pull: Add "tls-permissive" config option to disable SSL/TLS certificate checks
Like GIT_SSL_NO_VERIFY=true, available for the same reasons.
This commit is contained in:
Colin Walters
parent
7092e88eac
commit
a181310a49
|
|
@ -153,11 +153,14 @@ ostree_fetcher_init (OstreeFetcher *self)
|
|||
}
|
||||
|
||||
OstreeFetcher *
|
||||
ostree_fetcher_new (GFile *tmpdir)
|
||||
ostree_fetcher_new (GFile *tmpdir,
|
||||
OstreeFetcherConfigFlags flags)
|
||||
{
|
||||
OstreeFetcher *self = (OstreeFetcher*)g_object_new (OSTREE_TYPE_FETCHER, NULL);
|
||||
|
||||
self->tmpdir = g_object_ref (tmpdir);
|
||||
if ((flags & OSTREE_FETCHER_FLAGS_TLS_PERMISSIVE) > 0)
|
||||
g_object_set ((GObject*)self->session, "ssl-strict", FALSE, NULL);
|
||||
|
||||
return self;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,9 +43,15 @@ struct OstreeFetcherClass
|
|||
GObjectClass parent_class;
|
||||
};
|
||||
|
||||
typedef enum {
|
||||
OSTREE_FETCHER_FLAGS_NONE = 0,
|
||||
OSTREE_FETCHER_FLAGS_TLS_PERMISSIVE = (1 << 0)
|
||||
} OstreeFetcherConfigFlags;
|
||||
|
||||
GType ostree_fetcher_get_type (void) G_GNUC_CONST;
|
||||
|
||||
OstreeFetcher *ostree_fetcher_new (GFile *tmpdir);
|
||||
OstreeFetcher *ostree_fetcher_new (GFile *tmpdir,
|
||||
OstreeFetcherConfigFlags flags);
|
||||
|
||||
char * ostree_fetcher_query_state_text (OstreeFetcher *self);
|
||||
|
||||
|
|
|
|||
|
|
@ -1196,6 +1196,8 @@ ostree_builtin_pull (int argc, char **argv, GFile *repo_path, GError **error)
|
|||
gpointer key, value;
|
||||
int i;
|
||||
GCancellable *cancellable = NULL;
|
||||
gboolean tls_permissive = FALSE;
|
||||
OstreeFetcherConfigFlags fetcher_flags = 0;
|
||||
gs_free char *remote_key = NULL;
|
||||
gs_unref_object OstreeRepo *repo = NULL;
|
||||
gs_free char *remote_config_content = NULL;
|
||||
|
|
@ -1250,7 +1252,6 @@ ostree_builtin_pull (int argc, char **argv, GFile *repo_path, GError **error)
|
|||
start_time = g_get_monotonic_time ();
|
||||
|
||||
pull_data->remote_name = g_strdup (argv[1]);
|
||||
pull_data->fetcher = ostree_fetcher_new (ostree_repo_get_tmpdir (pull_data->repo));
|
||||
config = ostree_repo_get_config (repo);
|
||||
|
||||
remote_key = g_strdup_printf ("remote \"%s\"", pull_data->remote_name);
|
||||
|
|
@ -1258,6 +1259,15 @@ ostree_builtin_pull (int argc, char **argv, GFile *repo_path, GError **error)
|
|||
goto out;
|
||||
pull_data->base_uri = soup_uri_new (baseurl);
|
||||
|
||||
if (!ot_keyfile_get_boolean_with_default (config, remote_key, "tls-permissive",
|
||||
FALSE, &tls_permissive, error))
|
||||
goto out;
|
||||
if (tls_permissive)
|
||||
fetcher_flags |= OSTREE_FETCHER_FLAGS_TLS_PERMISSIVE;
|
||||
|
||||
pull_data->fetcher = ostree_fetcher_new (ostree_repo_get_tmpdir (pull_data->repo),
|
||||
fetcher_flags);
|
||||
|
||||
if (!pull_data->base_uri)
|
||||
{
|
||||
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
|
||||
|
|
|
|||
Loading…
Reference in New Issue