From: Junio C Hamano Date: Fri, 22 May 2015 19:41:45 +0000 (-0700) Subject: Merge branch 'ls/http-ssl-cipher-list' X-Git-Tag: v2.5.0-rc0~97 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=39fa79178feb1ce72050ebd21b9e34f158e8befa;p=git Merge branch 'ls/http-ssl-cipher-list' Introduce http..SSLCipherList configuration variable to tweak the list of cipher suite to be used with libcURL when talking with https:// sites. * ls/http-ssl-cipher-list: http: add support for specifying an SSL cipher list --- 39fa79178feb1ce72050ebd21b9e34f158e8befa diff --cc Documentation/config.txt index 948b8b0e5c,0a01bf930b..efea933561 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@@ -1562,13 -1554,26 +1562,26 @@@ http.cookieFile: in the Git http session, if they match the server. The file format of the file to read cookies from should be plain HTTP headers or the Netscape/Mozilla cookie file format (see linkgit:curl[1]). - NOTE that the file specified with http.cookiefile is only used as + NOTE that the file specified with http.cookieFile is only used as input unless http.saveCookies is set. -http.savecookies:: +http.saveCookies:: If set, store cookies received during requests to the file specified by - http.cookiefile. Has no effect if http.cookiefile is unset. + http.cookieFile. Has no effect if http.cookieFile is unset. + http.sslCipherList:: + A list of SSL ciphers to use when negotiating an SSL connection. + The available ciphers depend on whether libcurl was built against + NSS or OpenSSL and the particular configuration of the crypto + library in use. Internally this sets the 'CURLOPT_SSL_CIPHER_LIST' + option; see the libcurl documentation for more details on the format + of this list. + + + Can be overridden by the 'GIT_SSL_CIPHER_LIST' environment variable. + To force git to use libcurl's default cipher list and ignore any + explicit http.sslCipherList option, set 'GIT_SSL_CIPHER_LIST' to the + empty string. + http.sslVerify:: Whether to verify the SSL certificate when fetching or pushing over HTTPS. Can be overridden by the 'GIT_SSL_NO_VERIFY' environment