Update of /cvsroot/sblim/wbemcli
In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv32423
Modified Files:
ChangeLog CimCurl.cpp NEWS
Log Message:
Fixed 0002629: Do not attempt connect if missing cacert
Index: NEWS
===================================================================
RCS file: /cvsroot/sblim/wbemcli/NEWS,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -d -r1.47 -r1.48
--- NEWS 19 Sep 2013 14:34:26 -0000 1.47
+++ NEWS 20 Sep 2013 23:26:33 -0000 1.48
@@ -8,6 +8,7 @@
- 0002626 Add IPv6 LLA support to wbemcli
- 0002627 Add -w option to wbemcli
- 0002665 Add -e100 option to wbemcli
+- 0002629 Do not attempt connect if missing cacert
Changes in Version 1.6.2
========================
Index: ChangeLog
===================================================================
RCS file: /cvsroot/sblim/wbemcli/ChangeLog,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -d -r1.40 -r1.41
--- ChangeLog 19 Sep 2013 14:34:25 -0000 1.40
+++ ChangeLog 20 Sep 2013 23:26:32 -0000 1.41
@@ -1,3 +1,9 @@
+2013-09-20 Dave Heller <hel...@us...>
+
+ * CimCurl.cpp, NEWS:
+
+ Fixed 0002629: Do not attempt connect if missing cacert
+
2013-09-19 Dave Heller <hel...@us...>
* CimCurl.cpp, CimXml.cpp, main.cpp, NEWS:
Index: CimCurl.cpp
===================================================================
RCS file: /cvsroot/sblim/wbemcli/CimCurl.cpp,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -d -r1.17 -r1.18
--- CimCurl.cpp 19 Sep 2013 14:34:26 -0000 1.17
+++ CimCurl.cpp 20 Sep 2013 23:26:32 -0000 1.18
@@ -29,6 +29,7 @@
#include "CimCurl.h"
#include <unistd.h> // for getpass()
+#include <cerrno>
extern int useNl;
extern int dumpXml;
@@ -338,13 +339,21 @@
throw HttpException("Could not disable peer verification.");
}
} else if (cacert) {
- if ((rv=curl_easy_setopt(mHandle,CURLOPT_SSL_VERIFYPEER,1))) {
- cerr << getErrorMessage(rv) << endl;
- throw HttpException("Could not enable peer verification.");
- }
- if ((rv=curl_easy_setopt(mHandle,CURLOPT_CAINFO,cacert))) {
- cerr << getErrorMessage(rv) << endl;
- throw HttpException("Could not load CA certificate.");
+ FILE *fp;
+ if ((fp = fopen(cacert, "r"))) {
+ if ((rv=curl_easy_setopt(mHandle,CURLOPT_SSL_VERIFYPEER,1))) {
+ cerr << getErrorMessage(rv) << endl;
+ throw HttpException("Could not enable peer verification.");
+ }
+ if ((rv=curl_easy_setopt(mHandle,CURLOPT_CAINFO,cacert))) {
+ cerr << getErrorMessage(rv) << endl;
+ throw HttpException("Could not load CA certificate.");
+ }
+ fclose(fp);
+ } else {
+ throw HttpException(
+ string("Could not open CA certificate file: ") + string(cacert)
+ + string(" (") + string(strerror(errno)) + string(")"));
}
} else {
throw HttpException("Must either specify -noverify or -cacert for https URLs.");
|
