Merge pull request #2300 from libgit2/cmn/match-host-tests

Some improvements to the cert checking
author: Russell Belfer <rb@github.com> 2014-05-12 10:15:30 -0700
committer: Russell Belfer <rb@github.com> 2014-05-12 10:15:30 -0700
commit: 7bcced44b7e5536ab1a92ad37735566e855531d0 (patch)
tree: d1d070320782fe30ea7d73c7eaf40cfca5efd697 /src/netops.h
parent: d2c4d1c63d9d5456fcf2cdcd578073d9e7dadc2a (diff)
parent: 783555d8e11516fdc01b66da0f873f5854b9bff6 (diff)
download: libgit2-7bcced44b7e5536ab1a92ad37735566e855531d0.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/src/netops.h b/src/netops.h
index 666d66b12..8e3a2524f 100644
--- a/src/netops.h
+++ b/src/netops.h
@@ -54,6 +54,19 @@ enum {
 	GITNO_CONNECT_SSL_NO_CHECK_CERT = 2,
 };
 
+/**
+ * Check if the name in a cert matches the wanted hostname
+ *
+ * Check if a pattern from a certificate matches the hostname we
+ * wanted to connect to according to RFC2818 rules (which specifies
+ * HTTP over TLS). Mainly, an asterisk matches anything, but is
+ * limited to a single url component.
+ *
+ * Note that this does not set an error message. It expects the user
+ * to provide the message for the user.
+ */
+int gitno__match_host(const char *pattern, const char *host);
+
 void gitno_buffer_setup(gitno_socket *t, gitno_buffer *buf, char *data, size_t len);
 void gitno_buffer_setup_callback(gitno_socket *t, gitno_buffer *buf, char *data, size_t len, int (*recv)(gitno_buffer *buf), void *cb_data);
 int gitno_recv(gitno_buffer *buf);
author	Russell Belfer <rb@github.com>	2014-05-12 10:15:30 -0700
committer	Russell Belfer <rb@github.com>	2014-05-12 10:15:30 -0700
commit	7bcced44b7e5536ab1a92ad37735566e855531d0 (patch)
tree	d1d070320782fe30ea7d73c7eaf40cfca5efd697 /src/netops.h
parent	d2c4d1c63d9d5456fcf2cdcd578073d9e7dadc2a (diff)
parent	783555d8e11516fdc01b66da0f873f5854b9bff6 (diff)
download	libgit2-7bcced44b7e5536ab1a92ad37735566e855531d0.tar.gz