diff options
| author | Lars Kellogg-Stedman <lars@redhat.com> | 2015-05-08 09:22:15 -0400 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2015-05-08 10:56:26 -0700 |
| commit | f6f2a9e42d14e61429af418d8038aa67049b3821 (patch) | |
| tree | 9c359d4e6c1721f112f201b9b0dd49670db61b93 /http.c | |
| parent | 16018ae5fb368151f3eff13730cf089b63f41962 (diff) | |
| download | git-f6f2a9e42d14e61429af418d8038aa67049b3821.tar.gz | |
http: add support for specifying an SSL cipher listls/http-ssl-cipher-list
Teach git about a new option, "http.sslCipherList", which permits one to
specify a list of ciphers to use when negotiating SSL connections. The
setting can be overwridden by the GIT_SSL_CIPHER_LIST environment
variable.
Signed-off-by: Lars Kellogg-Stedman <lars@redhat.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'http.c')
| -rw-r--r-- | http.c | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -35,6 +35,7 @@ char curl_errorstr[CURL_ERROR_SIZE]; static int curl_ssl_verify = -1; static int curl_ssl_try; static const char *ssl_cert; +static const char *ssl_cipherlist; #if LIBCURL_VERSION_NUM >= 0x070903 static const char *ssl_key; #endif @@ -153,6 +154,8 @@ static int http_options(const char *var, const char *value, void *cb) curl_ssl_verify = git_config_bool(var, value); return 0; } + if (!strcmp("http.sslcipherlist", var)) + return git_config_string(&ssl_cipherlist, var, value); if (!strcmp("http.sslcert", var)) return git_config_string(&ssl_cert, var, value); #if LIBCURL_VERSION_NUM >= 0x070903 @@ -327,6 +330,13 @@ static CURL *get_curl_handle(void) if (http_proactive_auth) init_curl_http_auth(result); + if (getenv("GIT_SSL_CIPHER_LIST")) + ssl_cipherlist = getenv("GIT_SSL_CIPHER_LIST"); + + if (ssl_cipherlist != NULL && *ssl_cipherlist) + curl_easy_setopt(result, CURLOPT_SSL_CIPHER_LIST, + ssl_cipherlist); + if (ssl_cert != NULL) curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert); if (has_cert_password()) |