Skip to content

Commit 5021887

Browse files
committed
Merge pull request #430 from jaanus/specify-server-certificate
Option to pass a trusted server certificate when cloning
2 parents b4ae265 + fcae826 commit 5021887

File tree

2 files changed

+15
-1
lines changed

2 files changed

+15
-1
lines changed

ObjectiveGit/GTRepository.h

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,9 @@ extern NSString * const GTRepositoryCloneOptionsCredentialProvider;
106106
/// A BOOL indicating whether local clones should actually clone, or just link.
107107
extern NSString * const GTRepositoryCloneOptionsCloneLocal;
108108

109+
/// A NSURL pointing to a local file that contains PEM-encoded certificate chain.
110+
extern NSString *const GTRepositoryCloneOptionsServerCertificateURL;
111+
109112
/// Initialization flags associated with `GTRepositoryInitOptionsFlags` for
110113
/// +initializeEmptyRepositoryAtFileURL:options:error:.
111114
///
@@ -199,7 +202,8 @@ extern NSString * const GTRepositoryInitOptionsOriginURLString;
199202
/// `GTRepositoryCloneOptionsBare`,
200203
/// `GTRepositoryCloneOptionsCheckout`,
201204
/// `GTRepositoryCloneOptionsCredentialProvider`,
202-
/// `GTRepositoryCloneOptionsCloneLocal`
205+
/// `GTRepositoryCloneOptionsCloneLocal`,
206+
/// `GTRepositoryCloneOptionsServerCertificateURL`
203207
/// error - A pointer to fill in case of trouble.
204208
/// transferProgressBlock - This block is called with network transfer updates.
205209
/// checkoutProgressBlock - This block is called with checkout updates

ObjectiveGit/GTRepository.m

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,7 @@
5959
NSString * const GTRepositoryCloneOptionsTransportFlags = @"GTRepositoryCloneOptionsTransportFlags";
6060
NSString * const GTRepositoryCloneOptionsCredentialProvider = @"GTRepositoryCloneOptionsCredentialProvider";
6161
NSString * const GTRepositoryCloneOptionsCloneLocal = @"GTRepositoryCloneOptionsCloneLocal";
62+
NSString * const GTRepositoryCloneOptionsServerCertificateURL = @"GTRepositoryCloneOptionsServerCertificateURL";
6263
NSString * const GTRepositoryInitOptionsFlags = @"GTRepositoryInitOptionsFlags";
6364
NSString * const GTRepositoryInitOptionsMode = @"GTRepositoryInitOptionsMode";
6465
NSString * const GTRepositoryInitOptionsWorkingDirectoryPath = @"GTRepositoryInitOptionsWorkingDirectoryPath";
@@ -265,6 +266,15 @@ + (id)cloneFromURL:(NSURL *)originURL toWorkingDirectory:(NSURL *)workdirURL opt
265266
if (localClone) {
266267
cloneOptions.local = GIT_CLONE_NO_LOCAL;
267268
}
269+
270+
NSURL *serverCertificateURL = options[GTRepositoryCloneOptionsServerCertificateURL];
271+
if (serverCertificateURL) {
272+
int gitError = git_libgit2_opts(GIT_OPT_SET_SSL_CERT_LOCATIONS, serverCertificateURL.fileSystemRepresentation, NULL);
273+
if (gitError < GIT_OK) {
274+
if (error != NULL) *error = [NSError git_errorFor:gitError description:@"Failed to configure the server certificate at %@", serverCertificateURL];
275+
return nil;
276+
}
277+
}
268278

269279
// If our originURL is local, convert to a path before handing down.
270280
const char *remoteURL = NULL;

0 commit comments

Comments
 (0)