Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora User (http://www.linux-archive.org/fedora-user/)
-   -   ssl: support for 'url --trustedssl' in loader. (http://www.linux-archive.org/fedora-user/394128-ssl-support-url-trustedssl-loader.html)

Ales Kozumplik 07-02-2010 12:56 PM

ssl: support for 'url --trustedssl' in loader.
 
Related: rhbz#599040
---
loader/loader.c | 2 ++
loader/loader.h | 1 +
loader/urlinstall.c | 8 ++++++--
loader/urls.c | 9 +++++++++
loader/urls.h | 3 +++
5 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/loader/loader.c b/loader/loader.c
index bd03ce1..bd7bb05 100644
--- a/loader/loader.c
+++ b/loader/loader.c
@@ -1277,6 +1277,8 @@ static char *doLoaderMain(struct loaderData_s *loaderData,
logMessage(INFO, "no stage2= given, assuming %s", tmp);
setStage2LocFromCmdline(tmp, loaderData);
free(tmp);
+ ((urlInstallData*)loaderData->stage2Data)->trustedssl =
+ loaderData->instRepo_trustedssl;

/* If we had to infer a stage2= location, but the repo= parameter
* we based this guess on was wrong, we need to correct the typo
diff --git a/loader/loader.h b/loader/loader.h
index 8fd958d..8cbb054 100644
--- a/loader/loader.h
+++ b/loader/loader.h
@@ -152,6 +152,7 @@ struct loaderData_s {
char * dogtailurl;
char * gdbServer;
char * instRepo;
+ int instRepo_trustedssl;

pid_t fw_loader_pid;
char *fw_search_pathz;
diff --git a/loader/urlinstall.c b/loader/urlinstall.c
index a56e958..7ea6938 100644
--- a/loader/urlinstall.c
+++ b/loader/urlinstall.c
@@ -245,7 +245,7 @@ char *mountUrlImage(struct installMethod *method, char *location,
* the UI.
*/
if (loaderData->method == METHOD_URL && stage2Data) {
- ui.url = strdup(stage2Data->url);
+ urlinfo_copy(&ui, stage2Data);
logMessage(INFO, "URL_STAGE_MAIN: url is %s", ui.url);

if (!ui.url) {
@@ -354,11 +354,13 @@ void setKickstartUrl(struct loaderData_s * loaderData, int argc,
char ** argv) {
char *substr = NULL;
gchar *url = NULL, *proxy = NULL;
+ gboolean trustedssl = FALSE;
GOptionContext *optCon = g_option_context_new(NULL);
GError *optErr = NULL;
GOptionEntry ksUrlOptions[] = {
{ "url", 0, 0, G_OPTION_ARG_STRING, &url, NULL, NULL },
{ "proxy", 0, 0, G_OPTION_ARG_STRING, &proxy, NULL, NULL },
+ { "trustedssl", 0, 0, G_OPTION_ARG_NONE, &trustedssl, NULL, NULL },
{ NULL },
};

@@ -395,12 +397,14 @@ void setKickstartUrl(struct loaderData_s * loaderData, int argc,
substr = strstr(url, ".img");
if (!substr || (substr && *(substr+4) != '')) {
loaderData->instRepo = strdup(url);
+ loaderData->instRepo_trustedssl = trustedssl;
} else {
if ((loaderData->stage2Data = calloc(sizeof(urlInstallData *), 1)) == NULL)
return;

- ((urlInstallData *)loaderData->stage2Data)->url = url;
loaderData->method = METHOD_URL;
+ ((urlInstallData *)loaderData->stage2Data)->url = url;
+ ((urlInstallData *)loaderData->stage2Data)->trustedssl = trustedssl;
}

if (proxy) {
diff --git a/loader/urls.c b/loader/urls.c
index f0a086f..9644f2d 100644
--- a/loader/urls.c
+++ b/loader/urls.c
@@ -63,6 +63,11 @@ int progress_cb(void *data, double dltotal, double dlnow, double ultotal, double
return 0;
}

+void urlinfo_copy(struct iurlinfo *dst, const struct iurlinfo *src) {
+ dst->url = strdup(src->url);
+ dst->trustedssl = src->trustedssl;
+}
+
int splitProxyParam(char *param, char **user, char **password, char **proxy) {
/* proxy=[protocol://][username[:password]@]host[:port] */
char *pattern = "([A-Za-z]+://)?(([A-Za-z0-9]+)(:[^:@]+)?@)?([^:/]+)(:[0-9]+)?(/.*)?";
@@ -163,6 +168,10 @@ int urlinstTransfer(struct loaderData_s *loaderData, struct iurlinfo *ui,

curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
}
+
+ if (ui->trustedssl) {
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+ }

/* Only set up the progress bar if we've got a UI to display it. */
if (FL_CMDLINE(flags)) {
diff --git a/loader/urls.h b/loader/urls.h
index 4ca538f..362a126 100644
--- a/loader/urls.h
+++ b/loader/urls.h
@@ -25,8 +25,11 @@

struct iurlinfo {
char * url;
+ int trustedssl;
};

+void urlinfo_copy(struct iurlinfo *dst, const struct iurlinfo *src);
+
int splitProxyParam(char *param, char **user, char **password, char **proxy);
int urlMainSetupPanel(struct loaderData_s *loaderData, struct iurlinfo * ui);
int urlinstTransfer(struct loaderData_s *loaderData, struct iurlinfo *ui,
--
1.7.1

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list


All times are GMT. The time now is 06:24 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.