Skip to content

Commit

Permalink
Auto merge of #3699 - alexcrichton:sslop, r=brson
Browse files Browse the repository at this point in the history
Add an option to ignore SSL revocation checking

This is apparently required in some Windows setups to get past SSL context
creation in schannel.
  • Loading branch information
bors committed Mar 1, 2017
2 parents e2e6834 + 923f21c commit 1eda2d2
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 11 deletions.
18 changes: 9 additions & 9 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ path = "src/cargo/lib.rs"
[dependencies]
crates-io = { path = "src/crates-io", version = "0.7" }
crossbeam = "0.2"
curl = "0.4"
curl = "0.4.6"
docopt = "0.7"
env_logger = "0.4"
filetime = "0.1"
Expand Down
5 changes: 4 additions & 1 deletion src/cargo/ops/registry.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ use std::iter::repeat;
use std::path::PathBuf;
use std::time::Duration;

use curl::easy::Easy;
use curl::easy::{Easy, SslOpt};
use git2;
use registry::{Registry, NewCrate, NewCrateDependency};
use term::color::BLACK;
Expand Down Expand Up @@ -231,6 +231,9 @@ pub fn http_handle(config: &Config) -> CargoResult<Easy> {
if let Some(cainfo) = config.get_path("http.cainfo")? {
handle.cainfo(&cainfo.val)?;
}
if let Some(check) = config.get_bool("http.check-revoke")? {
handle.ssl_options(SslOpt::new().no_revoke(!check.val))?;
}
if let Some(timeout) = http_timeout(config)? {
handle.connect_timeout(Duration::new(timeout as u64, 0))?;
handle.low_speed_time(Duration::new(timeout as u64, 0))?;
Expand Down
1 change: 1 addition & 0 deletions src/doc/config.md
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ proxy = "host:port" # HTTP proxy to use for HTTP requests (defaults to none)
# in libcurl format, e.g. "socks5h://host:port"
timeout = 60000 # Timeout for each HTTP request, in milliseconds
cainfo = "cert.pem" # Path to Certificate Authority (CA) bundle (optional)
check-revoke = true # Indicates whether SSL certs are checked for revocation

[build]
jobs = 1 # number of parallel jobs, defaults to # of CPUs
Expand Down

0 comments on commit 1eda2d2

Please sign in to comment.