0e29290b08
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/sblim-wbemcli.git#c3960d721aea8b4e2951e27258956685fef9052a
60 lines
2.8 KiB
Diff
60 lines
2.8 KiB
Diff
diff -up sblim-wbemcli-1.6.1/CimCurl.cpp.orig sblim-wbemcli-1.6.1/CimCurl.cpp
|
|
--- sblim-wbemcli-1.6.1/CimCurl.cpp.orig 2009-03-04 20:10:54.000000000 +0100
|
|
+++ sblim-wbemcli-1.6.1/CimCurl.cpp 2015-08-10 13:59:47.312019828 +0200
|
|
@@ -165,8 +165,36 @@ void CimomCurl::genRequest(URL &url, con
|
|
rv = curl_easy_setopt(mHandle, CURLOPT_SSL_VERIFYHOST, 0);
|
|
// rv = curl_easy_setopt(mHandle, CURLOPT_SSL_VERIFYPEER, 0);
|
|
|
|
- /* Force using SSL V3 */
|
|
- rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, 3);
|
|
+ /* Force use of a specific SSL/TLS version */
|
|
+ char * curlSslVer = getenv("WBEMCLI_CURL_SSLVERSION");
|
|
+ if (curlSslVer) {
|
|
+ if (!strcasecmp(curlSslVer,"SSLv2"))
|
|
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv2);
|
|
+ else if (!strcasecmp(curlSslVer,"SSLv3"))
|
|
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
|
|
+ else if (!strcasecmp(curlSslVer,"TLSv1"))
|
|
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
|
|
+ else if (!strcasecmp(curlSslVer,"TLSv1.0") || !strcasecmp(curlSslVer,"TLSv1_0"))
|
|
+#if LIBCURL_VERSION_NUM >= 0x072200
|
|
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
|
|
+#else
|
|
+ throw URLException("WBEMCLI_CURL_SSLVERSION=TLSv1.0 requires libcurl 7.34 or greater");
|
|
+#endif
|
|
+ else if (!strcasecmp(curlSslVer,"TLSv1.1") || !strcasecmp(curlSslVer,"TLSv1_1"))
|
|
+#if LIBCURL_VERSION_NUM >= 0x072200
|
|
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);
|
|
+#else
|
|
+ throw URLException("WBEMCLI_CURL_SSLVERSION=TLSv1.1 requires libcurl 7.34 or greater");
|
|
+#endif
|
|
+ else if (!strcasecmp(curlSslVer,"TLSv1.2") || !strcasecmp(curlSslVer,"TLSv1_2"))
|
|
+#if LIBCURL_VERSION_NUM >= 0x072200
|
|
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
|
|
+#else
|
|
+ throw URLException("WBEMCLI_CURL_SSLVERSION=TLSv1.2 requires libcurl 7.34 or greater");
|
|
+#endif
|
|
+ else
|
|
+ throw URLException("unknown WBEMCLI_CURL_SSLVERSION");
|
|
+ }
|
|
|
|
/* Set username and password */
|
|
if (url.user.length() > 0 && url.password.length() > 0) {
|
|
diff -up sblim-wbemcli-1.6.1/man/wbemcli.1.pre.in.orig sblim-wbemcli-1.6.1/man/wbemcli.1.pre.in
|
|
--- sblim-wbemcli-1.6.1/man/wbemcli.1.pre.in.orig 2015-08-10 14:00:11.217163540 +0200
|
|
+++ sblim-wbemcli-1.6.1/man/wbemcli.1.pre.in 2015-08-10 14:00:31.215283763 +0200
|
|
@@ -554,6 +554,13 @@ The example in the previous section can
|
|
wbemcli gi 'myCimom/root/cimv2:rpm_package.name="glibc"'
|
|
.PP
|
|
|
|
+.SH ENVIRONMENT
|
|
+.TP
|
|
+.B WBEMCLI_CURL_SSLVERSION
|
|
+Specifies the SSL protocol that will be used.
|
|
+Valid values are SSLv2, SSLv3, TLSv1, TLSv1.0, TLSv1.1 or TLSv1.2.
|
|
+If this variable is not set, wbemcli will attempt to figure out the
|
|
+remote SSL protocol version.
|
|
.SH FILES
|
|
.TP
|
|
.I @CACERT@
|