richardphibel / rpms / librepo

Forked from rpms/librepo 2 years ago
Clone
Blob Blame History Raw
From 1e7673d07308081f13e7bb1829cfed2ccd865ea0 Mon Sep 17 00:00:00 2001
From: Masahiro Matsuya <mmatsuya@redhat.com>
Date: Fri, 13 Nov 2020 17:37:59 +0100
Subject: [PATCH] Add support for pkcs11 certificate and key for repository
 authorization

msg: Add support for pkcs11 certificate and key for repository authorization
type: enhancement
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1859495
---
 librepo/handle.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/librepo/handle.c b/librepo/handle.c
index d8728c4..33edf5d 100644
--- a/librepo/handle.c
+++ b/librepo/handle.c
@@ -649,6 +649,9 @@ lr_handle_setopt(LrHandle *handle,
             lr_free(handle->sslclientcert);
         handle->sslclientcert = g_strdup(va_arg(arg, char *));
         c_rc = curl_easy_setopt(c_h, CURLOPT_SSLCERT, handle->sslclientcert);
+        if (c_rc == CURLE_OK && handle->sslclientcert && !strncasecmp(handle->sslclientcert, "pkcs11:", 7)) {
+            c_rc = curl_easy_setopt(c_h, CURLOPT_SSLCERTTYPE, "ENG");
+        }
         break;
 
     case LRO_SSLCLIENTKEY:
@@ -656,6 +659,9 @@ lr_handle_setopt(LrHandle *handle,
             lr_free(handle->sslclientkey);
         handle->sslclientkey = g_strdup(va_arg(arg, char *));
         c_rc = curl_easy_setopt(c_h, CURLOPT_SSLKEY, handle->sslclientkey);
+        if (c_rc == CURLE_OK && handle->sslclientkey && !strncasecmp(handle->sslclientkey, "pkcs11:", 7)) {
+            c_rc = curl_easy_setopt(c_h, CURLOPT_SSLKEYTYPE, "ENG");
+        }
         break;
 
     case LRO_SSLCACERT:
-- 
2.26.2