26
26
# Boston, MA 02110-1301, USA.
27
27
"""Settings mapping."""
28
28
29
+ from ssl import get_default_verify_paths
30
+
29
31
from _pygit2 import option
30
32
from _pygit2 import GIT_OPT_GET_SEARCH_PATH , GIT_OPT_SET_SEARCH_PATH
31
33
from _pygit2 import GIT_OPT_GET_MWINDOW_SIZE , GIT_OPT_SET_MWINDOW_SIZE
34
36
from _pygit2 import GIT_OPT_GET_CACHED_MEMORY
35
37
from _pygit2 import GIT_OPT_ENABLE_CACHING
36
38
from _pygit2 import GIT_OPT_SET_CACHE_MAX_SIZE
37
-
39
+ from _pygit2 import GIT_OPT_SET_SSL_CERT_LOCATIONS
38
40
39
41
40
42
__metaclass__ = type # make all classes new-style by default
@@ -56,6 +58,13 @@ class Settings:
56
58
57
59
_search_path = SearchPathList ()
58
60
61
+ def __init__ (self ):
62
+ self ._default_tls_verify_paths = get_default_verify_paths ()
63
+ self .set_ssl_cert_locations (
64
+ self ._default_tls_verify_paths .cafile ,
65
+ self ._default_tls_verify_paths .capath ,
66
+ )
67
+
59
68
@property
60
69
def search_path (self ):
61
70
"""Configuration file search path.
@@ -106,4 +115,39 @@ def cache_object_limit(self, object_type, value):
106
115
"""
107
116
return option (GIT_OPT_SET_CACHE_OBJECT_LIMIT , object_type , value )
108
117
118
+ @property
119
+ def ssl_cert_file (self ):
120
+ """TLS certificate file path."""
121
+ return self ._ssl_cert_file
122
+
123
+ @ssl_cert_file .setter
124
+ def ssl_cert_file (self , value ):
125
+ """Set the TLS cert file path."""
126
+ self .set_ssl_cert_locations (value , self ._ssl_cert_dir )
127
+
128
+ @ssl_cert_file .deleter
129
+ def ssl_cert_file (self ):
130
+ """Reset the TLS cert file path."""
131
+ self .ssl_cert_file = self ._default_tls_verify_paths .cafile
109
132
133
+ @property
134
+ def ssl_cert_dir (self ):
135
+ """TLS certificates lookup directory path."""
136
+ return self ._ssl_cert_dir
137
+
138
+ @ssl_cert_dir .setter
139
+ def ssl_cert_dir (self , value ):
140
+ """Set the TLS certificate lookup folder."""
141
+ self .set_ssl_cert_locations (self ._ssl_cert_file , value )
142
+
143
+ @ssl_cert_dir .deleter
144
+ def ssl_cert_dir (self ):
145
+ """Reset the TLS certificate lookup folder."""
146
+ self .ssl_cert_dir = self ._default_tls_verify_paths .capath
147
+
148
+ def set_ssl_cert_locations (self , ssl_cert_file , ssl_cert_dir ):
149
+ """Set both file path and lookup dir for TLS certs in libgit2.
150
+ """
151
+ option (GIT_OPT_SET_SSL_CERT_LOCATIONS , ssl_cert_file , ssl_cert_dir )
152
+ self ._ssl_cert_file = ssl_cert_file
153
+ self ._ssl_cert_dir = ssl_cert_dir
0 commit comments