Christoph Egger <christoph@xxxxxxxxxxxxxxxxxxx> writes:
> Add the http.pinnedpubkey configuration option for public key
> pinning. It allows any string supported by libcurl --
> base64(sha256(pubkey)) or filename of the full public key.
>
> If cURL does not support pinning (is too old) output a warning to the
> user.
>
> Signed-off-by: Christoph Egger <christoph@xxxxxxxxxxxxxxxxxxx>
> ---
I needed this fix to unbreak it for those with older versions of
cURL.
http.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/http.c b/http.c
index a6b8076..3475040 100644
--- a/http.c
+++ b/http.c
@@ -219,13 +219,6 @@ static int http_options(const char *var, const char *value, void *cb)
if (!strcmp("http.sslcapath", var))
return git_config_pathname(&ssl_capath, var, value);
#endif
- if (!strcmp("http.pinnedpubkey", var))
-#if LIBCURL_VERSION_NUM >= 0x072c00
- return git_config_pathname(&ssl_pinnedkey, var, value);
-#else
- warning(_("Public key pinning not supported with cURL < 7.44.0"));
- return 0;
-#endif
if (!strcmp("http.sslcainfo", var))
return git_config_pathname(&ssl_cainfo, var, value);
if (!strcmp("http.sslcertpasswordprotected", var)) {
@@ -283,6 +276,14 @@ static int http_options(const char *var, const char *value, void *cb)
if (!strcmp("http.useragent", var))
return git_config_string(&user_agent, var, value);
+ if (!strcmp("http.pinnedpubkey", var)) {
+#if LIBCURL_VERSION_NUM >= 0x072c00
+ return git_config_pathname(&ssl_pinnedkey, var, value);
+#else
+ warning(_("Public key pinning not supported with cURL < 7.44.0"));
+ return 0;
+#endif
+ }
/* Fall back on the default ones */
return git_default_config(var, value, cb);
}
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html