On Mon, Mar 20, 2023 at 09:21:44PM +0300, Stanislav M wrote:
quoted
quoted
@@ -1014,10 +1020,14 @@ static CURL *get_curl_handle(void)
if (ssl_cert)
curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
+ if (ssl_cert_type)
+ curl_easy_setopt(result, CURLOPT_SSLCERTTYPE, ssl_cert_type);
We're just feeding curl whatever string the user gave us (which is good,
since we don't know which ones are valid). But what happens with:
GIT_SSL_CERT_TYPE=bogus git fetch ...
Should we check for an error here, or will the actual request later
complain properly?
Curl itself validates that string. And if we pass the wrong type or
not pass 'ENG' in case of pkcs11: curl will return an error. In that
case git do the same if GIT_SSL_CERT passed wrong ss 'ENG' in case of
pkcs11: curl will return an error. In that case git do the same if
GIT_SSL_CERT passed wrong
That sounds great. Thanks for confirming!
-Peff