http: add support for different sslcert and sslkey types.

author Stanislav Malishevskiy <s.malishevskiy@auriga.com>

Mon, 20 Mar 2023 15:48:49 +0000 (15:48 +0000)

committer Junio C Hamano <gitster@pobox.com>

Thu, 23 Mar 2023 18:25:10 +0000 (11:25 -0700)
author Stanislav Malishevskiy <s.malishevskiy@auriga.com>
Mon, 20 Mar 2023 15:48:49 +0000 (15:48 +0000)
committer Junio C Hamano <gitster@pobox.com>
Thu, 23 Mar 2023 18:25:10 +0000 (11:25 -0700)
diff --git a/http.c b/http.c

index c4b6ddef287b90f6492706cdaa483c1832d8b06c..9593bc038522de1a1ad333f7c912716fe62e277d 100644 (file)
--- a/http.c
+++ b/http.c
@@ -39,6 +39,7 @@ static int curl_ssl_verify = -1;
  static int curl_ssl_try;
  static const char *curl_http_version = NULL;
  static const char *ssl_cert;
+static const char *ssl_cert_type;
  static const char *ssl_cipherlist;
  static const char *ssl_version;
  static struct {
@@ -58,6 +59,7 @@ static struct {
  #endif
  };
  static const char *ssl_key;
+static const char *ssl_key_type;
  static const char *ssl_capath;
  static const char *curl_no_proxy;
  #ifdef GIT_CURL_HAVE_CURLOPT_PINNEDPUBLICKEY
@@ -264,8 +266,12 @@ static int http_options(const char *var, const char *value, void *cb)
                 return git_config_string(&ssl_version, var, value);
         if (!strcmp("http.sslcert", var))
                 return git_config_pathname(&ssl_cert, var, value);
+       if (!strcmp("http.sslcerttype", var))
+               return git_config_string(&ssl_cert_type, var, value);
         if (!strcmp("http.sslkey", var))
                 return git_config_pathname(&ssl_key, var, value);
+       if (!strcmp("http.sslkeytype", var))
+               return git_config_string(&ssl_key_type, var, value);
         if (!strcmp("http.sslcapath", var))
                 return git_config_pathname(&ssl_capath, var, value);
         if (!strcmp("http.sslcainfo", var))
@@ -904,10 +910,14 @@ static CURL *get_curl_handle(void)
  
         if (ssl_cert)
                 curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
+       if (ssl_cert_type)
+               curl_easy_setopt(result, CURLOPT_SSLCERTTYPE, ssl_cert_type);
         if (has_cert_password())
                 curl_easy_setopt(result, CURLOPT_KEYPASSWD, cert_auth.password);
         if (ssl_key)
                 curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
+       if (ssl_key_type)
+               curl_easy_setopt(result, CURLOPT_SSLKEYTYPE, ssl_key_type);
         if (ssl_capath)
                 curl_easy_setopt(result, CURLOPT_CAPATH, ssl_capath);
  #ifdef GIT_CURL_HAVE_CURLOPT_PINNEDPUBLICKEY
@@ -1142,7 +1152,9 @@ void http_init(struct remote *remote, const char *url, int proactive_auth)
                 curl_ssl_verify = 0;
  
         set_from_env(&ssl_cert, "GIT_SSL_CERT");
+       set_from_env(&ssl_cert_type, "GIT_SSL_CERT_TYPE");
         set_from_env(&ssl_key, "GIT_SSL_KEY");
+       set_from_env(&ssl_key_type, "GIT_SSL_KEY_TYPE");
         set_from_env(&ssl_capath, "GIT_SSL_CAPATH");
         set_from_env(&ssl_cainfo, "GIT_SSL_CAINFO");
author	Stanislav Malishevskiy <s.malishevskiy@auriga.com>
	Mon, 20 Mar 2023 15:48:49 +0000 (15:48 +0000)
committer	Junio C Hamano <gitster@pobox.com>
	Thu, 23 Mar 2023 18:25:10 +0000 (11:25 -0700)