diff options
author | Carlos Martín Nieto <cmn@dwim.me> | 2015-03-16 19:41:50 +0100 |
---|---|---|
committer | Carlos Martín Nieto <cmn@dwim.me> | 2015-03-16 19:43:46 +0100 |
commit | 84d83b8e75a85b22c6003eaf9416b98fe6916d29 (patch) | |
tree | 152746787758c2be0cb538301302f5a686a11217 | |
parent | 29e7ae5d81c1615fbcde78d7fbf44856059d9b99 (diff) | |
download | libgit2-84d83b8e75a85b22c6003eaf9416b98fe6916d29.tar.gz |
http: do not try to use the cert callback on unencrypted streamscmn/stream-check-ec
When the user has a certificate check callback set, we still have to
check whether the stream we're using is even capable of providing a
certificate.
In the case of an unencrypted certificate, do not ask for it from the
stream, and do not call the callback.
-rw-r--r-- | src/stream.h | 5 | ||||
-rw-r--r-- | src/transports/http.c | 3 |
2 files changed, 7 insertions, 1 deletions
diff --git a/src/stream.h b/src/stream.h index 3a7ef9514..d810e704d 100644 --- a/src/stream.h +++ b/src/stream.h @@ -15,6 +15,11 @@ GIT_INLINE(int) git_stream_connect(git_stream *st) return st->connect(st); } +GIT_INLINE(int) git_stream_is_encrypted(git_stream *st) +{ + return st->encrypted; +} + GIT_INLINE(int) git_stream_certificate(git_cert **out, git_stream *st) { if (!st->encrypted) { diff --git a/src/transports/http.c b/src/transports/http.c index 0907afa6d..0cd33002f 100644 --- a/src/transports/http.c +++ b/src/transports/http.c @@ -558,7 +558,8 @@ static int http_connect(http_subtransport *t) error = git_stream_connect(t->io); #ifdef GIT_SSL - if ((!error || error == GIT_ECERTIFICATE) && t->owner->certificate_check_cb != NULL) { + if ((!error || error == GIT_ECERTIFICATE) && t->owner->certificate_check_cb != NULL && + git_stream_is_encrypted(t->io)) { git_cert *cert; int is_valid; |