Commit 11fa84728312aecdd8bc038cebd3458ec162e603
2012-11-06T11:27:23
Don't store no_check_cert; fetch it on demand
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
diff --git a/src/transports/http.c b/src/transports/http.c
index f2ff2d6..78977f4 100644
--- a/src/transports/http.c
+++ b/src/transports/http.c
@@ -54,8 +54,7 @@ typedef struct {
git_cred *cred;
http_authmechanism_t auth_mechanism;
unsigned connected : 1,
- use_ssl : 1,
- no_check_cert : 1;
+ use_ssl : 1;
/* Parser structures */
http_parser parser;
@@ -572,9 +571,14 @@ static int http_action(
if (!t->connected || !http_should_keep_alive(&t->parser)) {
if (t->use_ssl) {
+ int transport_flags;
+
+ if (t->owner->parent.read_flags(&t->owner->parent, &transport_flags) < 0)
+ return -1;
+
flags |= GITNO_CONNECT_SSL;
- if (t->no_check_cert)
+ if (GIT_TRANSPORTFLAGS_NO_CHECK_CERT & transport_flags)
flags |= GITNO_CONNECT_SSL_NO_CHECK_CERT;
}
@@ -635,14 +639,6 @@ int git_smart_subtransport_http(git_smart_subtransport **out,
t->parent.action = http_action;
t->parent.free = http_free;
- /* Read the flags from the owning transport */
- if (owner->read_flags && owner->read_flags(owner, &flags) < 0) {
- git__free(t);
- return -1;
- }
-
- t->no_check_cert = flags & GIT_TRANSPORTFLAGS_NO_CHECK_CERT;
-
t->settings.on_header_field = on_header_field;
t->settings.on_header_value = on_header_value;
t->settings.on_headers_complete = on_headers_complete;
diff --git a/src/transports/winhttp.c b/src/transports/winhttp.c
index ef47616..44617f3 100644
--- a/src/transports/winhttp.c
+++ b/src/transports/winhttp.c
@@ -62,8 +62,7 @@ typedef struct {
int auth_mechanism;
HINTERNET session;
HINTERNET connection;
- unsigned use_ssl : 1,
- no_check_cert : 1;
+ unsigned use_ssl : 1;
} winhttp_subtransport;
static int apply_basic_credential(HINTERNET request, git_cred *cred)
@@ -183,8 +182,14 @@ static int winhttp_stream_connect(winhttp_stream *s)
}
/* If requested, disable certificate validation */
- if (t->use_ssl && t->no_check_cert) {
- if (!WinHttpSetOption(s->request, WINHTTP_OPTION_SECURITY_FLAGS,
+ if (t->use_ssl) {
+ int flags;
+
+ if (t->owner->parent.read_flags(&t->owner->parent, &flags) < 0)
+ goto on_error;
+
+ if ((GIT_TRANSPORTFLAGS_NO_CHECK_CERT & flags) &&
+ !WinHttpSetOption(s->request, WINHTTP_OPTION_SECURITY_FLAGS,
(LPVOID)&no_check_cert_flags, sizeof(no_check_cert_flags))) {
giterr_set(GITERR_OS, "Failed to set options to ignore cert errors");
goto on_error;
@@ -608,7 +613,6 @@ static void winhttp_free(git_smart_subtransport *smart_transport)
int git_smart_subtransport_http(git_smart_subtransport **out, git_transport *owner)
{
winhttp_subtransport *t;
- int flags;
if (!out)
return -1;
@@ -620,14 +624,6 @@ int git_smart_subtransport_http(git_smart_subtransport **out, git_transport *own
t->parent.action = winhttp_action;
t->parent.free = winhttp_free;
- /* Read the flags from the owning transport */
- if (owner->read_flags && owner->read_flags(owner, &flags) < 0) {
- git__free(t);
- return -1;
- }
-
- t->no_check_cert = flags & GIT_TRANSPORTFLAGS_NO_CHECK_CERT;
-
*out = (git_smart_subtransport *) t;
return 0;
}