Introduce Acquire::AllowTLS to turn off TLS support

As requested by Henrique de Moraes Holschuh, here comes an option to disable TLS support. If the option is set to false, the internal TLS layer is disabled.
author: Julian Andres Klode <jak@debian.org> 2017-06-28 17:17:37 +0200
committer: Julian Andres Klode <jak@debian.org> 2017-06-28 17:34:51 +0200
commit: 147ac0fc90d972a11f5e91521ba3d385015b5945 (patch)
tree: 73ebcc2e77478d86ada6af081f479b6b33986039 /methods/connect.cc
parent: c81b83864b7da79250a210ea7c49b5b03a4b2b16 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/methods/connect.cc b/methods/connect.cc
index e48008214..0103b5873 100644
--- a/methods/connect.cc
+++ b/methods/connect.cc
@@ -640,6 +640,9 @@ struct TlsFd : public MethodFd
 bool UnwrapTLS(std::string Host, std::unique_ptr<MethodFd> &Fd,
 	       unsigned long Timeout, aptMethod *Owner)
 {
+   if (_config->FindB("Acquire::AllowTLS", true) == false)
+      return _error->Error("TLS support has been disabled: Acquire::AllowTLS is false.");
+
    int err;
    TlsFd *tlsFd = new TlsFd();
author	Julian Andres Klode <jak@debian.org>	2017-06-28 17:17:37 +0200
committer	Julian Andres Klode <jak@debian.org>	2017-06-28 17:34:51 +0200
commit	147ac0fc90d972a11f5e91521ba3d385015b5945 (patch)
tree	73ebcc2e77478d86ada6af081f479b6b33986039 /methods/connect.cc
parent	c81b83864b7da79250a210ea7c49b5b03a4b2b16 (diff)