Possible that I could implement my own ICredentials mechanism as a last resort.
| request.Content.Headers.Add("Content-Type", ContentType); | ||
| } | ||
|
|
||
| var response = httpClient.SendAsync(request).Result; |
bording
Nov 10, 2018
Member
Blocking on an async call like that isn't a great idea, but I guess this will have been called from libgit2? When that happens, what thread will it be on?
Blocking on an async call like that isn't a great idea, but I guess this will have been called from libgit2? When that happens, what thread will it be on?
asbjornu
May 8, 2020
Wouldn't it be more correct to do httpClient.SendAsync(request).ConfigureAwait(false).GetAwaiter().GetResult()? Accessing .Result directly in a library can cause deadlocks, no?
Wouldn't it be more correct to do httpClient.SendAsync(request).ConfigureAwait(false).GetAwaiter().GetResult()? Accessing .Result directly in a library can cause deadlocks, no?
bradwilson
May 8, 2020
.GetAwaiter().GetResult() causes the same deadlocks as .Result.
.GetAwaiter().GetResult() causes the same deadlocks as .Result.
bradwilson
May 8, 2020
(also, the comment you're responding to is a year and a half old and marked as "Outdated")
(also, the comment you're responding to is a year and a half old and marked as "Outdated")
asbjornu
May 8, 2020
Ouch, sorry.
Ouch, sorry.
2513a40
to
09dce90
|
Okay, with 09dce90 this is mostly working (occasional errors with "early EOF" that I don't yet understand). Moving the core library back to |
|
@AArnott I made the changes we discussed, so let me know what you think. I did have to comment out a test that was using the certificate check callback to get everything green, but I think for now I'm inclined to just leave it like that for this PR and just get this thing merged finally. Actually doing something with the certificate check API surface (remove it, adapt it in some way) can be done later. |
|
@ethomson I was going to try and push up a new preview release, but I'm getting some errors on Azure Pipelines. It's asking me to login and then saying I don't have permission, and getting 500 errors on other links. Any ideas? |
|
I can invite you to the project though, what email address should I use? (Feel free to email it to me direct if that's easier.) |
|
I feel like I used to be able to access everything in Azure Pipelines, so maybe something changed?
I'll send you a DM in the libgit2 slack. |
|
These changes have been published in 0.27.0-preview-0096. Give it a try and let me know if anything explodes. |
|
With pleasure! |
|
@bording A great many of my tests are failing with this exception. Is it expected that
|
|
I'm not aware of anything that this PR would have done that would have any impact on that. |
|
There shouldn't be a limit on the number of times that you can call But I don't understand what that has to do with:
|
|
I don't think this PR is related either. Must be some other change. I'll open an issue. |
|
Next issue: the tests pass on Windows but fail on Linux. This is because I have a linux-arm linux-arm64 linux-musl-x64 linux-x64 osx win-x64 win-x86 That's probably exactly what you were expecting, and presumably made possible because of the drop of the native HTTPS stack. |
|
Happily, ripping the |
Great! That was what I was hoping would work. By only having the base RIDs, all distros should just be able to use those without any special mapping. |
|
Does this mean it should work on Linux on mono as well? |
The story is much improved there as well, though not perfect. The I think I can add more |
|
For nb.gv, I think what we have is good enough. St least until users complain about arm or musl not working. |
|
The main thing that actually needs to be validated is whether or not the set of linux binaries in the package actually work on all the various distros that .NET Core works on. I'm reasonable sure that they will, but I haven't had a way to test that myself. |
NB.GV uses Azure Pipelines to test a variety of linux distros. Basically any that we do something to make work, we add a regression test for. You can see it here by expanding "functional testing" here: https://dev.azure.com/andrewarnott/OSS/_build/results?buildId=3979&view=results |
|
Yeah, adding some tests with different distros via docker images would help, but there are some distros that don't have images available (RHEL, SLES). It's something I'll have to look into eventually. |
|
Ya, Pop!_OS doesn't seem to have a docker image anywhere, and that has come up a few times as one that folks want NB.GV to work in. I had to create a VM and test manually. |

In an attempt to reduce our native dependencies, we can use the managed HTTP stack for connecting to HTTP remotes. This is somewhat working but lacking a number of pieces of functionality:
ProxiesCertificate validation callbacksHowever, for users who do not do any networking, this may be worth evaluation.