Fix some printf format warnings

[thirdparty/git.git] / http.c
diff --git a/http.c b/http.c

index 95b2137cfbb1eef355c392e7634e1c761de27379..23b2a1932c7daebd585827da7effd1c5bbae5e69 100644 (file)
--- a/http.c
+++ b/http.c
@@ -20,7 +20,7 @@ char curl_errorstr[CURL_ERROR_SIZE];
  
  static int curl_ssl_verify = -1;
  static const char *ssl_cert;
-#if LIBCURL_VERSION_NUM >= 0x070902
+#if LIBCURL_VERSION_NUM >= 0x070903
  static const char *ssl_key;
  #endif
  #if LIBCURL_VERSION_NUM >= 0x070908
@@ -33,6 +33,17 @@ static int curl_ftp_no_epsv;
  static const char *curl_http_proxy;
  static char *user_name, *user_pass;
  
+#if LIBCURL_VERSION_NUM >= 0x071700
+/* Use CURLOPT_KEYPASSWD as is */
+#elif LIBCURL_VERSION_NUM >= 0x070903
+#define CURLOPT_KEYPASSWD CURLOPT_SSLKEYPASSWD
+#else
+#define CURLOPT_KEYPASSWD CURLOPT_SSLCERTPASSWD
+#endif
+
+static char *ssl_cert_password;
+static int ssl_cert_password_required;
+
  static struct curl_slist *pragma_header;
  static struct curl_slist *no_pragma_header;
  
@@ -126,7 +137,7 @@ static int http_options(const char *var, const char *value, void *cb)
         }
         if (!strcmp("http.sslcert", var))
                 return git_config_string(&ssl_cert, var, value);
-#if LIBCURL_VERSION_NUM >= 0x070902
+#if LIBCURL_VERSION_NUM >= 0x070903
         if (!strcmp("http.sslkey", var))
                 return git_config_string(&ssl_key, var, value);
  #endif
@@ -136,6 +147,11 @@ static int http_options(const char *var, const char *value, void *cb)
  #endif
         if (!strcmp("http.sslcainfo", var))
                 return git_config_string(&ssl_cainfo, var, value);
+       if (!strcmp("http.sslcertpasswordprotected", var)) {
+               if (git_config_bool(var, value))
+                       ssl_cert_password_required = 1;
+               return 0;
+       }
  #ifdef USE_CURL_MULTI
         if (!strcmp("http.maxrequests", var)) {
                 max_requests = git_config_int(var, value);
@@ -174,6 +190,22 @@ static void init_curl_http_auth(CURL *result)
         }
  }
  
+static int has_cert_password(void)
+{
+       if (ssl_cert_password != NULL)
+               return 1;
+       if (ssl_cert == NULL || ssl_cert_password_required != 1)
+               return 0;
+       /* Only prompt the user once. */
+       ssl_cert_password_required = -1;
+       ssl_cert_password = getpass("Certificate Password: ");
+       if (ssl_cert_password != NULL) {
+               ssl_cert_password = xstrdup(ssl_cert_password);
+               return 1;
+       } else
+               return 0;
+}
+
  static CURL *get_curl_handle(void)
  {
         CURL *result = curl_easy_init();
@@ -196,7 +228,9 @@ static CURL *get_curl_handle(void)
  
         if (ssl_cert != NULL)
                 curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
-#if LIBCURL_VERSION_NUM >= 0x070902
+       if (has_cert_password())
+               curl_easy_setopt(result, CURLOPT_KEYPASSWD, ssl_cert_password);
+#if LIBCURL_VERSION_NUM >= 0x070903
         if (ssl_key != NULL)
                 curl_easy_setopt(result, CURLOPT_SSLKEY, ssl_key);
  #endif
@@ -313,7 +347,7 @@ void http_init(struct remote *remote)
                 curl_ssl_verify = 0;
  
         set_from_env(&ssl_cert, "GIT_SSL_CERT");
-#if LIBCURL_VERSION_NUM >= 0x070902
+#if LIBCURL_VERSION_NUM >= 0x070903
         set_from_env(&ssl_key, "GIT_SSL_KEY");
  #endif
  #if LIBCURL_VERSION_NUM >= 0x070908
@@ -339,8 +373,13 @@ void http_init(struct remote *remote)
         if (getenv("GIT_CURL_FTP_NO_EPSV"))
                 curl_ftp_no_epsv = 1;
  
-       if (remote && remote->url && remote->url[0])
+       if (remote && remote->url && remote->url[0]) {
                 http_auth_init(remote->url[0]);
+               if (!ssl_cert_password_required &&
+                   getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
+                   !prefixcmp(remote->url[0], "https://"))
+                       ssl_cert_password_required = 1;
+       }
  
  #ifndef NO_CURL_EASY_DUPHANDLE
         curl_default = get_curl_handle();
@@ -383,6 +422,13 @@ void http_cleanup(void)
                 free((void *)curl_http_proxy);
                 curl_http_proxy = NULL;
         }
+
+       if (ssl_cert_password != NULL) {
+               memset(ssl_cert_password, 0, strlen(ssl_cert_password));
+               free(ssl_cert_password);
+               ssl_cert_password = NULL;
+       }
+       ssl_cert_password_required = 0;
  }
  
  struct active_request_slot *get_active_slot(void)
@@ -673,7 +719,9 @@ void append_remote_object_url(struct strbuf *buf, const char *url,
                               const char *hex,
                               int only_two_digit_prefix)
  {
-       strbuf_addf(buf, "%s/objects/%.*s/", url, 2, hex);
+       end_url_with_slash(buf, url);
+
+       strbuf_addf(buf, "objects/%.*s/", 2, hex);
         if (!only_two_digit_prefix)
                 strbuf_addf(buf, "%s", hex+2);
  }
@@ -818,20 +866,9 @@ static int fetch_pack_index(unsigned char *sha1, const char *base_url)
         int ret = 0;
         char *hex = xstrdup(sha1_to_hex(sha1));
         char *filename;
-       char *url;
+       char *url = NULL;
         struct strbuf buf = STRBUF_INIT;
  
-       /* Don't use the index if the pack isn't there */
-       end_url_with_slash(&buf, base_url);
-       strbuf_addf(&buf, "objects/pack/pack-%s.pack", hex);
-       url = strbuf_detach(&buf, 0);
-
-       if (http_get_strbuf(url, NULL, 0)) {
-               ret = error("Unable to verify pack %s is available",
-                           hex);
-               goto cleanup;
-       }
-
         if (has_pack_index(sha1)) {
                 ret = 0;
                 goto cleanup;
@@ -958,7 +995,6 @@ int finish_http_pack_request(struct http_pack_request *preq)
  struct http_pack_request *new_http_pack_request(
         struct packed_git *target, const char *base_url)
  {
-       char *url;
         char *filename;
         long prev_posn = 0;
         char range[RANGE_HEADER_SIZE];
@@ -972,8 +1008,7 @@ struct http_pack_request *new_http_pack_request(
         end_url_with_slash(&buf, base_url);
         strbuf_addf(&buf, "objects/pack/pack-%s.pack",
                 sha1_to_hex(target->sha1));
-       url = strbuf_detach(&buf, NULL);
-       preq->url = xstrdup(url);
+       preq->url = strbuf_detach(&buf, NULL);
  
         filename = sha1_pack_name(target->sha1);
         snprintf(preq->filename, sizeof(preq->filename), "%s", filename);
@@ -989,7 +1024,7 @@ struct http_pack_request *new_http_pack_request(
         preq->slot->local = preq->packfile;
         curl_easy_setopt(preq->slot->curl, CURLOPT_FILE, preq->packfile);
         curl_easy_setopt(preq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite);
-       curl_easy_setopt(preq->slot->curl, CURLOPT_URL, url);
+       curl_easy_setopt(preq->slot->curl, CURLOPT_URL, preq->url);
         curl_easy_setopt(preq->slot->curl, CURLOPT_HTTPHEADER,
                 no_pragma_header);
  
@@ -1013,6 +1048,8 @@ struct http_pack_request *new_http_pack_request(
  
  abort:
         free(filename);
+       free(preq->url);
+       free(preq);
         return NULL;
  }
  
@@ -1052,7 +1089,6 @@ struct http_object_request *new_http_object_request(const char *base_url,
         char *hex = sha1_to_hex(sha1);
         char *filename;
         char prevfile[PATH_MAX];
-       char *url;
         int prevlocal;
         unsigned char prev_buf[PREV_BUF_SIZE];
         ssize_t prev_read = 0;
@@ -1106,8 +1142,7 @@ struct http_object_request *new_http_object_request(const char *base_url,
  
         git_SHA1_Init(&freq->c);
  
-       url = get_remote_object_url(base_url, hex, 0);
-       freq->url = xstrdup(url);
+       freq->url = get_remote_object_url(base_url, hex, 0);
  
         /*
          * If a previous temp file is present, process what was already
@@ -1143,7 +1178,11 @@ struct http_object_request *new_http_object_request(const char *base_url,
                 if (prev_posn>0) {
                         prev_posn = 0;
                         lseek(freq->localfile, 0, SEEK_SET);
-                       ftruncate(freq->localfile, 0);
+                       if (ftruncate(freq->localfile, 0) < 0) {
+                               error("Couldn't truncate temporary file %s for %s: %s",
+                                         freq->tmpfile, freq->filename, strerror(errno));
+                               goto abort;
+                       }
                 }
         }
  
@@ -1152,7 +1191,7 @@ struct http_object_request *new_http_object_request(const char *base_url,
         curl_easy_setopt(freq->slot->curl, CURLOPT_FILE, freq);
         curl_easy_setopt(freq->slot->curl, CURLOPT_WRITEFUNCTION, fwrite_sha1_file);
         curl_easy_setopt(freq->slot->curl, CURLOPT_ERRORBUFFER, freq->errorstr);
-       curl_easy_setopt(freq->slot->curl, CURLOPT_URL, url);
+       curl_easy_setopt(freq->slot->curl, CURLOPT_URL, freq->url);
         curl_easy_setopt(freq->slot->curl, CURLOPT_HTTPHEADER, no_pragma_header);
  
         /*
@@ -1172,9 +1211,9 @@ struct http_object_request *new_http_object_request(const char *base_url,
  
         return freq;
  
-       free(url);
  abort:
         free(filename);
+       free(freq->url);
         free(freq);
         return NULL;
  }
@@ -1239,5 +1278,10 @@ void release_http_object_request(struct http_object_request *freq)
                 free(freq->url);
                 freq->url = NULL;
         }
-       freq->slot = NULL;
+       if (freq->slot != NULL) {
+               freq->slot->callback_func = NULL;
+               freq->slot->callback_data = NULL;
+               release_active_slot(freq->slot);
+               freq->slot = NULL;
+       }
  }