static int has_cert_password(void)
{
- if (ssl_cert_password != NULL)
- return 1;
if (ssl_cert == NULL || ssl_cert_password_required != 1)
return 0;
- /* Only prompt the user once. */
- ssl_cert_password_required = -1;
- ssl_cert_password = git_getpass("Certificate Password: ");
- if (ssl_cert_password != NULL) {
- ssl_cert_password = xstrdup(ssl_cert_password);
- return 1;
- } else
- return 0;
+ if (!cert_auth.password) {
+ cert_auth.protocol = xstrdup("cert");
+ cert_auth.username = xstrdup("");
+ cert_auth.path = xstrdup(ssl_cert);
+ credential_fill(&cert_auth);
+ }
+ return 1;
}
+ #if LIBCURL_VERSION_NUM >= 0x071900
+ static void set_curl_keepalive(CURL *c)
+ {
+ curl_easy_setopt(c, CURLOPT_TCP_KEEPALIVE, 1);
+ }
+
+ #elif LIBCURL_VERSION_NUM >= 0x071000
+ static int sockopt_callback(void *client, curl_socket_t fd, curlsocktype type)
+ {
+ int ka = 1;
+ int rc;
+ socklen_t len = (socklen_t)sizeof(ka);
+
+ if (type != CURLSOCKTYPE_IPCXN)
+ return 0;
+
+ rc = setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (void *)&ka, len);
+ if (rc < 0)
+ warning("unable to set SO_KEEPALIVE on socket %s",
+ strerror(errno));
+
+ return 0; /* CURL_SOCKOPT_OK only exists since curl 7.21.5 */
+ }
+
+ static void set_curl_keepalive(CURL *c)
+ {
+ curl_easy_setopt(c, CURLOPT_SOCKOPTFUNCTION, sockopt_callback);
+ }
+
+ #else
+ static void set_curl_keepalive(CURL *c)
+ {
+ /* not supported on older curl versions */
+ }
+ #endif
+
static CURL *get_curl_handle(void)
{
CURL *result = curl_easy_init();
if (curl_ftp_no_epsv)
curl_easy_setopt(result, CURLOPT_FTP_USE_EPSV, 0);
- if (curl_http_proxy)
+#ifdef CURLOPT_USE_SSL
+ if (curl_ssl_try)
+ curl_easy_setopt(result, CURLOPT_USE_SSL, CURLUSESSL_TRY);
+#endif
+
+ if (curl_http_proxy) {
curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
+ curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
+ }
+ set_curl_keepalive(result);
+
return result;
}