Thread (5 messages) 5 messages, 3 authors, 2023-03-21

Re: [PATCH v2] http: add support for different sslcert and sslkey types.

From: Jeff King <hidden>
Date: 2023-03-21 17:22:51

On Mon, Mar 20, 2023 at 09:21:44PM +0300, Stanislav M wrote:
quoted
quoted
@@ -1014,10 +1020,14 @@ static CURL *get_curl_handle(void)

      if (ssl_cert)
              curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
+     if (ssl_cert_type)
+             curl_easy_setopt(result, CURLOPT_SSLCERTTYPE, ssl_cert_type);
We're just feeding curl whatever string the user gave us (which is good,
since we don't know which ones are valid). But what happens with:

  GIT_SSL_CERT_TYPE=bogus git fetch ...

Should we check for an error here, or will the actual request later
complain properly?
Curl itself validates that string. And if we pass the wrong type or
not pass 'ENG' in case of pkcs11: curl will return an error. In that
case git do the same if GIT_SSL_CERT passed wrong ss 'ENG' in case of
pkcs11: curl will return an error. In that case git do the same if
GIT_SSL_CERT passed wrong
That sounds great. Thanks for confirming!

-Peff
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help