Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Thaodan:devel:tools:scm
git
0001-http-Check-for-PKCS-11-URI-in-ssl_cert-and...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-http-Check-for-PKCS-11-URI-in-ssl_cert-and-set.patch of Package git
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Bidar?= <bjorn.bidar@jolla.com> Date: Thu, 19 May 2022 14:24:18 +0300 Subject: [PATCH] http: Check for PKCS#11 URI in ssl_cert and set MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Curl can use the PKCS#11 URI for certificates but the type has to be set to "ENG" for it to do so. Curl it self detects it by checking the cert for pkcs11: and set the type to engine implicitly. This patch adapts the change the same change for git. Signed-off-by: Björn Bidar <bjorn.bidar@jolla.com> --- http.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/http.c b/http.c index bb58bb3e6a3a47163b911d8276f5c185eada003b..caa99b7d9834152dd5f8fcad8aae2ee3bb918020 100644 --- a/http.c +++ b/http.c @@ -149,6 +149,19 @@ static int http_schannel_check_revoke = 1; */ static int http_schannel_use_ssl_cainfo; +/* + * Check if a given string is a PKCS#11 URI + */ +static int is_pkcs11_uri(const char *string) +{ + if(curl_strnequal(string, "pkcs11:", 7)) { + return 1; + } + else { + return 0; + } +} + size_t fread_buffer(char *ptr, size_t eltsize, size_t nmemb, void *buffer_) { size_t size = eltsize * nmemb; @@ -1022,8 +1035,10 @@ static CURL *get_curl_handle(void) if (ssl_cert) curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert); - if (ssl_cert_type) + if (ssl_cert_type) { curl_easy_setopt(result, CURLOPT_SSLCERTTYPE, ssl_cert_type); + } else if (ssl_cert && (is_pkcs11_uri(ssl_cert))) + curl_easy_setopt(result, CURLOPT_SSLCERTTYPE, "ENG"); if (has_cert_password()) curl_easy_setopt(result, CURLOPT_KEYPASSWD, cert_auth.password); if (ssl_key) @@ -1146,8 +1161,11 @@ static CURL *get_curl_handle(void) else if (starts_with(curl_http_proxy, "https")) { curl_easy_setopt(result, CURLOPT_PROXYTYPE, CURLPROXY_HTTPS); - if (http_proxy_ssl_cert) + if (http_proxy_ssl_cert) { curl_easy_setopt(result, CURLOPT_PROXY_SSLCERT, http_proxy_ssl_cert); + if (is_pkcs11_uri(ssl_cert)) + curl_easy_setopt(result, CURLOPT_PROXY_SSLCERT, "ENG"); + } if (http_proxy_ssl_key) curl_easy_setopt(result, CURLOPT_PROXY_SSLKEY, http_proxy_ssl_key);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor