Wiktor Gołgowski
2020-Jan-17 14:54 UTC
[Libguestfs] [PATCH nbdkit] Add cainfo and capath options to curl plugin
This change adds cainfo and capath options to the curl plugin. They refer directly to CURLOPT_CAINFO and CURLOPT_CAPATH, as documented in libcurl. Signed-off-by: Wiktor Gołgowski <wiktor.golgowski@linux.intel.com> --- plugins/curl/curl.c | 16 ++++++++++++++++ plugins/curl/nbdkit-curl-plugin.pod | 9 +++++++++ 2 files changed, 25 insertions(+) diff --git a/plugins/curl/curl.c b/plugins/curl/curl.c index 007449b..1381832 100644 --- a/plugins/curl/curl.c +++ b/plugins/curl/curl.c @@ -66,6 +66,8 @@ static bool sslverify = true; static uint32_t timeout = 0; static const char *unix_socket_path = NULL; static long protocols = CURLPROTO_ALL; +static const char *cainfo = NULL; +static const char *capath = NULL; /* Use '-D curl.verbose=1' to set. */ int curl_debug_verbose = 0; @@ -231,6 +233,14 @@ curl_config (const char *key, const char *value) return -1; } + else if (strcmp (key, "cainfo") == 0) { + cainfo = value; + } + + else if (strcmp (key, "capath") == 0) { + capath = value; + } + else { nbdkit_error ("unknown parameter '%s'", key); return -1; @@ -253,6 +263,8 @@ curl_config_complete (void) } #define curl_config_help \ + "cainfo=<CAINFO> Path to Certificate Authority file.\n" \ + "capath=<CAPATH> Path to directory with CA certificates.\n" \ "cookie=<COOKIE> Set HTTP/HTTPS cookies.\n" \ "password=<PASSWORD> The password for the user account.\n" \ "protocols=PROTO,PROTO,.. Limit protocols allowed.\n" \ @@ -369,6 +381,10 @@ curl_open (int readonly) curl_easy_setopt (h->c, CURLOPT_PROXYPASSWORD, proxy_password); if (cookie) curl_easy_setopt (h->c, CURLOPT_COOKIE, cookie); + if (cainfo) + curl_easy_setopt (h->c, CURLOPT_CAINFO, cainfo); + if (capath) + curl_easy_setopt (h->c, CURLOPT_CAPATH, capath); /* Get the file size and also whether the remote HTTP server * supports byte ranges. diff --git a/plugins/curl/nbdkit-curl-plugin.pod b/plugins/curl/nbdkit-curl-plugin.pod index 827e0bd..f9156af 100644 --- a/plugins/curl/nbdkit-curl-plugin.pod +++ b/plugins/curl/nbdkit-curl-plugin.pod @@ -34,6 +34,15 @@ ports and protocols used to serve NBD see L<nbdkit(1)>). =over 4 +=item B<cainfo=>FILENAME + +Configure CA bundle for libcurl. See L<CURLOPT_CAINFO> for details. + +=item B<capath=>PATH + +Set CA certificates directory location for libcurl. See +L<CURLOPT_CAPATH> for more information. + =item B<cookie=>COOKIE =item B<cookie=+>FILENAME -- 2.20.1
Richard W.M. Jones
2020-Jan-17 21:49 UTC
Re: [Libguestfs] [PATCH nbdkit] Add cainfo and capath options to curl plugin
On Fri, Jan 17, 2020 at 03:54:15PM +0100, Wiktor Gołgowski wrote:> This change adds cainfo and capath options to the curl plugin. > They refer directly to CURLOPT_CAINFO and CURLOPT_CAPATH, as documented > in libcurl. > > Signed-off-by: Wiktor Gołgowski <wiktor.golgowski@linux.intel.com> > --- > plugins/curl/curl.c | 16 ++++++++++++++++ > plugins/curl/nbdkit-curl-plugin.pod | 9 +++++++++ > 2 files changed, 25 insertions(+) > > diff --git a/plugins/curl/curl.c b/plugins/curl/curl.c > index 007449b..1381832 100644 > --- a/plugins/curl/curl.c > +++ b/plugins/curl/curl.c > @@ -66,6 +66,8 @@ static bool sslverify = true; > static uint32_t timeout = 0; > static const char *unix_socket_path = NULL; > static long protocols = CURLPROTO_ALL; > +static const char *cainfo = NULL; > +static const char *capath = NULL; > > /* Use '-D curl.verbose=1' to set. */ > int curl_debug_verbose = 0; > @@ -231,6 +233,14 @@ curl_config (const char *key, const char *value) > return -1; > } > > + else if (strcmp (key, "cainfo") == 0) { > + cainfo = value; > + } > + > + else if (strcmp (key, "capath") == 0) { > + capath = value; > + } > + > else { > nbdkit_error ("unknown parameter '%s'", key); > return -1; > @@ -253,6 +263,8 @@ curl_config_complete (void) > } > > #define curl_config_help \ > + "cainfo=<CAINFO> Path to Certificate Authority file.\n" \ > + "capath=<CAPATH> Path to directory with CA certificates.\n" \ > "cookie=<COOKIE> Set HTTP/HTTPS cookies.\n" \ > "password=<PASSWORD> The password for the user account.\n" \ > "protocols=PROTO,PROTO,.. Limit protocols allowed.\n" \ > @@ -369,6 +381,10 @@ curl_open (int readonly) > curl_easy_setopt (h->c, CURLOPT_PROXYPASSWORD, proxy_password); > if (cookie) > curl_easy_setopt (h->c, CURLOPT_COOKIE, cookie); > + if (cainfo) > + curl_easy_setopt (h->c, CURLOPT_CAINFO, cainfo); > + if (capath) > + curl_easy_setopt (h->c, CURLOPT_CAPATH, capath); > > /* Get the file size and also whether the remote HTTP server > * supports byte ranges. > diff --git a/plugins/curl/nbdkit-curl-plugin.pod b/plugins/curl/nbdkit-curl-plugin.pod > index 827e0bd..f9156af 100644 > --- a/plugins/curl/nbdkit-curl-plugin.pod > +++ b/plugins/curl/nbdkit-curl-plugin.pod > @@ -34,6 +34,15 @@ ports and protocols used to serve NBD see L<nbdkit(1)>). > > =over 4 > > +=item B<cainfo=>FILENAME > + > +Configure CA bundle for libcurl. See L<CURLOPT_CAINFO> for details. > + > +=item B<capath=>PATH > + > +Set CA certificates directory location for libcurl. See > +L<CURLOPT_CAPATH> for more information. > + > =item B<cookie=>COOKIE > > =item B<cookie=+>FILENAME > -- > 2.20.1Thanks - added & pushed. There was a tiny documentation correction which I folded in. Rich. -- Richard Jones, Virtualization Group, Red Hat people.redhat.com/~rjones Read my programming and virtualization blog: rwmj.wordpress.com virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. people.redhat.com/~rjones/virt-top
Apparently Analagous Threads
- Re: [PATCH nbdkit v2] curl: Implement header and cookie scripts.
- [PATCH nbdkit RFC 0/2] curl: Implement authorization scripts.
- [PATCH nbdkit RFC 2/2] curl: Implement authorization scripts.
- [PATCH nbdkit v2] curl: Implement header and cookie scripts.
- [PATCH nbdkit v2] curl: Implement header and cookie scripts.