Skip to content

M
mpd
Commit 681643ea authored by Max Kellermann's avatar Max Kellermann
Browse files
Options

input/curl: options "verify_peer" and "verify_host"

parent fa947e02
Hide whitespace changes
Inline Side-by-side
Showing with 33 additions and 0 deletions
NEWS
View file @ 681643ea
...@@ -23,6 +23,7 @@ ver 0.19 (not yet released) ...@@ -23,6 +23,7 @@ ver 0.19 (not yet released)
- read tags from songs in an archive - read tags from songs in an archive
* input * input
- alsa: new input plugin - alsa: new input plugin
- curl: options "verify_peer" and "verify_host"
- mms: non-blocking I/O - mms: non-blocking I/O
- nfs: new input plugin - nfs: new input plugin
- smbclient: new input plugin - smbclient: new input plugin
......
doc/user.xml
View file @ 681643ea
...@@ -1106,6 +1106,30 @@ systemctl start mpd.socket</programlisting> ...@@ -1106,6 +1106,30 @@ systemctl start mpd.socket</programlisting>
Configures proxy authentication. Configures proxy authentication.
</entry> </entry>
</row> </row>
<row>
<entry>
<varname>verify_peer</varname>
<parameter>yes|no</parameter>
</entry>
<entry>
Verify the peer's SSL certificate? <ulink
url="http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYPEER.html">More
information</ulink>.
</entry>
</row>
<row>
<entry>
<varname>verify_host</varname>
<parameter>yes|no</parameter>
</entry>
<entry>
Verify the certificate's name against host? <ulink
url="http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYHOST.html">More
information</ulink>.
</entry>
</row>
</tbody> </tbody>
</tgroup> </tgroup>
</informaltable> </informaltable>
......
src/input/plugins/CurlInputPlugin.cxx
View file @ 681643ea
...@@ -245,6 +245,8 @@ static struct curl_slist *http_200_aliases; ...@@ -245,6 +245,8 @@ static struct curl_slist *http_200_aliases;
static const char *proxy, *proxy_user, *proxy_password; static const char *proxy, *proxy_user, *proxy_password;
static unsigned proxy_port; static unsigned proxy_port;
static bool verify_peer, verify_host;
static CurlMulti *curl_multi; static CurlMulti *curl_multi;
static constexpr Domain http_domain("http"); static constexpr Domain http_domain("http");
...@@ -562,6 +564,9 @@ input_curl_init(const config_param &param, Error &error) ...@@ -562,6 +564,9 @@ input_curl_init(const config_param &param, Error &error)
""); "");
} }
verify_peer = param.GetBlockValue("verify_peer", true);
verify_host = param.GetBlockValue("verify_host", true);
CURLM *multi = curl_multi_init(); CURLM *multi = curl_multi_init();
if (multi == nullptr) { if (multi == nullptr) {
curl_slist_free_all(http_200_aliases); curl_slist_free_all(http_200_aliases);
...@@ -740,6 +745,9 @@ CurlInputStream::InitEasy(Error &error) ...@@ -740,6 +745,9 @@ CurlInputStream::InitEasy(Error &error)
curl_easy_setopt(easy, CURLOPT_PROXYUSERPWD, proxy_auth_str); curl_easy_setopt(easy, CURLOPT_PROXYUSERPWD, proxy_auth_str);
} }
curl_easy_setopt(easy, CURLOPT_SSL_VERIFYPEER, verify_peer ? 1l : 0l);
curl_easy_setopt(easy, CURLOPT_SSL_VERIFYHOST, verify_host ? 2l : 0l);
CURLcode code = curl_easy_setopt(easy, CURLOPT_URL, GetURI()); CURLcode code = curl_easy_setopt(easy, CURLOPT_URL, GetURI());
if (code != CURLE_OK) { if (code != CURLE_OK) {
error.Format(curl_domain, code, error.Format(curl_domain, code,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment