diff options
| author | Junio C Hamano <gitster@pobox.com> | 2008-09-18 19:52:57 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2008-09-18 19:52:57 -0700 |
| commit | 6380d128ed852d0c4feb4a362f98aa3709c4962e (patch) | |
| tree | ff11e2fb43ce87fa225cd67a3e70ad84ab084a0b | |
| parent | e32c0a9c38a126c9eb8ff8f2fdc1fb8875400bbe (diff) | |
| parent | a5ccc5979d210500d00169f98cc8567ea346fcb0 (diff) | |
| download | git-6380d128ed852d0c4feb4a362f98aa3709c4962e.tar.gz git-6380d128ed852d0c4feb4a362f98aa3709c4962e.tar.xz | |
Merge branch 'mh/maint-honor-no-ssl-verify' into maint
* mh/maint-honor-no-ssl-verify:
Don't verify host name in SSL certs when GIT_SSL_NO_VERIFY is set
| -rw-r--r-- | http.c | 11 |
1 files changed, 10 insertions, 1 deletions
@@ -165,7 +165,16 @@ static CURL* get_curl_handle(void) { CURL* result = curl_easy_init(); - curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, curl_ssl_verify); + if (!curl_ssl_verify) { + curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 0); + curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 0); + } else { + /* Verify authenticity of the peer's certificate */ + curl_easy_setopt(result, CURLOPT_SSL_VERIFYPEER, 1); + /* The name in the cert must match whom we tried to connect */ + curl_easy_setopt(result, CURLOPT_SSL_VERIFYHOST, 2); + } + #if LIBCURL_VERSION_NUM >= 0x070907 curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL); #endif |