From: Junio C Hamano <gitster@pobox.com>
Date: Tue, 16 Sep 2008 07:46:36 +0000 (-0700)
Subject: Merge branch 'mh/maint-honor-no-ssl-verify'
X-Git-Tag: v1.6.1-rc1~241
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/fb0863a528c1503cba1a9b8bf8da11a8e0b271aa?hp=-c

Merge branch 'mh/maint-honor-no-ssl-verify'

* mh/maint-honor-no-ssl-verify:
Don't verify host name in SSL certs when GIT_SSL_NO_VERIFY is set
---

fb0863a528c1503cba1a9b8bf8da11a8e0b271aa
diff --combined http.c
index 0788936704,a97fdf5117..ed59b79709
--- a/http.c
+++ b/http.c
@@@ -165,7 -165,16 +165,16 @@@ static CURL* get_curl_handle(void
  {
  	CURL* result = curl_easy_init();
  
- 	curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, curl_ssl_verify);
+ 	if (!curl_ssl_verify) {
+ 		curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0);
+ 		curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0);
+ 	} else {
+ 		/* Verify authenticity of the peer's certificate */
+ 		curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1);
+ 		/* The name in the cert must match whom we tried to connect */
+ 		curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2);
+ 	}
+ 
  #if LIBCURL_VERSION_NUM >= 0x070907
  	curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
  #endif
@@@ -402,7 -411,7 +411,7 @@@ static struct fill_chain *fill_cfg = NU
  
  void add_fill_function(void *data, int (*fill)(void *))
  {
 -	struct fill_chain *new = malloc(sizeof(*new));
 +	struct fill_chain *new = xmalloc(sizeof(*new));
  	struct fill_chain **linkp = &fill_cfg;
  	new->data = data;
  	new->fill = fill;