diff options
author | Vicent Marti <vicent@github.com> | 2014-09-17 14:56:39 +0200 |
---|---|---|
committer | Vicent Marti <vicent@github.com> | 2014-09-17 14:56:39 +0200 |
commit | 1312f87b6838649cca525935656c84c7bd07a9a1 (patch) | |
tree | bee84ab5e746484a13b75fbee0b8ca4a14d7f256 /include/git2 | |
parent | 25abbc27a77895e2f2316ed307b51e628d85f15c (diff) | |
parent | 52e09724fde2d46c1f31d07f6445dc7b4dee3947 (diff) | |
download | libgit2-1312f87b6838649cca525935656c84c7bd07a9a1.tar.gz |
Merge pull request #2464 from libgit2/cmn/host-cert-info
Provide a callback for certificate validation
Diffstat (limited to 'include/git2')
-rw-r--r-- | include/git2/errors.h | 1 | ||||
-rw-r--r-- | include/git2/remote.h | 16 | ||||
-rw-r--r-- | include/git2/sys/transport.h | 4 | ||||
-rw-r--r-- | include/git2/transport.h | 61 | ||||
-rw-r--r-- | include/git2/types.h | 38 |
5 files changed, 109 insertions, 11 deletions
diff --git a/include/git2/errors.h b/include/git2/errors.h index b91560631..2ba9924f5 100644 --- a/include/git2/errors.h +++ b/include/git2/errors.h @@ -42,6 +42,7 @@ typedef enum { GIT_ELOCKED = -14, /**< Lock file prevented operation */ GIT_EMODIFIED = -15, /**< Reference value does not match expected */ GIT_EAUTH = -16, /**< Authentication error */ + GIT_ECERTIFICATE = -17, /**< Server certificate is invalid */ GIT_PASSTHROUGH = -30, /**< Internal only */ GIT_ITEROVER = -31, /**< Signals end of iteration with iterator */ diff --git a/include/git2/remote.h b/include/git2/remote.h index de5823e6d..055f5e517 100644 --- a/include/git2/remote.h +++ b/include/git2/remote.h @@ -408,14 +408,6 @@ GIT_EXTERN(int) git_remote_supported_url(const char* url); GIT_EXTERN(int) git_remote_list(git_strarray *out, git_repository *repo); /** - * Choose whether to check the server's certificate (applies to HTTPS only) - * - * @param remote the remote to configure - * @param check whether to check the server's certificate (defaults to yes) - */ -GIT_EXTERN(void) git_remote_check_cert(git_remote *remote, int check); - -/** * Argument to the completion callback which tells it which operation * finished. */ @@ -456,6 +448,14 @@ struct git_remote_callbacks { git_cred_acquire_cb credentials; /** + * If cert verification fails, this will be called to let the + * user make the final decision of whether to allow the + * connection to proceed. Returns 1 to allow the connection, 0 + * to disallow it or a negative value to indicate an error. + */ + git_transport_certificate_check_cb certificate_check; + + /** * During the download of new data, this will be regularly * called with the current count of progress done by the * indexer. diff --git a/include/git2/sys/transport.h b/include/git2/sys/transport.h index 62ac455d3..1e8f4e4ed 100644 --- a/include/git2/sys/transport.h +++ b/include/git2/sys/transport.h @@ -23,9 +23,6 @@ GIT_BEGIN_DECL typedef enum { GIT_TRANSPORTFLAGS_NONE = 0, - /* If the connection is secured with SSL/TLS, the authenticity - * of the server certificate should not be verified. */ - GIT_TRANSPORTFLAGS_NO_CHECK_CERT = 1 } git_transport_flags_t; typedef struct git_transport git_transport; @@ -37,6 +34,7 @@ struct git_transport { git_transport *transport, git_transport_message_cb progress_cb, git_transport_message_cb error_cb, + git_transport_certificate_check_cb certificate_check_cb, void *payload); /* Connect the transport to the remote repository, using the given diff --git a/include/git2/transport.h b/include/git2/transport.h index 7090698ac..39df479c7 100644 --- a/include/git2/transport.h +++ b/include/git2/transport.h @@ -20,6 +20,67 @@ */ GIT_BEGIN_DECL +/** + * Type of SSH host fingerprint + */ +typedef enum { + /** MD5 is available */ + GIT_CERT_SSH_MD5 = (1 << 0), + /** SHA-1 is available */ + GIT_CERT_SSH_SHA1 = (1 << 1), +} git_cert_ssh_t; + +/** + * Hostkey information taken from libssh2 + */ +typedef struct { + /** + * Type of certificate. Here to share the header with + * `git_cert`. + */ + git_cert_t cert_type; + /** + * A hostkey type from libssh2, either + * `GIT_CERT_SSH_MD5` or `GIT_CERT_SSH_SHA1` + */ + git_cert_ssh_t type; + + /** + * Hostkey hash. If type has `GIT_CERT_SSH_MD5` set, this will + * have the MD5 hash of the hostkey. + */ + unsigned char hash_md5[16]; + + /** + * Hostkey hash. If type has `GIT_CERT_SSH_SHA1` set, this will + * have the SHA-1 hash of the hostkey. + */ + unsigned char hash_sha1[20]; +} git_cert_hostkey; + +/** + * X.509 certificate information + */ +typedef struct { + /** + * Type of certificate. Here to share the header with + * `git_cert`. + */ + git_cert_t cert_type; + /** + * Pointer to the X.509 certificate data + */ + void *data; + /** + * Length of the memory block pointed to by `data`. + */ + size_t len; +} git_cert_x509; + +/* + *** Begin interface for credentials acquisition *** + */ + /** Authentication type requested */ typedef enum { /* git_cred_userpass_plaintext */ diff --git a/include/git2/types.h b/include/git2/types.h index 7ed1bcd4c..7ee7cc344 100644 --- a/include/git2/types.h +++ b/include/git2/types.h @@ -254,6 +254,44 @@ typedef int (*git_transfer_progress_cb)(const git_transfer_progress *stats, void typedef int (*git_transport_message_cb)(const char *str, int len, void *payload); /** + * Type of host certificate structure that is passed to the check callback + */ +typedef enum git_cert_t { + /** + * The `data` argument to the callback will be a pointer to + * the DER-encoded data. + */ + GIT_CERT_X509, + /** + * The `data` argument to the callback will be a pointer to a + * `git_cert_hostkey` structure. + */ + GIT_CERT_HOSTKEY_LIBSSH2, +} git_cert_t; + +/** + * Parent type for `git_cert_hostkey` and `git_cert_x509`. + */ +typedef struct { + /** + * Type of certificate. A `GIT_CERT_` value. + */ + git_cert_t cert_type; +} git_cert; + +/** + * Callback for the user's custom certificate checks. + * + * @param type The type of certificate or host info, SSH or X.509 + * @param data The data for the certificate or host info + * @param len The size of the certificate or host info + * @param valid Whether the libgit2 checks (OpenSSL or WinHTTP) think + * this certificate is valid + * @param payload Payload provided by the caller + */ +typedef int (*git_transport_certificate_check_cb)(git_cert *cert, int valid, void *payload); + +/** * Opaque structure representing a submodule. */ typedef struct git_submodule git_submodule; |