From 3dc7a62a022b3e9e12fa79fef098be7b6106c2d6 Mon Sep 17 00:00:00 2001 From: jaanus Date: Mon, 29 Dec 2014 20:23:42 +0200 Subject: [PATCH 1/2] API to pass a server certificate when cloning. --- ObjectiveGit/GTRepository.h | 6 +++++- ObjectiveGit/GTRepository.m | 12 ++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/ObjectiveGit/GTRepository.h b/ObjectiveGit/GTRepository.h index 040c75688..4fd0f9045 100644 --- a/ObjectiveGit/GTRepository.h +++ b/ObjectiveGit/GTRepository.h @@ -106,6 +106,9 @@ extern NSString * const GTRepositoryCloneOptionsCredentialProvider; /// A BOOL indicating whether local clones should actually clone, or just link. extern NSString * const GTRepositoryCloneOptionsCloneLocal; +/// A NSURL pointing to a local file that contains PEM-encoded certificate chain. +extern NSString *const GTRepositoryCloneOptionsServerCertificateURL; + /// Initialization flags associated with `GTRepositoryInitOptionsFlags` for /// +initializeEmptyRepositoryAtFileURL:options:error:. /// @@ -199,7 +202,8 @@ extern NSString * const GTRepositoryInitOptionsOriginURLString; /// `GTRepositoryCloneOptionsBare`, /// `GTRepositoryCloneOptionsCheckout`, /// `GTRepositoryCloneOptionsCredentialProvider`, -/// `GTRepositoryCloneOptionsCloneLocal` +/// `GTRepositoryCloneOptionsCloneLocal`, +/// `GTRepositoryCloneOptionsServerCertificateURL` /// error - A pointer to fill in case of trouble. /// transferProgressBlock - This block is called with network transfer updates. /// checkoutProgressBlock - This block is called with checkout updates diff --git a/ObjectiveGit/GTRepository.m b/ObjectiveGit/GTRepository.m index 260bc7bdb..aad14d215 100644 --- a/ObjectiveGit/GTRepository.m +++ b/ObjectiveGit/GTRepository.m @@ -59,6 +59,7 @@ NSString * const GTRepositoryCloneOptionsTransportFlags = @"GTRepositoryCloneOptionsTransportFlags"; NSString * const GTRepositoryCloneOptionsCredentialProvider = @"GTRepositoryCloneOptionsCredentialProvider"; NSString * const GTRepositoryCloneOptionsCloneLocal = @"GTRepositoryCloneOptionsCloneLocal"; +NSString * const GTRepositoryCloneOptionsServerCertificateURL = @"GTRepositoryCloneOptionsServerCertificateURL"; NSString * const GTRepositoryInitOptionsFlags = @"GTRepositoryInitOptionsFlags"; NSString * const GTRepositoryInitOptionsMode = @"GTRepositoryInitOptionsMode"; NSString * const GTRepositoryInitOptionsWorkingDirectoryPath = @"GTRepositoryInitOptionsWorkingDirectoryPath"; @@ -265,6 +266,17 @@ + (id)cloneFromURL:(NSURL *)originURL toWorkingDirectory:(NSURL *)workdirURL opt if (localClone) { cloneOptions.local = GIT_CLONE_NO_LOCAL; } + + NSURL *serverCertificateURL = options[GTRepositoryCloneOptionsServerCertificateURL]; + if (serverCertificateURL) { + const char *file = serverCertificateURL.fileSystemRepresentation; + const char *path = NULL; + int gitError = git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, file, path); + if (gitError < GIT_OK) { + if (error != NULL) *error = [NSError git_errorFor:gitError description:@"Failed to configure the server certificate at %@", serverCertificateURL]; + return nil; + } + } // If our originURL is local, convert to a path before handing down. const char *remoteURL = NULL; From fcae82620bdfdd1c97872b9830538d1d4ae01b0d Mon Sep 17 00:00:00 2001 From: jaanus Date: Mon, 29 Dec 2014 20:36:48 +0200 Subject: [PATCH 2/2] More compact code, no need for local vars. --- ObjectiveGit/GTRepository.m | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/ObjectiveGit/GTRepository.m b/ObjectiveGit/GTRepository.m index aad14d215..7592c6569 100644 --- a/ObjectiveGit/GTRepository.m +++ b/ObjectiveGit/GTRepository.m @@ -269,9 +269,7 @@ + (id)cloneFromURL:(NSURL *)originURL toWorkingDirectory:(NSURL *)workdirURL opt NSURL *serverCertificateURL = options[GTRepositoryCloneOptionsServerCertificateURL]; if (serverCertificateURL) { - const char *file = serverCertificateURL.fileSystemRepresentation; - const char *path = NULL; - int gitError = git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, file, path); + int gitError = git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, serverCertificateURL.fileSystemRepresentation, NULL); if (gitError < GIT_OK) { if (error != NULL) *error = [NSError git_errorFor:gitError description:@"Failed to configure the server certificate at %@", serverCertificateURL]; return nil;