[23242] trunk/base
source_changes at macosforge.org
source_changes at macosforge.org
Tue Mar 27 16:13:09 PDT 2007
Revision: 23242
http://trac.macosforge.org/projects/macports/changeset/23242
Author: pguyot at kallisys.net
Date: 2007-03-27 16:13:09 -0700 (Tue, 27 Mar 2007)
Log Message:
-----------
New option to ignore SSL certificate when fetching files over HTTPS.
Modified Paths:
--------------
trunk/base/doc/portfile.7
trunk/base/src/pextlib1.0/curl.c
trunk/base/src/port1.0/portfetch.tcl
Modified: trunk/base/doc/portfile.7
===================================================================
--- trunk/base/doc/portfile.7 2007-03-27 23:00:32 UTC (rev 23241)
+++ trunk/base/doc/portfile.7 2007-03-27 23:13:09 UTC (rev 23242)
@@ -651,6 +651,15 @@
.Sy Default:
.Em yes
.br
+.It Ic fetch.ignore_sslcrt
+Whether to ignore the host SSL certificate (for HTTPS).
+.br
+.Sy Type:
+.Em optional
+.br
+.Sy Default:
+.Em no
+.br
.El
.Ss FETCHING FROM CVS
As an alternative to fetching distribution files, pulling the sources
Modified: trunk/base/src/pextlib1.0/curl.c
===================================================================
--- trunk/base/src/pextlib1.0/curl.c 2007-03-27 23:00:32 UTC (rev 23241)
+++ trunk/base/src/pextlib1.0/curl.c 2007-03-27 23:13:09 UTC (rev 23242)
@@ -124,7 +124,7 @@
/**
* curl fetch subcommand entry point.
*
- * syntax: curl fetch [-v] [--disable-epsv] [-u userpass] [--effective-url lasturlvar] url filename
+ * syntax: curl fetch [-v] [--disable-epsv] [--ignore-ssl-cert] [-u userpass] [--effective-url lasturlvar] url filename
*
* @param interp current interpreter
* @param objc number of parameters
@@ -141,6 +141,7 @@
long theResponseCode = 0;
int noprogress = 1;
int useepsv = 1;
+ int ignoresslcert = 0;
const char* theUserPassString = NULL;
const char* effectiveURLVarName = NULL;
char* effectiveURL = NULL;
@@ -164,6 +165,8 @@
noprogress = 0;
} else if (strcmp(theOption, "--disable-epsv") == 0) {
useepsv = 0;
+ } else if (strcmp(theOption, "--ignore-ssl-cert") == 0) {
+ ignoresslcert = 1;
} else if (strcmp(theOption, "-u") == 0) {
/* check we also have the parameter */
if (optioncrsr < lastoption) {
@@ -278,6 +281,20 @@
theResult = SetResultFromCurlErrorCode(interp, theCurlCode);
break;
}
+
+ /* we may want to ignore ssl errors */
+ if (ignoresslcert) {
+ theCurlCode = curl_easy_setopt(theHandle, CURLOPT_SSL_VERIFYPEER, (long) 0);
+ if (theCurlCode != CURLE_OK) {
+ theResult = SetResultFromCurlErrorCode(interp, theCurlCode);
+ break;
+ }
+ theCurlCode = curl_easy_setopt(theHandle, CURLOPT_SSL_VERIFYHOST, (long) 0);
+ if (theCurlCode != CURLE_OK) {
+ theResult = SetResultFromCurlErrorCode(interp, theCurlCode);
+ break;
+ }
+ }
/* set the l/p, if any */
if (theUserPassString) {
Modified: trunk/base/src/port1.0/portfetch.tcl
===================================================================
--- trunk/base/src/port1.0/portfetch.tcl 2007-03-27 23:00:32 UTC (rev 23241)
+++ trunk/base/src/port1.0/portfetch.tcl 2007-03-27 23:13:09 UTC (rev 23242)
@@ -42,7 +42,7 @@
# define options: distname master_sites
options master_sites patch_sites extract.suffix distfiles patchfiles use_zip use_bzip2 dist_subdir \
- fetch.type fetch.user fetch.password fetch.use_epsv \
+ fetch.type fetch.user fetch.password fetch.use_epsv fetch.ignore_sslcert \
master_sites.mirror_subdir patch_sites.mirror_subdir portname \
cvs.module cvs.root cvs.password cvs.date cvs.tag \
svn.url svn.tag
@@ -84,6 +84,8 @@
default fetch.password ""
# Use EPSV for FTP transfers
default fetch.use_epsv "yes"
+# Ignore SSL certificate
+default fetch.ignore_sslcert "no"
default fallback_mirror_site "opendarwin"
default mirror_sites.listfile {"mirror_sites.tcl"}
@@ -381,7 +383,7 @@
# the listed url varable and associated distfile
proc fetchfiles {args} {
global distpath all_dist_files UI_PREFIX fetch_urls
- global fetch.user fetch.password fetch.use_epsv
+ global fetch.user fetch.password fetch.use_epsv fetch.ignore_sslcert
global distfile site
global portverbose
@@ -399,6 +401,9 @@
if {${fetch.use_epsv} != "yes"} {
lappend fetch_options "--disable-epsv"
}
+ if {${fetch.ignore_sslcert} != "no"} {
+ lappend fetch_options "--ignore-ssl-cert"
+ }
if {$portverbose == "yes"} {
lappend fetch_options "-v"
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/macports-changes/attachments/20070327/d9398eb9/attachment.html
More information about the macports-changes
mailing list