char curl_errorstr[CURL_ERROR_SIZE];
static int curl_ssl_verify = -1;
-static char *ssl_cert = NULL;
+static const char *ssl_cert = NULL;
#if LIBCURL_VERSION_NUM >= 0x070902
-static char *ssl_key = NULL;
+static const char *ssl_key = NULL;
#endif
#if LIBCURL_VERSION_NUM >= 0x070908
-static char *ssl_capath = NULL;
+static const char *ssl_capath = NULL;
#endif
-static char *ssl_cainfo = NULL;
+static const char *ssl_cainfo = NULL;
static long curl_low_speed_limit = -1;
static long curl_low_speed_time = -1;
static int curl_ftp_no_epsv = 0;
static struct active_request_slot *active_queue_head = NULL;
-size_t fread_buffer(void *ptr, size_t eltsize, size_t nmemb,
- struct buffer *buffer)
+size_t fread_buffer(void *ptr, size_t eltsize, size_t nmemb, void *buffer_)
{
size_t size = eltsize * nmemb;
+ struct buffer *buffer = buffer_;
+
if (size > buffer->buf.len - buffer->posn)
size = buffer->buf.len - buffer->posn;
memcpy(ptr, buffer->buf.buf + buffer->posn, size);
return size;
}
-size_t fwrite_buffer(const void *ptr, size_t eltsize,
- size_t nmemb, struct strbuf *buffer)
+size_t fwrite_buffer(const void *ptr, size_t eltsize, size_t nmemb, void *buffer_)
{
size_t size = eltsize * nmemb;
+ struct strbuf *buffer = buffer_;
+
strbuf_add(buffer, ptr, size);
data_received++;
return size;
}
-size_t fwrite_null(const void *ptr, size_t eltsize,
- size_t nmemb, struct strbuf *buffer)
+size_t fwrite_null(const void *ptr, size_t eltsize, size_t nmemb, void *strbuf)
{
data_received++;
return eltsize * nmemb;
}
if (!strcmp("http.sslcert", var)) {
- if (ssl_cert == NULL) {
- if (!value)
- return config_error_nonbool(var);
- ssl_cert = xstrdup(value);
- }
+ if (ssl_cert == NULL)
+ return git_config_string(&ssl_cert, var, value);
return 0;
}
#if LIBCURL_VERSION_NUM >= 0x070902
if (!strcmp("http.sslkey", var)) {
- if (ssl_key == NULL) {
- if (!value)
- return config_error_nonbool(var);
- ssl_key = xstrdup(value);
- }
+ if (ssl_key == NULL)
+ return git_config_string(&ssl_key, var, value);
return 0;
}
#endif
#if LIBCURL_VERSION_NUM >= 0x070908
if (!strcmp("http.sslcapath", var)) {
- if (ssl_capath == NULL) {
- if (!value)
- return config_error_nonbool(var);
- ssl_capath = xstrdup(value);
- }
+ if (ssl_capath == NULL)
+ return git_config_string(&ssl_capath, var, value);
return 0;
}
#endif
if (!strcmp("http.sslcainfo", var)) {
- if (ssl_cainfo == NULL) {
- if (!value)
- return config_error_nonbool(var);
- ssl_cainfo = xstrdup(value);
- }
+ if (ssl_cainfo == NULL)
+ return git_config_string(&ssl_cainfo, var, value);
return 0;
}
{
CURL* result = curl_easy_init();
- curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, curl_ssl_verify);
+ if (!curl_ssl_verify) {
+ curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
+ curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
+ } else {
+ /* Verify authenticity of the peer's certificate */
+ curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
+ /* The name in the cert must match whom we tried to connect */
+ curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
+ }
+
#if LIBCURL_VERSION_NUM >= 0x070907
curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
#endif
void add_fill_function(void *data, int (*fill)(void *))
{
- struct fill_chain *new = malloc(sizeof(*new));
+ struct fill_chain *new = xmalloc(sizeof(*new));
struct fill_chain **linkp = &fill_cfg;
new->data = data;
new->fill = fill;