From 11fa84728312aecdd8bc038cebd3458ec162e603 Mon Sep 17 00:00:00 2001 From: Philip Kelley Date: Tue, 6 Nov 2012 11:27:23 -0500 Subject: [PATCH] Don't store no_check_cert; fetch it on demand --- src/transports/http.c | 18 +++++++----------- src/transports/winhttp.c | 22 +++++++++------------- 2 files changed, 16 insertions(+), 24 deletions(-) diff --git a/src/transports/http.c b/src/transports/http.c index f2ff2d6e2..78977f44a 100644 --- a/src/transports/http.c +++ b/src/transports/http.c @@ -54,8 +54,7 @@ typedef struct { git_cred *cred; http_authmechanism_t auth_mechanism; unsigned connected : 1, - use_ssl : 1, - no_check_cert : 1; + use_ssl : 1; /* Parser structures */ http_parser parser; @@ -572,9 +571,14 @@ static int http_action( if (!t->connected || !http_should_keep_alive(&t->parser)) { if (t->use_ssl) { + int transport_flags; + + if (t->owner->parent.read_flags(&t->owner->parent, &transport_flags) < 0) + return -1; + flags |= GITNO_CONNECT_SSL; - if (t->no_check_cert) + if (GIT_TRANSPORTFLAGS_NO_CHECK_CERT & transport_flags) flags |= GITNO_CONNECT_SSL_NO_CHECK_CERT; } @@ -635,14 +639,6 @@ int git_smart_subtransport_http(git_smart_subtransport **out, t->parent.action = http_action; t->parent.free = http_free; - /* Read the flags from the owning transport */ - if (owner->read_flags && owner->read_flags(owner, &flags) < 0) { - git__free(t); - return -1; - } - - t->no_check_cert = flags & GIT_TRANSPORTFLAGS_NO_CHECK_CERT; - t->settings.on_header_field = on_header_field; t->settings.on_header_value = on_header_value; t->settings.on_headers_complete = on_headers_complete; diff --git a/src/transports/winhttp.c b/src/transports/winhttp.c index ef47616ad..44617f389 100644 --- a/src/transports/winhttp.c +++ b/src/transports/winhttp.c @@ -62,8 +62,7 @@ typedef struct { int auth_mechanism; HINTERNET session; HINTERNET connection; - unsigned use_ssl : 1, - no_check_cert : 1; + unsigned use_ssl : 1; } winhttp_subtransport; static int apply_basic_credential(HINTERNET request, git_cred *cred) @@ -183,8 +182,14 @@ static int winhttp_stream_connect(winhttp_stream *s) } /* If requested, disable certificate validation */ - if (t->use_ssl && t->no_check_cert) { - if (!WinHttpSetOption(s->request, WINHTTP_OPTION_SECURITY_FLAGS, + if (t->use_ssl) { + int flags; + + if (t->owner->parent.read_flags(&t->owner->parent, &flags) < 0) + goto on_error; + + if ((GIT_TRANSPORTFLAGS_NO_CHECK_CERT & flags) && + !WinHttpSetOption(s->request, WINHTTP_OPTION_SECURITY_FLAGS, (LPVOID)&no_check_cert_flags, sizeof(no_check_cert_flags))) { giterr_set(GITERR_OS, "Failed to set options to ignore cert errors"); goto on_error; @@ -608,7 +613,6 @@ static void winhttp_free(git_smart_subtransport *smart_transport) int git_smart_subtransport_http(git_smart_subtransport **out, git_transport *owner) { winhttp_subtransport *t; - int flags; if (!out) return -1; @@ -620,14 +624,6 @@ int git_smart_subtransport_http(git_smart_subtransport **out, git_transport *own t->parent.action = winhttp_action; t->parent.free = winhttp_free; - /* Read the flags from the owning transport */ - if (owner->read_flags && owner->read_flags(owner, &flags) < 0) { - git__free(t); - return -1; - } - - t->no_check_cert = flags & GIT_TRANSPORTFLAGS_NO_CHECK_CERT; - *out = (git_smart_subtransport *) t; return 0; }