Re: [Qemu-devel] [PATCH 2/3] curl: Add sslverify option

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Matthew Booth <mbooth@redhat.com>
To: Kevin Wolf <kwolf@redhat.com>
Cc: peter.maydell@linaro.org, qemu-devel@nongnu.org, stefanha@redhat.com
Subject: Re: [Qemu-devel] [PATCH 2/3] curl: Add sslverify option
Date: Thu, 01 May 2014 09:59:53 +0100	[thread overview]
Message-ID: <53620D09.8010406@redhat.com> (raw)
In-Reply-To: <20140430152017.GF4380@noname.redhat.com>

On 30/04/14 16:32, Kevin Wolf wrote:
> Am 30.04.2014 um 16:20 hat Matthew Booth geschrieben:
>> This allows qemu to use images over https with a self-signed certificate. It
>> defaults to verifying the certificate.
>>
>> Signed-off-by: Matthew Booth <mbooth@redhat.com>
>> ---
>>  block/curl.c | 33 +++++++++++++++++++++++++++++++++
>>  1 file changed, 33 insertions(+)
>>
>> diff --git a/block/curl.c b/block/curl.c
>> index 4de6856..e427e52 100644
>> --- a/block/curl.c
>> +++ b/block/curl.c
>> @@ -23,6 +23,7 @@
>>   */
>>  #include "qemu-common.h"
>>  #include "block/block_int.h"
>> +#include "qapi/qmp/qbool.h"
>>  #include <curl/curl.h>
>>  
>>  // #define DEBUG
>> @@ -54,6 +55,7 @@
>>  
>>  #define CURL_BLOCK_OPT_URL       "url"
>>  #define CURL_BLOCK_OPT_READAHEAD "readahead"
>> +#define CURL_BLOCK_OPT_SSLVERIFY "sslverify"
>>  
>>  struct BDRVCURLState;
>>  
>> @@ -91,6 +93,7 @@ typedef struct BDRVCURLState {
>>      CURLState states[CURL_NUM_STATES];
>>      char *url;
>>      size_t readahead_size;
>> +    bool sslverify;
>>      bool accept_range;
>>  } BDRVCURLState;
>>  
>> @@ -357,6 +360,7 @@ static CURLState *curl_init_state(BDRVCURLState *s)
>>              return NULL;
>>          }
>>          curl_easy_setopt(state->curl, CURLOPT_URL, s->url);
>> +        curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYPEER, s->sslverify);
>>          curl_easy_setopt(state->curl, CURLOPT_TIMEOUT, 5);
>>          curl_easy_setopt(state->curl, CURLOPT_WRITEFUNCTION,
>>                           (void *)curl_read_cb);
>> @@ -440,6 +444,27 @@ static void curl_parse_filename(const char *filename, QDict *options,
>>                  *end = '\0';
>>                  qdict_put(options, CURL_BLOCK_OPT_READAHEAD,
>>                            qstring_from_str(value));
>> +            } else if (opt_len == strlen(CURL_BLOCK_OPT_SSLVERIFY) &&
>> +                       memcmp(opt_start, CURL_BLOCK_OPT_SSLVERIFY,
>> +                       opt_len) == 0) {
>> +                /* This is redundant after the first iteration */
>> +                *end = '\0';
>> +
>> +                int sslverify;
>> +                if (value_len == strlen("on") &&
>> +                    memcmp(value, "on", value_len) == 0) {
>> +                    sslverify = 1;
>> +                } else if (value_len == strlen("off") &&
>> +                         memcmp(value, "off", value_len) == 0) {
> 
> Indentation is off here.

Thanks. I'll repost after we've come to a decision about the option syntax.

Matt
-- 
Matthew Booth
Red Hat Engineering, Virtualisation Team

Phone: +442070094448 (UK)
GPG ID:  D33C3490
GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490

     prev parent reply	other threads:[~2014-05-01  9:00 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1398867658-2069-1-git-send-email-mbooth@redhat.com>
     [not found] ` <1398867658-2069-2-git-send-email-mbooth@redhat.com>
     [not found]   ` <20140430151638.GE4380@noname.redhat.com>
2014-05-01  8:56     ` [Qemu-devel] [PATCH 1/3] curl: Fix parsing of readahead option from filename Matthew Booth
2014-05-01 12:04       ` Eric Blake
2014-05-05  9:27       ` Kevin Wolf
     [not found] ` <1398867658-2069-3-git-send-email-mbooth@redhat.com>
     [not found]   ` <20140430152017.GF4380@noname.redhat.com>
2014-05-01  8:59     ` Matthew Booth [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53620D09.8010406@redhat.com \
    --to=mbooth@redhat.com \
    --cc=kwolf@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    --cc=stefanha@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).