|
 |
754fbd |
diff -up sblim-wbemcli-1.6.2/CimCurl.cpp.orig sblim-wbemcli-1.6.2/CimCurl.cpp
|
|
|
754fbd |
--- sblim-wbemcli-1.6.2/CimCurl.cpp.orig 2009-03-04 20:10:54.000000000 +0100
|
|
|
754fbd |
+++ sblim-wbemcli-1.6.2/CimCurl.cpp 2016-03-07 10:07:29.766255023 +0100
|
|
|
754fbd |
@@ -165,8 +165,28 @@ void CimomCurl::genRequest(URL &url, con
|
|
|
754fbd |
rv = curl_easy_setopt(mHandle, CURLOPT_SSL_VERIFYHOST, 0);
|
|
|
754fbd |
// rv = curl_easy_setopt(mHandle, CURLOPT_SSL_VERIFYPEER, 0);
|
|
|
754fbd |
|
|
|
754fbd |
- /* Force using SSL V3 */
|
|
|
754fbd |
- rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, 3);
|
|
|
754fbd |
+ /* Force use of a specific SSL/TLS version */
|
|
|
754fbd |
+ char * curlSslVer = getenv("WBEMCLI_CURL_SSLVERSION");
|
|
|
754fbd |
+ if (curlSslVer) {
|
|
|
754fbd |
+ if (!strcasecmp(curlSslVer,"SSLv2"))
|
|
|
754fbd |
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv2);
|
|
|
754fbd |
+ else if (!strcasecmp(curlSslVer,"SSLv3"))
|
|
|
754fbd |
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
|
|
|
754fbd |
+ else if (!strcasecmp(curlSslVer,"TLSv1"))
|
|
|
754fbd |
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
|
|
|
754fbd |
+ else if (!strcasecmp(curlSslVer,"TLSv1.0") || !strcasecmp(curlSslVer,"TLSv1_0"))
|
|
|
754fbd |
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
|
|
|
754fbd |
+ else if (!strcasecmp(curlSslVer,"TLSv1.1") || !strcasecmp(curlSslVer,"TLSv1_1"))
|
|
|
754fbd |
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);
|
|
|
754fbd |
+ else if (!strcasecmp(curlSslVer,"TLSv1.2") || !strcasecmp(curlSslVer,"TLSv1_2"))
|
|
|
754fbd |
+ rv = curl_easy_setopt(mHandle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
|
|
|
754fbd |
+ else
|
|
|
754fbd |
+ throw URLException("unknown WBEMCLI_CURL_SSLVERSION");
|
|
|
754fbd |
+ }
|
|
|
754fbd |
+
|
|
|
754fbd |
+ if (rv != CURLE_OK) {
|
|
|
754fbd |
+ throw URLException("unsupported WBEMCLI_CURL_SSLVERSION in this curl library");
|
|
|
754fbd |
+ }
|
|
|
754fbd |
|
|
|
754fbd |
/* Set username and password */
|
|
|
754fbd |
if (url.user.length() > 0 && url.password.length() > 0) {
|
|
|
754fbd |
diff -up sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in.orig sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in
|
|
|
754fbd |
--- sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in.orig 2009-06-20 01:10:57.000000000 +0200
|
|
|
754fbd |
+++ sblim-wbemcli-1.6.2/man/wbemcli.1.pre.in 2016-03-07 10:07:29.766255023 +0100
|
|
|
754fbd |
@@ -554,6 +554,14 @@ The example in the previous section can
|
|
|
754fbd |
wbemcli gi 'myCimom/root/cimv2:rpm_package.name="glibc"'
|
|
|
754fbd |
.PP
|
|
|
754fbd |
|
|
|
754fbd |
+.SH ENVIRONMENT
|
|
|
754fbd |
+.TP
|
|
|
754fbd |
+.B WBEMCLI_CURL_SSLVERSION
|
|
|
754fbd |
+Specifies the SSL protocol that will be used.
|
|
|
754fbd |
+Valid values are SSLv2, SSLv3, TLSv1, TLSv1.0 (TLSv1_0), TLSv1.1 (TLSv1_1)
|
|
|
754fbd |
+or TLSv1.2 (TLSv1_2).
|
|
|
754fbd |
+If this variable is not set, wbemcli will attempt to figure out the
|
|
|
754fbd |
+remote SSL protocol version.
|
|
|
754fbd |
.SH FILES
|
|
|
754fbd |
.TP
|
|
|
754fbd |
.I @CACERT@
|