summaryrefslogtreecommitdiff
path: root/http.c
diff options
context:
space:
mode:
authorMark Lodato <lodatom@gmail.com>2009-05-28 03:16:03 (GMT)
committerJunio C Hamano <gitster@pobox.com>2009-06-18 17:51:29 (GMT)
commit754ae192a4390baeb4d00b96e72c69023efb22ee (patch)
treec9cd82ab1d90339599a7b8ab00f9a3cd80e992d1 /http.c
parent30dd916348001e4313708473d91d633d3b14d1b5 (diff)
downloadgit-754ae192a4390baeb4d00b96e72c69023efb22ee.zip
git-754ae192a4390baeb4d00b96e72c69023efb22ee.tar.gz
git-754ae192a4390baeb4d00b96e72c69023efb22ee.tar.bz2
http.c: add http.sslCertPasswordProtected option
Add a configuration option, http.sslCertPasswordProtected, and associated environment variable, GIT_SSL_CERT_PASSWORD_PROTECTED, to enable SSL client certificate password prompt from within git. If this option is false and if the environment variable does not exist, git falls back to OpenSSL's prompts (as in earlier versions of git). The environment variable may only be used to enable, not to disable git's password prompt. This behavior mimics GIT_NO_VERIFY; the mere existence of the variable is all that is checked. Signed-off-by: Mark Lodato <lodatom@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'http.c')
-rw-r--r--http.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/http.c b/http.c
index 1c13813..1b140d3 100644
--- a/http.c
+++ b/http.c
@@ -140,6 +140,11 @@ static int http_options(const char *var, const char *value, void *cb)
#endif
if (!strcmp("http.sslcainfo", var))
return git_config_string(&ssl_cainfo, var, value);
+ if (!strcmp("http.sslcertpasswordprotected", var)) {
+ if (git_config_bool(var, value))
+ ssl_cert_password_required = 1;
+ return 0;
+ }
#ifdef USE_CURL_MULTI
if (!strcmp("http.maxrequests", var)) {
max_requests = git_config_int(var, value);
@@ -360,7 +365,9 @@ void http_init(struct remote *remote)
if (remote && remote->url && remote->url[0]) {
http_auth_init(remote->url[0]);
- if (!prefixcmp(remote->url[0], "https://"))
+ if (!ssl_cert_password_required &&
+ getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") &&
+ !prefixcmp(remote->url[0], "https://"))
ssl_cert_password_required = 1;
}