summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLibravatar Kyle J. McKay <mackyle@gmail.com>2015-01-06 03:20:37 -0800
committerLibravatar Junio C Hamano <gitster@pobox.com>2015-01-06 12:18:32 -0800
commit230c09c06a7300870f3915c54eff7d9335850a4a (patch)
treee87a0e345b2f6336a64a8e0edacd5f186b6a1e4b
parentimap-send.c: support GIT_CURL_VERBOSE (diff)
downloadtgif-230c09c06a7300870f3915c54eff7d9335850a4a.tar.xz
imap-send.c: set CURLOPT_USE_SSL to CURLUSESSL_TRY
According to the cURL documentation for the CURLOPT_USE_SSL option, it is only used with plain text protocols that get upgraded to SSL using the STARTTLS command. The server.use_ssl variable is only set when we are using a protocol that is already SSL/TLS (i.e. imaps), so setting CURLOPT_USE_SSL when the server.use_ssl variable is set has no effect whatsoever. Instead, set CURLOPT_USE_SSL to CURLUSESSL_TRY when the server.use_ssl variable is NOT set so that cURL will attempt to upgrade the plain text connection to SSL/TLS using STARTTLS in that case. This much more closely matches the behavior of the non-cURL code path. Signed-off-by: Kyle J. McKay <mackyle@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r--imap-send.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/imap-send.c b/imap-send.c
index 060df834cb..d69887da5a 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -1421,8 +1421,8 @@ static CURL *setup_curl(struct imap_server_conf *srvc)
strbuf_release(&auth);
}
- if (server.use_ssl)
- curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
+ if (!server.use_ssl)
+ curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_TRY);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, server.ssl_verify);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, server.ssl_verify);