Add --cacert and --proxy-cacert
Fixes https://github.com/fangfufu/httpdirfs/issues/108
This commit is contained in:
parent
ff5f566dd9
commit
12abb7d8ad
|
@ -53,6 +53,8 @@ typedef struct {
|
||||||
char *proxy_username;
|
char *proxy_username;
|
||||||
/** \brief HTTP proxy password */
|
/** \brief HTTP proxy password */
|
||||||
char *proxy_password;
|
char *proxy_password;
|
||||||
|
/** \brief HTTP proxy certificate file */
|
||||||
|
char *proxy_cafile;
|
||||||
/** \brief HTTP maximum connection count */
|
/** \brief HTTP maximum connection count */
|
||||||
long max_conns;
|
long max_conns;
|
||||||
/** \brief HTTP user agent*/
|
/** \brief HTTP user agent*/
|
||||||
|
@ -63,6 +65,8 @@ typedef struct {
|
||||||
int no_range_check;
|
int no_range_check;
|
||||||
/** \brief Disable TLS certificate verification */
|
/** \brief Disable TLS certificate verification */
|
||||||
int insecure_tls;
|
int insecure_tls;
|
||||||
|
/** \brief Server certificate file */
|
||||||
|
char *cafile;
|
||||||
/*--------------- Cache related ---------------*/
|
/*--------------- Cache related ---------------*/
|
||||||
/** \brief Whether cache mode is enabled */
|
/** \brief Whether cache mode is enabled */
|
||||||
int cache_enabled;
|
int cache_enabled;
|
||||||
|
|
33
src/link.c
33
src/link.c
|
@ -95,6 +95,25 @@ static CURL *Link_to_curl(Link *link)
|
||||||
if (ret) {
|
if (ret) {
|
||||||
lprintf(error, "%s", curl_easy_strerror(ret));
|
lprintf(error, "%s", curl_easy_strerror(ret));
|
||||||
}
|
}
|
||||||
|
if (CONFIG.cafile) {
|
||||||
|
/*
|
||||||
|
* Having been given a certificate file, disable any search directory
|
||||||
|
* built into libcurl, so that we exclusively use the explicitly given
|
||||||
|
* certificate(s).
|
||||||
|
*
|
||||||
|
* If we ever add a CAPATH option, we should do the mirror for CAINFO,
|
||||||
|
* too: disable both and then enable whichever one(s) were given.
|
||||||
|
*/
|
||||||
|
ret = curl_easy_setopt(curl, CURLOPT_CAPATH, NULL);
|
||||||
|
if (ret) {
|
||||||
|
lprintf(error, "%s", curl_easy_strerror(ret));
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = curl_easy_setopt(curl, CURLOPT_CAINFO, CONFIG.cafile);
|
||||||
|
if (ret) {
|
||||||
|
lprintf(error, "%s", curl_easy_strerror(ret));
|
||||||
|
}
|
||||||
|
}
|
||||||
if (CONFIG.insecure_tls) {
|
if (CONFIG.insecure_tls) {
|
||||||
ret = curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
|
ret = curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
|
@ -146,6 +165,20 @@ static CURL *Link_to_curl(Link *link)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (CONFIG.proxy_cafile) {
|
||||||
|
/* See CONFIG.cafile above */
|
||||||
|
ret = curl_easy_setopt(curl, CURLOPT_PROXY_CAPATH, NULL);
|
||||||
|
if (ret) {
|
||||||
|
lprintf(error, "%s", curl_easy_strerror(ret));
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO,
|
||||||
|
CONFIG.proxy_cafile);
|
||||||
|
if (ret) {
|
||||||
|
lprintf(error, "%s", curl_easy_strerror(ret));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return curl;
|
return curl;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
10
src/main.c
10
src/main.c
|
@ -199,6 +199,8 @@ parse_arg_list(int argc, char **argv, char ***fuse_argv, int *fuse_argc)
|
||||||
{ "insecure-tls", no_argument, NULL, 'L' }, /* 20 */
|
{ "insecure-tls", no_argument, NULL, 'L' }, /* 20 */
|
||||||
{ "config", required_argument, NULL, 'L' }, /* 21 */
|
{ "config", required_argument, NULL, 'L' }, /* 21 */
|
||||||
{ "single-file-mode", required_argument, NULL, 'L' }, /* 22 */
|
{ "single-file-mode", required_argument, NULL, 'L' }, /* 22 */
|
||||||
|
{ "cacert", required_argument, NULL, 'L' }, /* 23 */
|
||||||
|
{ "proxy-cacert", required_argument, NULL, 'L' }, /* 24 */
|
||||||
{ 0, 0, 0, 0 }
|
{ 0, 0, 0, 0 }
|
||||||
};
|
};
|
||||||
while ((c =
|
while ((c =
|
||||||
|
@ -296,6 +298,12 @@ parse_arg_list(int argc, char **argv, char ***fuse_argv, int *fuse_argc)
|
||||||
case 22:
|
case 22:
|
||||||
CONFIG.mode = SINGLE;
|
CONFIG.mode = SINGLE;
|
||||||
break;
|
break;
|
||||||
|
case 23:
|
||||||
|
CONFIG.cafile = strdup(optarg);
|
||||||
|
break;
|
||||||
|
case 24:
|
||||||
|
CONFIG.proxy_cafile = strdup(optarg);
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
fprintf(stderr, "see httpdirfs -h for usage\n");
|
fprintf(stderr, "see httpdirfs -h for usage\n");
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -347,9 +355,11 @@ HTTPDirFS options:\n\
|
||||||
https://curl.haxx.se/libcurl/c/CURLOPT_PROXY.html\n\
|
https://curl.haxx.se/libcurl/c/CURLOPT_PROXY.html\n\
|
||||||
--proxy-username Username for the proxy\n\
|
--proxy-username Username for the proxy\n\
|
||||||
--proxy-password Password for the proxy\n\
|
--proxy-password Password for the proxy\n\
|
||||||
|
--proxy-cacert Certificate authority for the proxy\n\
|
||||||
--cache Enable cache (default: off)\n\
|
--cache Enable cache (default: off)\n\
|
||||||
--cache-location Set a custom cache location\n\
|
--cache-location Set a custom cache location\n\
|
||||||
(default: \"${XDG_CACHE_HOME}/httpdirfs\")\n\
|
(default: \"${XDG_CACHE_HOME}/httpdirfs\")\n\
|
||||||
|
--cacert Certificate authority for the server\n\
|
||||||
--dl-seg-size Set cache download segment size, in MB (default: 8)\n\
|
--dl-seg-size Set cache download segment size, in MB (default: 8)\n\
|
||||||
Note: this setting is ignored if previously\n\
|
Note: this setting is ignored if previously\n\
|
||||||
cached data is found for the requested file.\n\
|
cached data is found for the requested file.\n\
|
||||||
|
|
Loading…
Reference in New Issue