From patchwork Fri Sep 14 09:56:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Richard W.M. Jones" X-Patchwork-Id: 10600591 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5C791933 for ; Fri, 14 Sep 2018 09:57:44 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3A6EA2B450 for ; Fri, 14 Sep 2018 09:57:44 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2EA6F2B4BF; Fri, 14 Sep 2018 09:57:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 9A3962B4AB for ; Fri, 14 Sep 2018 09:57:43 +0000 (UTC) Received: from localhost ([::1]:50865 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g0kr8-0000Yu-SM for patchwork-qemu-devel@patchwork.kernel.org; Fri, 14 Sep 2018 05:57:42 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53844) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g0kq6-00085Y-M2 for qemu-devel@nongnu.org; Fri, 14 Sep 2018 05:56:39 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g0kq5-0005eu-NF for qemu-devel@nongnu.org; Fri, 14 Sep 2018 05:56:38 -0400 Received: from mx1.redhat.com ([209.132.183.28]:37042) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g0kpy-0005Le-Ku; Fri, 14 Sep 2018 05:56:30 -0400 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2051E601B; Fri, 14 Sep 2018 09:56:26 +0000 (UTC) Received: from moo.home.annexia.org (ovpn-116-114.ams2.redhat.com [10.36.116.114]) by smtp.corp.redhat.com (Postfix) with ESMTP id B5B80308BDA4; Fri, 14 Sep 2018 09:56:24 +0000 (UTC) From: "Richard W.M. Jones" To: jcody@redhat.com Date: Fri, 14 Sep 2018 10:56:22 +0100 Message-Id: <20180914095622.19698-1-rjones@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Fri, 14 Sep 2018 09:56:26 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH] curl: Make sslverify=off disable host as well as peer verification. X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, qemu-devel@nongnu.org, qemu-block@nongnu.org, mreitz@redhat.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP The sslverify setting is supposed to turn off all TLS certificate checks in libcurl. However because of the way we use it, it only turns off peer certificate authenticity checks (CURLOPT_SSL_VERIFYPEER). This patch makes it also turn off the check that the server name in the certificate is the same as the server you're connecting to (CURLOPT_SSL_VERIFYHOST). We can use Google's server at 8.8.8.8 which happens to have a bad TLS certificate to demonstrate this: $ ./qemu-img create -q -f qcow2 -b 'json: { "file.sslverify": "off", "file.driver": "https", "file.url": "https://8.8.8.8/foo" }' /var/tmp/file.qcow2 qemu-img: /var/tmp/file.qcow2: CURL: Error opening file: SSL: no alternative certificate subject name matches target host name '8.8.8.8' Could not open backing image to determine size. With this patch applied, qemu-img connects to the server regardless of the bad certificate: $ ./qemu-img create -q -f qcow2 -b 'json: { "file.sslverify": "off", "file.driver": "https", "file.url": "https://8.8.8.8/foo" }' /var/tmp/file.qcow2 qemu-img: /var/tmp/file.qcow2: CURL: Error opening file: The requested URL returned error: 404 Not Found (The 404 error is expected because 8.8.8.8 is not actually serving a file called "/foo".) Of course the default (without sslverify=off) remains to always check the certificate: $ ./qemu-img create -q -f qcow2 -b 'json: { "file.driver": "https", "file.url": "https://8.8.8.8/foo" }' /var/tmp/file.qcow2 qemu-img: /var/tmp/file.qcow2: CURL: Error opening file: SSL: no alternative certificate subject name matches target host name '8.8.8.8' Could not open backing image to determine size. Further information about the two settings is available here: https://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYPEER.html https://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYHOST.html Signed-off-by: Richard W.M. Jones --- block/curl.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/block/curl.c b/block/curl.c index 229bb84a27..fabb2b4da7 100644 --- a/block/curl.c +++ b/block/curl.c @@ -483,6 +483,8 @@ static int curl_init_state(BDRVCURLState *s, CURLState *state) curl_easy_setopt(state->curl, CURLOPT_URL, s->url); curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYPEER, (long) s->sslverify); + curl_easy_setopt(state->curl, CURLOPT_SSL_VERIFYHOST, + s->sslverify ? 2L : 0L); if (s->cookie) { curl_easy_setopt(state->curl, CURLOPT_COOKIE, s->cookie); }