diff options
author | Vicent Martà <vicent@github.com> | 2013-08-14 17:48:09 +0400 |
---|---|---|
committer | Vicent Martà <vicent@github.com> | 2013-08-14 17:48:09 +0400 |
commit | ad0af715751a37b4215ace8ddfcb69aa63ec8333 (patch) | |
tree | bcf8abd0842447402cdf12c377601237d458aa05 /src/remote.c | |
parent | 9d1751bf6e903821e87f331b8f63a2d5616a9d6c (diff) | |
parent | af6dab7ef74cf96c165e39cafd1aac3a659a3e8a (diff) |
Merge pull request #1780 from phkelley/development
Respect GIT_SSL_NO_VERIFY and http.sslVerify
Diffstat (limited to 'src/remote.c')
-rw-r--r-- | src/remote.c | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/src/remote.c b/src/remote.c index 0dda196df..7677e56b2 100644 --- a/src/remote.c +++ b/src/remote.c @@ -81,6 +81,31 @@ static int ensure_remote_name_is_valid(const char *name) return error; } +static int get_check_cert(git_repository *repo) +{ + git_config *cfg; + const char *val; + int check_cert; + + assert(repo); + + /* Go through the possible sources for SSL verification settings, from + * most specific to least specific. */ + + /* GIT_SSL_NO_VERIFY environment variable */ + if ((val = getenv("GIT_SSL_NO_VERIFY")) && + !git_config_parse_bool(&check_cert, val)) + return !check_cert; + + /* http.sslVerify config setting */ + if (!git_repository_config__weakptr(&cfg, repo) && + !git_config_get_bool(&check_cert, cfg, "http.sslVerify")) + return check_cert; + + /* By default, we *DO* want to verify the certificate. */ + return 1; +} + static int create_internal(git_remote **out, git_repository *repo, const char *name, const char *url, const char *fetch) { git_remote *remote; @@ -94,7 +119,7 @@ static int create_internal(git_remote **out, git_repository *repo, const char *n GITERR_CHECK_ALLOC(remote); remote->repo = repo; - remote->check_cert = 1; + remote->check_cert = (unsigned)get_check_cert(repo); remote->update_fetchhead = 1; if (git_vector_init(&remote->refs, 32, NULL) < 0) @@ -253,7 +278,7 @@ int git_remote_load(git_remote **out, git_repository *repo, const char *name) GITERR_CHECK_ALLOC(remote); memset(remote, 0x0, sizeof(git_remote)); - remote->check_cert = 1; + remote->check_cert = (unsigned)get_check_cert(repo); remote->update_fetchhead = 1; remote->name = git__strdup(name); GITERR_CHECK_ALLOC(remote->name); |