Skip to content

Commit 5c65335

Browse files
tgoetzemrtazz
authored andcommitted
Add option to set the Certificate Authority (CA) Info option. (mrtazz#44)
* Add option to set the Certificate Authority (CA) Info option. This is used when verifying a peer. See CURLOPT_CAINFO.
1 parent f452149 commit 5c65335

4 files changed

Lines changed: 36 additions & 1 deletion

File tree

README.md

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ timeouts or authentication, there is also a different, more configurable way.
5050
RestClient::init();
5151

5252
// get a connection object
53-
RestClient::Connection conn* = new RestClient::Connection("http://url.com");
53+
RestClient::Connection* conn = new RestClient::Connection("http://url.com");
5454

5555
// configure basic auth
5656
conn->SetBasicAuth("WarMachine68", "WARMACHINEROX");
@@ -73,6 +73,9 @@ conn->SetHeaders(headers)
7373
// append additional headers
7474
conn->AppendHeader("X-MY-HEADER", "foo")
7575

76+
// if using a non-standard Certificate Authority (CA) trust file
77+
conn->SetCAInfoFilePath("/etc/custom-ca.crt")
78+
7679
RestClient::Response r = conn->get("/get")
7780
RestClient::Response r = conn->post("/post", "text/json", "{\"foo\": \"bla\"}")
7881
RestClient::Response r = conn->put("/put", "text/json", "{\"foo\": \"bla\"}")

include/restclient-cpp/connection.h

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -122,6 +122,10 @@ class Connection {
122122
// (this will result in the UA "foo/cool restclient-cpp/VERSION")
123123
void SetUserAgent(const std::string& userAgent);
124124

125+
// set the Certificate Authority (CA) Info which is the path to file holding
126+
// certificates to be used to verify peers. See CURLOPT_CAINFO
127+
void SetCAInfoFilePath(const std::string& caInfoFilePath);
128+
125129
std::string GetUserAgent();
126130

127131
RestClient::Connection::Info GetInfo();
@@ -156,6 +160,7 @@ class Connection {
156160
std::string password;
157161
} basicAuth;
158162
std::string customUserAgent;
163+
std::string caInfoFilePath;
159164
RequestInfo lastRequest;
160165
RestClient::Response performCurlRequest(const std::string& uri);
161166
};

source/connection.cc

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,18 @@ RestClient::Connection::SetUserAgent(const std::string& userAgent) {
119119
this->customUserAgent = userAgent;
120120
}
121121

122+
/**
123+
* @brief set custom Certificate Authority (CA) path
124+
*
125+
* @param caInfoFilePath - The path to a file holding the certificates used to
126+
* verify the peer with. See CURLOPT_CAINFO
127+
*
128+
*/
129+
void
130+
RestClient::Connection::SetCAInfoFilePath(const std::string& caInfoFilePath) {
131+
this->caInfoFilePath = caInfoFilePath;
132+
}
133+
122134
/**
123135
* @brief get the user agent to add to the request
124136
*
@@ -225,6 +237,11 @@ RestClient::Connection::performCurlRequest(const std::string& uri) {
225237
if (this->followRedirects == true) {
226238
curl_easy_setopt(this->curlHandle, CURLOPT_FOLLOWLOCATION, 1L);
227239
}
240+
// if provided, supply CA path
241+
if (!this->caInfoFilePath.empty()) {
242+
curl_easy_setopt(this->curlHandle, CURLOPT_CAINFO,
243+
this->caInfoFilePath.c_str());
244+
}
228245
res = curl_easy_perform(this->curlHandle);
229246
if (res != CURLE_OK) {
230247
if (res == CURLE_OPERATION_TIMEDOUT) {

test/test_connection.cc

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,16 @@ TEST_F(ConnectionTest, TestTimeout)
3939
EXPECT_EQ(28, res.code);
4040
}
4141

42+
TEST_F(ConnectionTest, TestFailForInvalidCA)
43+
{
44+
// set a non-existing file for the CA file and it should fail to verify the peer
45+
conn->SetCAInfoFilePath("non-existent file");
46+
RestClient::Response res = conn->get("/get");
47+
48+
EXPECT_EQ("Failed to query.", res.body);
49+
EXPECT_EQ(-1, res.code);
50+
}
51+
4252
TEST_F(ConnectionTest, TestDefaultUserAgent)
4353
{
4454
RestClient::Response res = conn->get("/get");

0 commit comments

Comments
 (0)