[Libguestfs] [PATCH 3/3] nbdkit/curl: handle zero-length CAInfo string in nbdkit curl plugin.

[Przemyslaw Czarnowski]

From: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski at intel.com>

Recent change in libcurl causes the certificate store file option
(CAINFO) to be set to a specific value during the compilation.
To mitigate this behavior, zero-length string is passed as option
cainfo to nbdkit curl plugin, which sets the CAINFO option to null.

Signed-off-by: Wiktor Golgowski <wiktor.golgowski at intel.com>
Signed-off-by: Przemyslaw Czarnowski <przemyslaw.hawrylewicz.czarnowski at intel.com>
---
 plugins/curl/curl.c                 | 8 ++++++--
 plugins/curl/nbdkit-curl-plugin.pod | 3 +++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/plugins/curl/curl.c b/plugins/curl/curl.c
index 2e823b3f..a1b0afba 100644
--- a/plugins/curl/curl.c
+++ b/plugins/curl/curl.c
@@ -503,8 +503,12 @@ curl_open (int readonly)
   curl_easy_setopt (h->c, CURLOPT_FAILONERROR, 1L);
 
   /* Options. */
-  if (cainfo)
-    curl_easy_setopt (h->c, CURLOPT_CAINFO, cainfo);
+  if (cainfo) {
+    if (strlen (cainfo) == 0)
+      curl_easy_setopt (h->c, CURLOPT_CAINFO, NULL);
+    else
+      curl_easy_setopt (h->c, CURLOPT_CAINFO, cainfo);
+  }
   if (capath)
     curl_easy_setopt (h->c, CURLOPT_CAPATH, capath);
   if (cookie)
diff --git a/plugins/curl/nbdkit-curl-plugin.pod b/plugins/curl/nbdkit-curl-plugin.pod
index 3842421e..44e050df 100644
--- a/plugins/curl/nbdkit-curl-plugin.pod
+++ b/plugins/curl/nbdkit-curl-plugin.pod
@@ -42,6 +42,9 @@ ports and protocols used to serve NBD see L<nbdkit(1)>).
 
 Configure CA bundle for libcurl. See L<CURLOPT_CAINFO(3)> for details.
 
+Pass empty string in order to not use the default certificate store
+that libcurl is compiled with.
+
 =item B<capath=>PATH
 
 (nbdkit E<ge> 1.18)
-- 
2.26.2