Update the proxy detection for a remote.
1. Honor `http.<url>.proxy` syntax for a remote's direct URL and
parent URLs.
2. Honor an empty configuration URL to override a proxy configuration.
Add tests to ensure that configuration specificity is honored.
Provide a utility method on a url to determine if it matches any pattern
in a comma-separated list, similar to what one would find in `NO_PROXY`
environment variables.
Introduce a utility function that compares a NUL terminated string to a
possibly not-NUL terminated string with length. This is similar to
`strncmp` but with an added check to ensure that the lengths match (not
just the `size` portion of the two strings).
Prior to this change, for CONNECT requests, the Host header was set to
the host and port of the target http proxy. However, per the rfc7230 for
HTTP/1.1 this is incorrect as the Host header should match the target of
the CONNECT request, as detailed in section 5.3.3 & 5.4.
5.3.3. authority-form
The authority-form of request-target is only used for CONNECT
requests (Section 4.3.6 of [RFC7231]).
authority-form = authority
When making a CONNECT request to establish a tunnel through one or
more proxies, a client MUST send only the target URI's authority
component (excluding any userinfo and its "@" delimiter) as the
request-target. For example,
CONNECT www.example.com:80 HTTP/1.1
5.4. Host
<snip>
A client MUST send a Host header field in all HTTP/1.1 request
messages. If the target URI includes an authority component, then a
client MUST send a field-value for Host that is identical to that
authority component, excluding any userinfo subcomponent and its "@"
delimiter (Section 2.7.1). If the authority component is missing or
undefined for the target URI, then a client MUST send a Host header
field with an empty field-value.
This issue was noticed when proxying requests through HAProxy 2.2 which
rejects these invalid http requests.
A `git_buf` is now a read-only structure as far as callers are
concerned. This is a mechanism that we can return data to callers
using memory that is owned by the library and can be cleaned up by
callers (using `git_buf_dispose`).
A `git_buf` can no longer be allocated by callers or provided to the
library.
Using a callback to set a resolve_url is not particularly idiomatic.
Deprecate it in favor of the `set_instance_url` and
`set_instance_pushurl` functions which can now be called from the
`git_remote_ready_cb` callback.
Introduce a new mechanism for `git_rebase_commit` for callers to
customize the experience. Instead of assuming that we produce the
commit for them, provide a commit creation callback that allows callers
to produce the commit themselves and return the resulting commit id.
