http: don't allow SSL connections to a proxy

ethomson · ethomson · commit 52478d7dc323 · 2018-11-28T15:46:58.000Z
Temporarily disallow SSL connections to a proxy until we can understand
the valgrind warnings when tunneling OpenSSL over OpenSSL.
diff --git a/src/transports/http.c b/src/transports/http.c
@@ -695,7 +695,15 @@ static int load_proxy_config(http_subtransport *t)
 		return -1;
 	}
 
-	return gitno_connection_data_from_url(&t->proxy.url, t->proxy_opts.url, NULL);
+	if ((error = gitno_connection_data_from_url(&t->proxy.url, t->proxy_opts.url, NULL)) < 0)
+		return error;
+
+	if (t->proxy.url.use_ssl) {
+		giterr_set(GITERR_NET, "SSL connections to proxy are not supported");
+		return -1;
+	}
+
+	return error;
 }
 
 static int check_certificate(
