[Libguestfs] [PATCH 3/3] nbdkit/curl: handle zero-length CAInfo string in nbdkit curl plugin.

From: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski(a)intel.com&gt; Recent change in libcurl causes the certificate store file option (CAINFO) to be set to a specific value during the compilation. To mitigate this behavior, zero-length string is passed as option cainfo to nbdkit curl plugin, which sets the CAINFO option to null. Signed-off-by: Wiktor Golgowski <wiktor.golgowski(a)intel.com&gt; Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski(a)intel.com&gt; --- plugins/curl/curl.c | 8 ++++++-- plugins/curl/nbdkit-curl-plugin.pod | 3 +++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/plugins/curl/curl.c b/plugins/curl/curl.c index 2e823b3f..a1b0afba 100644 --- a/plugins/curl/curl.c +++ b/plugins/curl/curl.c @@ -503,8 +503,12 @@ curl_open (int readonly) curl_easy_setopt (h->c, CURLOPT_FAILONERROR, 1L); /* Options. */ - if (cainfo) - curl_easy_setopt (h->c, CURLOPT_CAINFO, cainfo); + if (cainfo) { + if (strlen (cainfo) == 0) + curl_easy_setopt (h->c, CURLOPT_CAINFO, NULL); + else + curl_easy_setopt (h->c, CURLOPT_CAINFO, cainfo); + } if (capath) curl_easy_setopt (h->c, CURLOPT_CAPATH, capath); if (cookie) diff --git a/plugins/curl/nbdkit-curl-plugin.pod b/plugins/curl/nbdkit-curl-plugin.pod index 3842421e..44e050df 100644 --- a/plugins/curl/nbdkit-curl-plugin.pod +++ b/plugins/curl/nbdkit-curl-plugin.pod @@ -42,6 +42,9 @@ ports and protocols used to serve NBD see L<nbdkit(1)>). Configure CA bundle for libcurl. See L<CURLOPT_CAINFO(3)> for details. +Pass empty string in order to not use the default certificate store +that libcurl is compiled with. + =item B<capath=>PATH (nbdkit E<ge> 1.18) -- 2.26.2