diff options
author | Golgowski, Wiktor <wiktor.golgowski@intel.com> | 2021-08-27 20:01:54 +0300 |
---|---|---|
committer | Golgowski, Wiktor <wiktor.golgowski@intel.com> | 2021-08-27 20:19:10 +0300 |
commit | b54c42c6c1ef6c2b58a6728317cbaedc8a3552ae (patch) | |
tree | cc49a818c094db3c520a5d0be1c791c1b67ee586 /src | |
parent | 2f81f80acc0e34cfad3d250b60f0ceba17bddbf0 (diff) | |
download | virtual-media-b54c42c6c1ef6c2b58a6728317cbaedc8a3552ae.tar.xz |
Override default libcurl CAInfo with empty string.
This change allows virtual-media to pass a zero-length string to
nbdkit curl plugin cainfo parameter, which will allow for capath
to be used.
Tested:
Manually, with Virtual-Media HTTPS test in ATF.
Change-Id: I14ffa2ecbb2bd6cadee3bb8929ef2e1b8bbbf157
Signed-off-by: Golgowski, Wiktor <wiktor.golgowski@intel.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/state/activating_state.cpp | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/src/state/activating_state.cpp b/src/state/activating_state.cpp index b1113b7..7506aed 100644 --- a/src/state/activating_state.cpp +++ b/src/state/activating_state.cpp @@ -259,19 +259,19 @@ std::unique_ptr<resource::Process> const std::string& url) { std::unique_ptr<utils::VolatileFile> secret; - std::vector<std::string> params = {// Use curl plugin ... - "curl", - // ... to mount http resource at url - "url=" + url, - // custom OpenBMC path for CA - "capath=/etc/ssl/certs/authority", - "ssl-version=tlsv1.2", - "followlocation=false", - "ssl-cipher-list=" - "ECDHE-RSA-AES256-GCM-SHA384:" - "ECDHE-ECDSA-AES256-GCM-SHA384", - "tls13-ciphers=" - "TLS_AES_256_GCM_SHA384"}; + std::vector<std::string> params = { + // Use curl plugin ... + "curl", + // ... to mount http resource at url + "url=" + url, + // custom OpenBMC path for CA + "cainfo=", "capath=/etc/ssl/certs/authority", "ssl-version=tlsv1.2", + "followlocation=false", + "ssl-cipher-list=" + "ECDHE-RSA-AES256-GCM-SHA384:" + "ECDHE-ECDSA-AES256-GCM-SHA384", + "tls13-ciphers=" + "TLS_AES_256_GCM_SHA384"}; // Authenticate if needed if (machine.getTarget()->credentials) |