Skip to content

Commit

Permalink
Fix ssl handling by not setting GIT_SSL_NO_VERIFY=false (#2361)
Browse files Browse the repository at this point in the history
  • Loading branch information
@nacho4d @sheerun
nacho4d authored and sheerun committed Nov 7, 2016
1 parent cba4b2a commit f7c5154
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 5 deletions.
4 changes: 3 additions & 1 deletion lib/core/resolvers/GitResolver.js
View file
Expand Up @@ -26,7 +26,9 @@ function GitResolver(decEndpoint, config, logger) {
// anyway
mkdirp.sync(config.storage.empty);
process.env.GIT_TEMPLATE_DIR = config.storage.empty;
process.env.GIT_SSL_NO_VERIFY = (!config.strictSsl).toString();
if (!config.strictSsl) {
process.env.GIT_SSL_NO_VERIFY = 'true';
}
process.env.GIT_TERMINAL_PROMPT = config.interactive ? '1' : '0';

Resolver.call(this, decEndpoint, config, logger);
Expand Down
9 changes: 5 additions & 4 deletions test/core/resolvers/gitResolver.js
View file
Expand Up @@ -50,16 +50,17 @@ describe('GitResolver', function () {
expect(process.env).to.not.have.property('GIT_SSL_NO_VERIFY');

resolver = new GitResolver(decEndpoint, defaultConfig(), logger);
expect(process.env).to.have.property('GIT_SSL_NO_VERIFY', 'false');
delete process.env.GIT_SSL_NO_VERIFY;
expect(process.env).to.not.have.property('GIT_SSL_NO_VERIFY');

resolver = new GitResolver(decEndpoint, defaultConfig({strictSsl: false}), logger);
expect(process.env).to.have.property('GIT_SSL_NO_VERIFY', 'true');
delete process.env.GIT_SSL_NO_VERIFY;

// git only checks the existence of GIT_SSL_NO_VERIFY.
// git does NOT check whether is true of false.
// Hence not exporting GIT_SSL_NO_VERIFY is effectively equivalent to 'false'
resolver = new GitResolver(decEndpoint, defaultConfig({strictSsl: true}), logger);
expect(process.env).to.have.property('GIT_SSL_NO_VERIFY', 'false');
delete process.env.GIT_SSL_NO_VERIFY;
expect(process.env).to.not.have.property('GIT_SSL_NO_VERIFY');
});
});

Expand Down

0 comments on commit f7c5154

Please sign in to comment.