Menu
▾
▴
[Sblim-commit] wbemcli ChangeLog, 1.40, 1.41 CimCurl.cpp, 1.17, 1.18 NEWS, 1.47, 1.48
|
From: Dave H. <hel...@us...> - 2013-09-20 23:26:35
|
Update of /cvsroot/sblim/wbemcli In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv32423 Modified Files: ChangeLog CimCurl.cpp NEWS Log Message: Fixed 0002629: Do not attempt connect if missing cacert Index: NEWS =================================================================== RCS file: /cvsroot/sblim/wbemcli/NEWS,v retrieving revision 1.47 retrieving revision 1.48 diff -u -d -r1.47 -r1.48 --- NEWS 19 Sep 2013 14:34:26 -0000 1.47 +++ NEWS 20 Sep 2013 23:26:33 -0000 1.48 @@ -8,6 +8,7 @@ - 0002626 Add IPv6 LLA support to wbemcli - 0002627 Add -w option to wbemcli - 0002665 Add -e100 option to wbemcli +- 0002629 Do not attempt connect if missing cacert Changes in Version 1.6.2 ======================== Index: ChangeLog =================================================================== RCS file: /cvsroot/sblim/wbemcli/ChangeLog,v retrieving revision 1.40 retrieving revision 1.41 diff -u -d -r1.40 -r1.41 --- ChangeLog 19 Sep 2013 14:34:25 -0000 1.40 +++ ChangeLog 20 Sep 2013 23:26:32 -0000 1.41 @@ -1,3 +1,9 @@ +2013-09-20 Dave Heller <hel...@us...> + + * CimCurl.cpp, NEWS: + + Fixed 0002629: Do not attempt connect if missing cacert + 2013-09-19 Dave Heller <hel...@us...> * CimCurl.cpp, CimXml.cpp, main.cpp, NEWS: Index: CimCurl.cpp =================================================================== RCS file: /cvsroot/sblim/wbemcli/CimCurl.cpp,v retrieving revision 1.17 retrieving revision 1.18 diff -u -d -r1.17 -r1.18 --- CimCurl.cpp 19 Sep 2013 14:34:26 -0000 1.17 +++ CimCurl.cpp 20 Sep 2013 23:26:32 -0000 1.18 @@ -29,6 +29,7 @@ #include "CimCurl.h" #include <unistd.h> // for getpass() +#include <cerrno> extern int useNl; extern int dumpXml; @@ -338,13 +339,21 @@ throw HttpException("Could not disable peer verification."); } } else if (cacert) { - if ((rv=curl_easy_setopt(mHandle,CURLOPT_SSL_VERIFYPEER,1))) { - cerr << getErrorMessage(rv) << endl; - throw HttpException("Could not enable peer verification."); - } - if ((rv=curl_easy_setopt(mHandle,CURLOPT_CAINFO,cacert))) { - cerr << getErrorMessage(rv) << endl; - throw HttpException("Could not load CA certificate."); + FILE *fp; + if ((fp = fopen(cacert, "r"))) { + if ((rv=curl_easy_setopt(mHandle,CURLOPT_SSL_VERIFYPEER,1))) { + cerr << getErrorMessage(rv) << endl; + throw HttpException("Could not enable peer verification."); + } + if ((rv=curl_easy_setopt(mHandle,CURLOPT_CAINFO,cacert))) { + cerr << getErrorMessage(rv) << endl; + throw HttpException("Could not load CA certificate."); + } + fclose(fp); + } else { + throw HttpException( + string("Could not open CA certificate file: ") + string(cacert) + + string(" (") + string(strerror(errno)) + string(")")); } } else { throw HttpException("Must either specify -noverify or -cacert for https URLs."); |
