proxmox-mirrors/libgit2
1
0
Fork 0
mirror of https://git.proxmox.com/git/libgit2 synced 2025-05-06 11:19:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

http: do not try to use the cert callback on unencrypted streams

Browse Source 
When the user has a certificate check callback set, we still have to
check whether the stream we're using is even capable of providing a
certificate.

In the case of an unencrypted certificate, do not ask for it from the
stream, and do not call the callback.
This commit is contained in:
Carlos Martín Nieto 2015-03-16 19:41:50 +01:00
parent 29e7ae5d81
commit 84d83b8e75
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/stream.h
View File

@ -15,6 +15,11 @@ GIT_INLINE(int) git_stream_connect(git_stream *st)
return st->connect(st); return st->connect(st);
} }
GIT_INLINE(int) git_stream_is_encrypted(git_stream *st)
{
return st->encrypted;
}
GIT_INLINE(int) git_stream_certificate(git_cert **out, git_stream *st) GIT_INLINE(int) git_stream_certificate(git_cert **out, git_stream *st)
{ {
if (!st->encrypted) { if (!st->encrypted) {

3
src/transports/http.c
View File

@ -558,7 +558,8 @@ static int http_connect(http_subtransport *t)
error = git_stream_connect(t->io); error = git_stream_connect(t->io);
#ifdef GIT_SSL #ifdef GIT_SSL
if ((!error || error == GIT_ECERTIFICATE) && t->owner->certificate_check_cb != NULL) { if ((!error || error == GIT_ECERTIFICATE) && t->owner->certificate_check_cb != NULL &&
git_stream_is_encrypted(t->io)) {
git_cert *cert; git_cert *cert;
int is_valid; int is_valid;