diff options
author | Carlos Martín Nieto <cmn@dwim.me> | 2015-03-16 19:41:50 +0100 |
---|---|---|
committer | Carlos Martín Nieto <cmn@dwim.me> | 2015-03-21 21:12:10 +0100 |
commit | 1dd5e28ec1fe5dc1d58116edb88148fcde963e83 (patch) | |
tree | 0976bece527a3b842e93a3af5cb3c0481c0e2b27 | |
parent | dd243fe1aeb93b12308bb67506eaeeee2a972eb0 (diff) | |
download | libgit2-1dd5e28ec1fe5dc1d58116edb88148fcde963e83.tar.gz |
http: do not try to use the cert callback on unencrypted streams
When the user has a certificate check callback set, we still have to
check whether the stream we're using is even capable of providing a
certificate.
In the case of an unencrypted certificate, do not ask for it from the
stream, and do not call the callback.
-rw-r--r-- | src/stream.h | 5 | ||||
-rw-r--r-- | src/transports/http.c | 3 |
2 files changed, 7 insertions, 1 deletions
diff --git a/src/stream.h b/src/stream.h index 3a7ef9514..d810e704d 100644 --- a/src/stream.h +++ b/src/stream.h @@ -15,6 +15,11 @@ GIT_INLINE(int) git_stream_connect(git_stream *st) return st->connect(st); } +GIT_INLINE(int) git_stream_is_encrypted(git_stream *st) +{ + return st->encrypted; +} + GIT_INLINE(int) git_stream_certificate(git_cert **out, git_stream *st) { if (!st->encrypted) { diff --git a/src/transports/http.c b/src/transports/http.c index 0907afa6d..0cd33002f 100644 --- a/src/transports/http.c +++ b/src/transports/http.c @@ -558,7 +558,8 @@ static int http_connect(http_subtransport *t) error = git_stream_connect(t->io); #ifdef GIT_SSL - if ((!error || error == GIT_ECERTIFICATE) && t->owner->certificate_check_cb != NULL) { + if ((!error || error == GIT_ECERTIFICATE) && t->owner->certificate_check_cb != NULL && + git_stream_is_encrypted(t->io)) { git_cert *cert; int is_valid; |