Re: [PATCH] docs: indicate http.sslCertType and sslKeyType

git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Junio C Hamano <gitster@pobox.com>
To: "brian m. carlson" <sandals@crustytoothpaste.net>
Cc: Andrew Carter via GitGitGadget <gitgitgadget@gmail.com>,
	git@vger.kernel.org,  Andrew Carter <andrew@emailcarter.com>
Subject: Re: [PATCH] docs: indicate http.sslCertType and sslKeyType
Date: Thu, 23 Jan 2025 09:43:08 -0800	[thread overview]
Message-ID: <xmqq7c6ltoib.fsf@gitster.g> (raw)
In-Reply-To: <Z5GOfwBR7JBloIs0@tapette.crustytoothpaste.net> (brian m. carlson's message of "Thu, 23 Jan 2025 00:34:07 +0000")

"brian m. carlson" <sandals@crustytoothpaste.net> writes:

> On 2025-01-23 at 00:16:06, Andrew Carter via GitGitGadget wrote:
>> diff --git a/Documentation/config/http.txt b/Documentation/config/http.txt
>> index a14371b5c96..cd39e182527 100644
>> --- a/Documentation/config/http.txt
>> +++ b/Documentation/config/http.txt
>> @@ -216,6 +216,18 @@ http.sslBackend::
>>  	This option is ignored if cURL lacks support for choosing the SSL
>>  	backend at runtime.
>>  
>> +http.sslCertType::
>> +	Type of client certificate used when fetching or pushing over HTTPS.
>> +	(e.g. "PEM", "DER", or "P12"). See also libcurl `CURLOPT_SSLCERTTYPE`
>> +	Can be overridden by the `GIT_SSL_CERT_TYPE` environment variable.
>> +
>> +http.sslKeyType::
>> +	Type of client private key used when fetching or pushing over HTTPS.
>> +	(e.g. "PEM", "DER", or "ENG"). Particularly useful when set to "ENG"
>> +	for authenticating with PKCS#11 tokens. See also libcurl
>> +	`CURLOPT_SSLCERTTYPE` . Can be overridden by the `GIT_SSL_KEY_TYPE`
>> +	environment variable.
>
> Are there any particular limitations on these values that are platform-
> or backend-specific that we should document?  For instance, I seem to
> recall that at some point PKCS#12 files were limited to schannel or
> Windows, although I could be mistaken.
>
> Do we also have documentation for whatever engine parameter is required
> according to the libcurl documentation?

Both are very good points.

I went back to the original thread that added the change cited in
the proposed log message [*1*], hoping that maybe somebody brought
up caveats but didn't find anything relevant other than that we
punted to add tests for this since it was too cumbersome to set up.

Note to Andrew, when referring to an existing commit in your
proposed log message, please do not just write its abbreviated
commit object name, like 0a01d41e.

Instead, use it in "git show -s --format=reference 0a01d41e" to
obtain something like

    0a01d41ee4 (http: add support for different sslcert and sslkey
    types., 2023-03-20)

that would help people to immediately see what the change was about
and how old it was.

Thanks.


[Reference]

*1* https://lore.kernel.org/git/pull.1474.v2.git.git.1679327330032.gitgitgadget@gmail.com/

next prev parent reply	other threads:[~2025-01-23 17:43 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-01-23  0:16 [PATCH] docs: indicate http.sslCertType and sslKeyType Andrew Carter via GitGitGadget
2025-01-23  0:34 ` brian m. carlson
2025-01-23 17:43   ` Junio C Hamano [this message]
2025-01-25  6:38     ` Andrew Carter
2025-01-30 13:18 ` [PATCH v2] " Andrew Carter
2025-01-30 22:22   ` Junio C Hamano
2025-02-05  5:46     ` Andrew Carter
2025-02-05 17:45       ` Junio C Hamano
2025-02-05  5:38 ` Andrew Carter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqq7c6ltoib.fsf@gitster.g \
    --to=gitster@pobox.com \
    --cc=andrew@emailcarter.com \
    --cc=git@vger.kernel.org \
    --cc=gitgitgadget@gmail.com \
    --cc=sandals@crustytoothpaste.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).