Abstract away the TLS stream implementation

Instead, provide git_tls_stream_new() to ask for the most appropriate encrypted stream and use it in our HTTP transport.
2025-08-15 15:06:16 +00:00 · 2015-03-19 00:18:03 +01:00 · 2015-03-19 00:18:03 +01:00 · 6946a3be95
commit 6946a3be95
parent 6bb54cbff3
3 changed files with 51 additions and 2 deletions
--- a/src/tls_stream.c
+++ b/src/tls_stream.c
@ -0,0 +1,28 @@
+/*
+ * Copyright (C) the libgit2 contributors. All rights reserved.
+ *
+ * This file is part of libgit2, distributed under the GNU GPL v2 with
+ * a Linking Exception. For full terms see the included COPYING file.
+ */
+
+#include "git2/errors.h"
+#include "common.h"
+
+#include "openssl_stream.h"
+#include "stransport_stream.h"
+
+int git_tls_stream_new(git_stream **out, const char *host, const char *port)
+{
+#ifdef GIT_SECURE_TRANSPORT
+	return git_stransport_stream_new(out, host, port);
+#elif defined(GIT_SSL)
+	return git_openssl_stream_new(out, host, port);
+#else
+	GIT_UNUSED(out);
+	GIT_UNUSED(host);
+	GIT_UNUSED(port);
+
+	giterr_set(GITERR_SSL, "there is no TLS stream available");
+	return -1;
+#endif
+}
--- a/src/tls_stream.h
+++ b/src/tls_stream.h
@ -0,0 +1,21 @@
+/*
+ * Copyright (C) the libgit2 contributors. All rights reserved.
+ *
+ * This file is part of libgit2, distributed under the GNU GPL v2 with
+ * a Linking Exception. For full terms see the included COPYING file.
+ */
+#ifndef INCLUDE_tls_stream_h__
+#define INCLUDE_tls_stream_h__
+
+#include "git2/sys/stream.h"
+
+/**
+ * Create a TLS stream with the most appropriate backend available for
+ * the current platform.
+ *
+ * This allows us to ask for a SecureTransport or OpenSSL stream
+ * according to being on general Unix vs OS X.
+ */
+extern int git_tls_stream_new(git_stream **out, const char *host, const char *port);
+
+#endif
--- a/src/transports/http.c
+++ b/src/transports/http.c
@ -13,7 +13,7 @@
 #include "smart.h"
 #include "auth.h"
 #include "auth_negotiate.h"
-#include "openssl_stream.h"
+#include "tls_stream.h"
 #include "socket_stream.h"

 git_http_auth_scheme auth_schemes[] = {
@ -545,7 +545,7 @@ static int http_connect(http_subtransport *t)
 	}

 	if (t->connection_data.use_ssl) {
-		error = git_openssl_stream_new(&t->io, t->connection_data.host, t->connection_data.port);
+		error = git_tls_stream_new(&t->io, t->connection_data.host, t->connection_data.port);
 	} else {
 		error = git_socket_stream_new(&t->io,  t->connection_data.host, t->connection_data.port);
 	}