[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 13/22] curl: Add sslverify option
From: |
Kevin Wolf |
Subject: |
[Qemu-devel] [PULL 13/22] curl: Add sslverify option |
Date: |
Mon, 19 May 2014 16:22:31 +0200 |
From: Matthew Booth <address@hidden>
This allows qemu to use images over https with a self-signed certificate. It
defaults to verifying the certificate.
Signed-off-by: Matthew Booth <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
---
block/curl.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/block/curl.c b/block/curl.c
index 1b9f2f2..f491b0b 100644
--- a/block/curl.c
+++ b/block/curl.c
@@ -23,6 +23,7 @@
*/
#include "qemu-common.h"
#include "block/block_int.h"
+#include "qapi/qmp/qbool.h"
#include <curl/curl.h>
// #define DEBUG
@@ -69,6 +70,7 @@ static CURLMcode __curl_multi_socket_action(CURLM
*multi_handle,
#define CURL_BLOCK_OPT_URL "url"
#define CURL_BLOCK_OPT_READAHEAD "readahead"
+#define CURL_BLOCK_OPT_SSLVERIFY "sslverify"
struct BDRVCURLState;
@@ -106,6 +108,7 @@ typedef struct BDRVCURLState {
CURLState states[CURL_NUM_STATES];
char *url;
size_t readahead_size;
+ bool sslverify;
bool accept_range;
} BDRVCURLState;
@@ -372,6 +375,8 @@ static CURLState *curl_init_state(BDRVCURLState *s)
return NULL;
}
curl_easy_setopt(state->curl, CURLOPT_URL, s->url);
+ curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYPEER,
+ (long) s->sslverify);
curl_easy_setopt(state->curl, CURLOPT_TIMEOUT, 5);
curl_easy_setopt(state->curl, CURLOPT_WRITEFUNCTION,
(void *)curl_read_cb);
@@ -431,6 +436,11 @@ static QemuOptsList runtime_opts = {
.type = QEMU_OPT_SIZE,
.help = "Readahead size",
},
+ {
+ .name = CURL_BLOCK_OPT_SSLVERIFY,
+ .type = QEMU_OPT_BOOL,
+ .help = "Verify SSL certificate"
+ },
{ /* end of list */ }
},
};
@@ -467,6 +477,8 @@ static int curl_open(BlockDriverState *bs, QDict *options,
int flags,
goto out_noclean;
}
+ s->sslverify = qemu_opt_get_bool(opts, CURL_BLOCK_OPT_SSLVERIFY, true);
+
file = qemu_opt_get(opts, CURL_BLOCK_OPT_URL);
if (file == NULL) {
error_setg(errp, "curl block driver requires an 'url' option");
--
1.8.3.1
- [Qemu-devel] [PULL 03/22] block: vhdx - account for identical header sections, (continued)
- [Qemu-devel] [PULL 03/22] block: vhdx - account for identical header sections, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 08/22] iotests: Add test for the JSON protocol, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 09/22] qemu-iotests: Fix core dump suppression in test 039, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 07/22] block: Allow JSON filenames, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 10/22] qemu-iotests: Fix blkdebug in VM drive in 030, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 14/22] curl: Add usage documentation, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 12/22] curl: Remove broken parsing of options from url, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 11/22] curl: Fix build when curl_multi_socket_action isn't available, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 15/22] qcow1: Make padding in the header explicit, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 16/22] qcow1: Check maximum cluster size, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 13/22] curl: Add sslverify option,
Kevin Wolf <=
- [Qemu-devel] [PULL 17/22] qcow1: Validate L2 table size (CVE-2014-0222), Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 19/22] qcow1: Stricter backing file length check, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 18/22] qcow1: Validate image size (CVE-2014-0223), Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 20/22] util: add qemu_iovec_is_zero, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 21/22] blockdev: add a function to parse enum ids from strings, Kevin Wolf, 2014/05/19
- [Qemu-devel] [PULL 22/22] block: optimize zero writes with bdrv_write_zeroes, Kevin Wolf, 2014/05/19
- Re: [Qemu-devel] [PULL 00/22] Block patches, Peter Maydell, 2014/05/22