From: Nick Hengeveld <nickh@reactrix.com>
To: git@vger.kernel.org
Subject: [PATCH 1/3] Support for SSL client cert
Date: Mon, 26 Sep 2005 10:51:57 -0700 [thread overview]
Message-ID: <20050926175156.GB9410@reactrix.com> (raw)
Added SSL client args and CURL settings
Signed-off-by: Nick Hengeveld <nickh@reactrix.com>
---
http-fetch.c | 28 +++++++++++++++++++++++++++-
1 files changed, 27 insertions(+), 1 deletions(-)
2d293c34fdfde8a394b5f8a5c5343d9caf363bcc
diff --git a/http-fetch.c b/http-fetch.c
--- a/http-fetch.c
+++ b/http-fetch.c
@@ -476,6 +476,10 @@ int main(int argc, char **argv)
char *commit_id;
char *url;
int arg = 1;
+ char *ssl_cert = NULL;
+ char *ssl_key = NULL;
+ char *ssl_capath = NULL;
+ char *ssl_cacert = NULL;
while (arg < argc && argv[arg][0] == '-') {
if (argv[arg][1] == 't') {
@@ -491,11 +495,19 @@ int main(int argc, char **argv)
} else if (argv[arg][1] == 'w') {
write_ref = argv[arg + 1];
arg++;
+ } else if (arg+1 < argc && !strcmp(argv[arg], "--cert")) {
+ ssl_cert = argv[++arg];
+ } else if (arg+1 < argc && !strcmp(argv[arg], "--key")) {
+ ssl_key = argv[++arg];
+ } else if (arg+1 < argc && !strcmp(argv[arg], "--capath")) {
+ ssl_capath = argv[++arg];
+ } else if (arg+1 < argc && !strcmp(argv[arg], "--cacert")) {
+ ssl_cacert = argv[++arg];
}
arg++;
}
if (argc < arg + 2) {
- usage("git-http-fetch [-c] [-t] [-a] [-d] [-v] [--recover] [-w ref] commit-id url");
+ usage("git-http-fetch [-c] [-t] [-a] [-d] [-v] [--recover] [-w ref] [--cert ssl-cert-file] [--key ssl-key-file] [--capath CA-dir] [--cacert CA-cert-file] commit-id url");
return 1;
}
commit_id = argv[arg];
@@ -506,6 +518,20 @@ int main(int argc, char **argv)
curl = curl_easy_init();
no_pragma_header = curl_slist_append(no_pragma_header, "Pragma:");
+ /* Set SSL parameters if they were provided */
+ if (ssl_cert != NULL) {
+ curl_easy_setopt(curl, CURLOPT_SSLCERT, ssl_cert);
+ }
+ if (ssl_key != NULL) {
+ curl_easy_setopt(curl, CURLOPT_SSLKEY, ssl_key);
+ }
+ if (ssl_capath != NULL) {
+ curl_easy_setopt(curl, CURLOPT_CAPATH, ssl_capath);
+ }
+ if (ssl_cacert != NULL) {
+ curl_easy_setopt(curl, CURLOPT_CAINFO, ssl_cacert);
+ }
+
curl_ssl_verify = getenv("GIT_SSL_NO_VERIFY") ? 0 : 1;
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, curl_ssl_verify);
#if LIBCURL_VERSION_NUM >= 0x070907
next reply other threads:[~2005-09-26 17:52 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-26 17:51 Nick Hengeveld [this message]
2005-09-26 18:23 ` [PATCH 1/3] Support for SSL client cert Petr Baudis
2005-09-26 18:36 ` Nick Hengeveld
2005-09-26 20:43 ` Junio C Hamano
2005-09-27 0:15 ` Nick Hengeveld
2005-09-27 0:43 ` More Porcelains? Junio C Hamano
2005-09-27 0:57 ` Ameer Armaly
2005-09-27 6:15 ` Daniel Barkalow
2005-09-27 8:16 ` Catalin Marinas
2005-09-27 17:02 ` Mariano Videla
2005-09-28 11:30 ` Vincent Hanquez
2005-09-28 20:22 ` Matthias Urlichs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050926175156.GB9410@reactrix.com \
--to=nickh@reactrix.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).