[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v5 10/11] curl: introduce ssl_no_cert runtime option
From: |
Fam Zheng |
Subject: |
[Qemu-devel] [PATCH v5 10/11] curl: introduce ssl_no_cert runtime option. |
Date: |
Thu, 23 May 2013 11:38:08 +0800 |
Added an option to let curl disable ssl certificate check.
Signed-off-by: Fam Zheng <address@hidden>
---
block/curl.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/block/curl.c b/block/curl.c
index 5adbc84..b6cc5a0 100644
--- a/block/curl.c
+++ b/block/curl.c
@@ -95,6 +95,8 @@ typedef struct BDRVCURLState {
int cache_quota;
/* Whether http server accept range in header */
bool accept_range;
+ /* Whether certificated ssl only */
+ bool ssl_no_cert;
} BDRVCURLState;
static void curl_clean_state(CURLState *s);
@@ -339,6 +341,8 @@ static CURLState *curl_init_state(BDRVCURLState *s)
curl_easy_setopt(state->curl, CURLOPT_NOSIGNAL, 1);
curl_easy_setopt(state->curl, CURLOPT_ERRORBUFFER, state->errmsg);
curl_easy_setopt(state->curl, CURLOPT_FAILONERROR, 1);
+ curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYPEER,
+ s->ssl_no_cert ? 0 : 1);
/* Restrict supported protocols to avoid security issues in the more
* obscure protocols. For example, do not allow POP3/SMTP/IMAP see
@@ -429,7 +433,12 @@ static QemuOptsList runtime_opts = {
.type = QEMU_OPT_SIZE,
.help = "Readahead size",
},
- { /* end of list */ }
+ {
+ .name = "ssl_no_cert",
+ .type = QEMU_OPT_BOOL,
+ .help = "SSL certificate check",
+ },
+ { /* End of list */ }
},
};
@@ -467,6 +476,7 @@ static int curl_open(BlockDriverState *bs, QDict *options,
int flags)
goto out_noclean;
}
+ s->ssl_no_cert = qemu_opt_get_bool(opts, "ssl_no_cert", true);
if (!inited) {
curl_global_init(CURL_GLOBAL_ALL);
inited = 1;
--
1.8.2.3
- Re: [Qemu-devel] [PATCH v5 06/11] curl: introduce CURLDataCache, (continued)
- [Qemu-devel] [PATCH v5 08/11] curl: use list to store CURLState, Fam Zheng, 2013/05/22
- [Qemu-devel] [PATCH v5 09/11] curl: add cache quota., Fam Zheng, 2013/05/22
- [Qemu-devel] [PATCH v5 10/11] curl: introduce ssl_no_cert runtime option.,
Fam Zheng <=
- [Qemu-devel] [PATCH v5 11/11] block/curl.c: Refuse to open the handle for writes., Fam Zheng, 2013/05/22
- Re: [Qemu-devel] [PATCH v5 00/11] curl: fix curl read, Richard W.M. Jones, 2013/05/23
- Re: [Qemu-devel] [PATCH v5 00/11] curl: fix curl read, Stefan Hajnoczi, 2013/05/23