char curl_errorstr[CURL_ERROR_SIZE];
static int curl_ssl_verify = -1;
-static char *ssl_cert = NULL;
+static const char *ssl_cert = NULL;
#if LIBCURL_VERSION_NUM >= 0x070902
-static char *ssl_key = NULL;
+static const char *ssl_key = NULL;
#endif
#if LIBCURL_VERSION_NUM >= 0x070908
-static char *ssl_capath = NULL;
+static const char *ssl_capath = NULL;
#endif
-static char *ssl_cainfo = NULL;
+static const char *ssl_cainfo = NULL;
static long curl_low_speed_limit = -1;
static long curl_low_speed_time = -1;
static int curl_ftp_no_epsv = 0;
static struct active_request_slot *active_queue_head = NULL;
-size_t fread_buffer(void *ptr, size_t eltsize, size_t nmemb,
- struct buffer *buffer)
+size_t fread_buffer(void *ptr, size_t eltsize, size_t nmemb, void *buffer_)
{
size_t size = eltsize * nmemb;
+ struct buffer *buffer = buffer_;
+
if (size > buffer->buf.len - buffer->posn)
size = buffer->buf.len - buffer->posn;
memcpy(ptr, buffer->buf.buf + buffer->posn, size);
return size;
}
-size_t fwrite_buffer(const void *ptr, size_t eltsize,
- size_t nmemb, struct strbuf *buffer)
+size_t fwrite_buffer(const void *ptr, size_t eltsize, size_t nmemb, void *buffer_)
{
size_t size = eltsize * nmemb;
+ struct strbuf *buffer = buffer_;
+
strbuf_add(buffer, ptr, size);
data_received++;
return size;
}
-size_t fwrite_null(const void *ptr, size_t eltsize,
- size_t nmemb, struct strbuf *buffer)
+size_t fwrite_null(const void *ptr, size_t eltsize, size_t nmemb, void *strbuf)
{
data_received++;
return eltsize * nmemb;
}
#endif
-static int http_options(const char *var, const char *value)
+static int http_options(const char *var, const char *value, void *cb)
{
if (!strcmp("http.sslverify", var)) {
if (curl_ssl_verify == -1) {
}
if (!strcmp("http.sslcert", var)) {
- if (ssl_cert == NULL) {
- if (!value)
- return config_error_nonbool(var);
- ssl_cert = xstrdup(value);
- }
+ if (ssl_cert == NULL)
+ return git_config_string(&ssl_cert, var, value);
return 0;
}
#if LIBCURL_VERSION_NUM >= 0x070902
if (!strcmp("http.sslkey", var)) {
- if (ssl_key == NULL) {
- if (!value)
- return config_error_nonbool(var);
- ssl_key = xstrdup(value);
- }
+ if (ssl_key == NULL)
+ return git_config_string(&ssl_key, var, value);
return 0;
}
#endif
#if LIBCURL_VERSION_NUM >= 0x070908
if (!strcmp("http.sslcapath", var)) {
- if (ssl_capath == NULL) {
- if (!value)
- return config_error_nonbool(var);
- ssl_capath = xstrdup(value);
- }
+ if (ssl_capath == NULL)
+ return git_config_string(&ssl_capath, var, value);
return 0;
}
#endif
if (!strcmp("http.sslcainfo", var)) {
- if (ssl_cainfo == NULL) {
- if (!value)
- return config_error_nonbool(var);
- ssl_cainfo = xstrdup(value);
- }
+ if (ssl_cainfo == NULL)
+ return git_config_string(&ssl_cainfo, var, value);
return 0;
}
}
/* Fall back on the default ones */
- return git_default_config(var, value);
+ return git_default_config(var, value, cb);
}
static CURL* get_curl_handle(void)
{
CURL* result = curl_easy_init();
- curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, curl_ssl_verify);
+ if (!curl_ssl_verify) {
+ curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
+ curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
+ } else {
+ /* Verify authenticity of the peer's certificate */
+ curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
+ /* The name in the cert must match whom we tried to connect */
+ curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
+ }
+
#if LIBCURL_VERSION_NUM >= 0x070907
curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
#endif
if (low_speed_time != NULL)
curl_low_speed_time = strtol(low_speed_time, NULL, 10);
- git_config(http_options);
+ git_config(http_options, NULL);
if (curl_ssl_verify == -1)
curl_ssl_verify = 1;
void add_fill_function(void *data, int (*fill)(void *))
{
- struct fill_chain *new = malloc(sizeof(*new));
+ struct fill_chain *new = xmalloc(sizeof(*new));
struct fill_chain **linkp = &fill_cfg;
new->data = data;
new->fill = fill;
int len, baselen, ch;
baselen = strlen(base);
- len = baselen + 7; /* "/refs/" + NUL */
+ len = baselen + 2; /* '/' after base and terminating NUL */
for (cp = ref; (ch = *cp) != 0; cp++, len++)
if (needs_quote(ch))
len += 2; /* extra two hex plus replacement % */