]>
Commit | Line | Data |
---|---|---|
55fdf8e5 NBS |
1 | Subject: Use curl for TLS |
2 | Forwarded: no | |
3 | Applied-Upstream: no | |
4 | From: Nicolas Braud-Santoni <nicolas@braud-santoni.eu> | |
5 | Reviewed-by: Nicolas Braud-Santoni <nicolas@braud-santoni.eu> | |
6 | Last-Update: 2018-05-02 | |
7 | ||
8 | The original Debian patchset was authored by Ximin Luo <infinity0@debian.org> | |
27f4a70e | 9 | Original pull request https://github.com/libgit2/libgit2/pull/4325 |
55fdf8e5 NBS |
10 | --- |
11 | src/CMakeLists.txt | 3 +++ | |
12 | src/streams/curl.c | 14 +++++++++++--- | |
13 | src/streams/curl.h | 2 +- | |
14 | src/streams/openssl.c | 2 +- | |
15 | src/streams/tls.c | 2 ++ | |
16 | src/transports/http.c | 2 +- | |
17 | 6 files changed, 19 insertions(+), 6 deletions(-) | |
18 | ||
19 | diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt | |
20 | index b03b96a..2739fb5 100644 | |
21 | --- a/src/CMakeLists.txt | |
22 | +++ b/src/CMakeLists.txt | |
23 | @@ -124,6 +124,9 @@ ELSE () | |
24 | ||
25 | IF (CURL_FOUND) | |
26 | SET(GIT_CURL 1) | |
27 | + IF (USE_CURL_SSL) | |
28 | + ADD_DEFINITIONS(-DGIT_CURL_SSL) | |
29 | + ENDIF() | |
30 | LIST(APPEND LIBGIT2_INCLUDES ${CURL_INCLUDE_DIRS}) | |
31 | LIST(APPEND LIBGIT2_LIBDIRS ${CURL_LIBRARY_DIRS}) | |
32 | LIST(APPEND LIBGIT2_LIBS ${CURL_LIBRARIES}) | |
33 | diff --git a/src/streams/curl.c b/src/streams/curl.c | |
34 | index ee13be1..afb3775 100644 | |
35 | --- a/src/streams/curl.c | |
36 | +++ b/src/streams/curl.c | |
37 | @@ -314,7 +314,7 @@ static void curls_free(git_stream *stream) | |
38 | git__free(s); | |
39 | } | |
40 | ||
41 | -int git_curl_stream_new(git_stream **out, const char *host, const char *port) | |
42 | +int git_curl_stream_new(git_stream **out, const char *host, const char *port, int encrypted) | |
43 | { | |
44 | curl_stream *st; | |
45 | CURL *handle; | |
46 | @@ -335,7 +335,15 @@ int git_curl_stream_new(git_stream **out, const char *host, const char *port) | |
47 | return error; | |
48 | } | |
49 | ||
50 | - curl_easy_setopt(handle, CURLOPT_URL, host); | |
51 | + if (encrypted) { | |
52 | + git_buf buf = GIT_BUF_INIT; | |
53 | + git_buf_printf(&buf, "https://%s", host); | |
54 | + curl_easy_setopt(handle, CURLOPT_URL, buf.ptr); | |
55 | + git_buf_free(&buf); | |
56 | + } else { | |
57 | + curl_easy_setopt(handle, CURLOPT_URL, host); | |
58 | + } | |
59 | + | |
60 | curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, st->curl_error); | |
61 | curl_easy_setopt(handle, CURLOPT_PORT, iport); | |
62 | curl_easy_setopt(handle, CURLOPT_CONNECT_ONLY, 1); | |
63 | @@ -347,7 +355,7 @@ int git_curl_stream_new(git_stream **out, const char *host, const char *port) | |
64 | /* curl_easy_setopt(handle, CURLOPT_VERBOSE, 1); */ | |
65 | ||
66 | st->parent.version = GIT_STREAM_VERSION; | |
67 | - st->parent.encrypted = 0; /* we don't encrypt ourselves */ | |
68 | + st->parent.encrypted = encrypt; /* we don't encrypt ourselves */ | |
69 | st->parent.proxy_support = 1; | |
70 | st->parent.connect = curls_connect; | |
71 | st->parent.certificate = curls_certificate; | |
72 | diff --git a/src/streams/curl.h b/src/streams/curl.h | |
73 | index 511cd89..ac0df1c 100644 | |
74 | --- a/src/streams/curl.h | |
75 | +++ b/src/streams/curl.h | |
76 | @@ -12,6 +12,6 @@ | |
77 | #include "git2/sys/stream.h" | |
78 | ||
79 | extern int git_curl_stream_global_init(void); | |
80 | -extern int git_curl_stream_new(git_stream **out, const char *host, const char *port); | |
81 | +extern int git_curl_stream_new(git_stream **out, const char *host, const char *port, int encrypted); | |
82 | ||
83 | #endif | |
84 | diff --git a/src/streams/openssl.c b/src/streams/openssl.c | |
85 | index 9cbb274..063750f 100644 | |
86 | --- a/src/streams/openssl.c | |
87 | +++ b/src/streams/openssl.c | |
88 | @@ -607,7 +607,7 @@ int git_openssl_stream_new(git_stream **out, const char *host, const char *port) | |
89 | ||
90 | st->io = NULL; | |
91 | #ifdef GIT_CURL | |
92 | - error = git_curl_stream_new(&st->io, host, port); | |
93 | + error = git_curl_stream_new(&st->io, host, port, false); | |
94 | #else | |
95 | error = git_socket_stream_new(&st->io, host, port); | |
96 | #endif | |
97 | diff --git a/src/streams/tls.c b/src/streams/tls.c | |
98 | index d6ca7d4..7279306 100644 | |
99 | --- a/src/streams/tls.c | |
100 | +++ b/src/streams/tls.c | |
101 | @@ -31,6 +31,8 @@ int git_tls_stream_new(git_stream **out, const char *host, const char *port) | |
102 | return git_stransport_stream_new(out, host, port); | |
103 | #elif defined(GIT_OPENSSL) | |
104 | return git_openssl_stream_new(out, host, port); | |
105 | +#elif defined(GIT_CURL_SSL) | |
106 | + return git_curl_stream_new(out, host, port, true); | |
107 | #else | |
108 | GIT_UNUSED(out); | |
109 | GIT_UNUSED(host); | |
110 | diff --git a/src/transports/http.c b/src/transports/http.c | |
111 | index e051c8a..984be08 100644 | |
112 | --- a/src/transports/http.c | |
113 | +++ b/src/transports/http.c | |
114 | @@ -605,7 +605,7 @@ static int http_connect(http_subtransport *t) | |
115 | error = git_tls_stream_new(&t->io, t->connection_data.host, t->connection_data.port); | |
116 | } else { | |
117 | #ifdef GIT_CURL | |
118 | - error = git_curl_stream_new(&t->io, t->connection_data.host, t->connection_data.port); | |
119 | + error = git_curl_stream_new(&t->io, t->connection_data.host, t->connection_data.port, false); | |
120 | #else | |
121 | error = git_socket_stream_new(&t->io, t->connection_data.host, t->connection_data.port); | |
122 | #endif |