Re: [Qemu-devel] [PATCH 2/3] curl: Add sslverify option

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Matthew Booth <mbooth@redhat.com>
To: Kevin Wolf <kwolf@redhat.com>
Cc: peter.maydell@linaro.org, qemu-devel@nongnu.org, stefanha@redhat.com
Subject: Re: [Qemu-devel] [PATCH 2/3] curl: Add sslverify option
Date: Thu, 01 May 2014 09:59:53 +0100	[thread overview]
Message-ID: <53620D09.8010406@redhat.com> (raw)
In-Reply-To: <20140430152017.GF4380@noname.redhat.com>

On 30/04/14 16:32, Kevin Wolf wrote:
> Am 30.04.2014 um 16:20 hat Matthew Booth geschrieben:
>> This allows qemu to use images over https with a self-signed certificate. It
>> defaults to verifying the certificate.
>>
>> Signed-off-by: Matthew Booth <mbooth@redhat.com>
>> ---
>>  block/curl.c | 33 +++++++++++++++++++++++++++++++++
>>  1 file changed, 33 insertions(+)
>>
>> diff --git a/block/curl.c b/block/curl.c
>> index 4de6856..e427e52 100644
>> --- a/block/curl.c
>> +++ b/block/curl.c
>> @@ -23,6 +23,7 @@
>>   */
>>  #include "qemu-common.h"
>>  #include "block/block_int.h"
>> +#include "qapi/qmp/qbool.h"
>>  #include <curl/curl.h>
>>  
>>  // #define DEBUG
>> @@ -54,6 +55,7 @@
>>  
>>  #define CURL_BLOCK_OPT_URL       "url"
>>  #define CURL_BLOCK_OPT_READAHEAD "readahead"
>> +#define CURL_BLOCK_OPT_SSLVERIFY "sslverify"
>>  
>>  struct BDRVCURLState;
>>  
>> @@ -91,6 +93,7 @@ typedef struct BDRVCURLState {
>>      CURLState states[CURL_NUM_STATES];
>>      char *url;
>>      size_t readahead_size;
>> +    bool sslverify;
>>      bool accept_range;
>>  } BDRVCURLState;
>>  
>> @@ -357,6 +360,7 @@ static CURLState *curl_init_state(BDRVCURLState *s)
>>              return NULL;
>>          }
>>          curl_easy_setopt(state->curl, CURLOPT_URL, s->url);
>> +        curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYPEER, s->sslverify);
>>          curl_easy_setopt(state->curl, CURLOPT_TIMEOUT, 5);
>>          curl_easy_setopt(state->curl, CURLOPT_WRITEFUNCTION,
>>                           (void *)curl_read_cb);
>> @@ -440,6 +444,27 @@ static void curl_parse_filename(const char *filename, QDict *options,
>>                  *end = '\0';
>>                  qdict_put(options, CURL_BLOCK_OPT_READAHEAD,
>>                            qstring_from_str(value));
>> +            } else if (opt_len == strlen(CURL_BLOCK_OPT_SSLVERIFY) &&
>> +                       memcmp(opt_start, CURL_BLOCK_OPT_SSLVERIFY,
>> +                       opt_len) == 0) {
>> +                /* This is redundant after the first iteration */
>> +                *end = '\0';
>> +
>> +                int sslverify;
>> +                if (value_len == strlen("on") &&
>> +                    memcmp(value, "on", value_len) == 0) {
>> +                    sslverify = 1;
>> +                } else if (value_len == strlen("off") &&
>> +                         memcmp(value, "off", value_len) == 0) {
> 
> Indentation is off here.

Thanks. I'll repost after we've come to a decision about the option syntax.

Matt
-- 
Matthew Booth
Red Hat Engineering, Virtualisation Team

Phone: +442070094448 (UK)
GPG ID:  D33C3490
GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490

     prev parent reply	other threads:[~2014-05-01  9:00 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1398867658-2069-1-git-send-email-mbooth@redhat.com>
     [not found] ` <1398867658-2069-2-git-send-email-mbooth@redhat.com>
     [not found]   ` <20140430151638.GE4380@noname.redhat.com>
2014-05-01  8:56     ` [Qemu-devel] [PATCH 1/3] curl: Fix parsing of readahead option from filename Matthew Booth
2014-05-01 12:04       ` Eric Blake
2014-05-05  9:27       ` Kevin Wolf
     [not found] ` <1398867658-2069-3-git-send-email-mbooth@redhat.com>
     [not found]   ` <20140430152017.GF4380@noname.redhat.com>
2014-05-01  8:59     ` Matthew Booth [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53620D09.8010406@redhat.com \
    --to=mbooth@redhat.com \
    --cc=kwolf@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    --cc=stefanha@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.