On Fri, Jan 17, 2020 at 03:54:15PM +0100, Wiktor Gołgowski wrote:
 This change adds cainfo and capath options to the curl plugin.
 They refer directly to CURLOPT_CAINFO and CURLOPT_CAPATH, as documented
 in libcurl.
 
 Signed-off-by: Wiktor Gołgowski <wiktor.golgowski(a)linux.intel.com>
 ---
  plugins/curl/curl.c                 | 16 ++++++++++++++++
  plugins/curl/nbdkit-curl-plugin.pod |  9 +++++++++
  2 files changed, 25 insertions(+)
 
 diff --git a/plugins/curl/curl.c b/plugins/curl/curl.c
 index 007449b..1381832 100644
 --- a/plugins/curl/curl.c
 +++ b/plugins/curl/curl.c
 @@ -66,6 +66,8 @@ static bool sslverify = true;
  static uint32_t timeout = 0;
  static const char *unix_socket_path = NULL;
  static long protocols = CURLPROTO_ALL;
 +static const char *cainfo = NULL;
 +static const char *capath = NULL;
  
  /* Use '-D curl.verbose=1' to set. */
  int curl_debug_verbose = 0;
 @@ -231,6 +233,14 @@ curl_config (const char *key, const char *value)
        return -1;
    }
  
 +  else if (strcmp (key, "cainfo") == 0) {
 +    cainfo = value;
 +  }
 +
 +  else if (strcmp (key, "capath") == 0) {
 +    capath =  value;
 +  }
 +
    else {
      nbdkit_error ("unknown parameter '%s'", key);
      return -1;
 @@ -253,6 +263,8 @@ curl_config_complete (void)
  }
  
  #define curl_config_help \
 +  "cainfo=<CAINFO>            Path to Certificate Authority file.\n" \
 +  "capath=<CAPATH>            Path to directory with CA certificates.\n"
\
    "cookie=<COOKIE>            Set HTTP/HTTPS cookies.\n" \
    "password=<PASSWORD>        The password for the user account.\n" \
    "protocols=PROTO,PROTO,..   Limit protocols allowed.\n" \
 @@ -369,6 +381,10 @@ curl_open (int readonly)
      curl_easy_setopt (h->c, CURLOPT_PROXYPASSWORD, proxy_password);
    if (cookie)
      curl_easy_setopt (h->c, CURLOPT_COOKIE, cookie);
 +  if (cainfo)
 +    curl_easy_setopt (h->c, CURLOPT_CAINFO, cainfo);
 +  if (capath)
 +    curl_easy_setopt (h->c, CURLOPT_CAPATH, capath);
  
    /* Get the file size and also whether the remote HTTP server
     * supports byte ranges.
 diff --git a/plugins/curl/nbdkit-curl-plugin.pod b/plugins/curl/nbdkit-curl-plugin.pod
 index 827e0bd..f9156af 100644
 --- a/plugins/curl/nbdkit-curl-plugin.pod
 +++ b/plugins/curl/nbdkit-curl-plugin.pod
 @@ -34,6 +34,15 @@ ports and protocols used to serve NBD see L<nbdkit(1)>).
  
  =over 4
  
 +=item B<cainfo=>FILENAME
 +
 +Configure CA bundle for libcurl. See L<CURLOPT_CAINFO> for details.
 +
 +=item B<capath=>PATH
 +
 +Set CA certificates directory location for libcurl. See
 +L<CURLOPT_CAPATH> for more information.
 +
  =item B<cookie=>COOKIE
  
  =item B<cookie=+>FILENAME
 -- 
 2.20.1 
Thanks - added & pushed.  There was a tiny documentation
correction which I folded in.
Rich.
-- 
Richard Jones, Virtualization Group, Red Hat 
http://people.redhat.com/~rjones
Read my programming and virtualization blog: 
http://rwmj.wordpress.com
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top