* 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
* Authors:
- * Florian octo Forster <octo at verplant.org>
+ * Florian octo Forster <octo at collectd.org>
* Doug MacEachern <dougm@hyperic.com>
* Paul Sadauskas <psadauskas@gmail.com>
**/
_Bool verify_peer;
_Bool verify_host;
char *cacert;
+ char *capath;
+ char *clientkey;
+ char *clientcert;
+ char *clientkeypass;
+ long sslversion;
_Bool store_rates;
#define WH_FORMAT_COMMAND 0
curl_easy_setopt (cb->curl, CURLOPT_SSL_VERIFYPEER, (long) cb->verify_peer);
curl_easy_setopt (cb->curl, CURLOPT_SSL_VERIFYHOST,
cb->verify_host ? 2L : 0L);
+ curl_easy_setopt (cb->curl, CURLOPT_SSLVERSION, cb->sslversion);
if (cb->cacert != NULL)
curl_easy_setopt (cb->curl, CURLOPT_CAINFO, cb->cacert);
+ if (cb->capath != NULL)
+ curl_easy_setopt (cb->curl, CURLOPT_CAPATH, cb->capath);
+
+ if (cb->clientkey != NULL && cb->clientcert != NULL)
+ {
+ curl_easy_setopt (cb->curl, CURLOPT_SSLKEY, cb->clientkey);
+ curl_easy_setopt (cb->curl, CURLOPT_SSLCERT, cb->clientcert);
+
+ if (cb->clientkeypass != NULL)
+ curl_easy_setopt (cb->curl, CURLOPT_SSLKEYPASSWD, cb->clientkeypass);
+ }
wh_reset_buffer (cb);
sfree (cb->pass);
sfree (cb->credentials);
sfree (cb->cacert);
+ sfree (cb->capath);
+ sfree (cb->clientkey);
+ sfree (cb->clientcert);
+ sfree (cb->clientkeypass);
sfree (cb);
} /* }}} void wh_callback_free */
return (-1);
}
memset (cb, 0, sizeof (*cb));
- cb->location = NULL;
- cb->user = NULL;
- cb->pass = NULL;
- cb->credentials = NULL;
cb->verify_peer = 1;
cb->verify_host = 1;
- cb->cacert = NULL;
cb->format = WH_FORMAT_COMMAND;
- cb->curl = NULL;
+ cb->sslversion = CURL_SSLVERSION_DEFAULT;
pthread_mutex_init (&cb->send_lock, /* attr = */ NULL);
cf_util_get_boolean (child, &cb->verify_host);
else if (strcasecmp ("CACert", child->key) == 0)
cf_util_get_string (child, &cb->cacert);
+ else if (strcasecmp ("CAPath", child->key) == 0)
+ cf_util_get_string (child, &cb->capath);
+ else if (strcasecmp ("ClientKey", child->key) == 0)
+ cf_util_get_string (child, &cb->clientkey);
+ else if (strcasecmp ("ClientCert", child->key) == 0)
+ cf_util_get_string (child, &cb->clientcert);
+ else if (strcasecmp ("ClientKeyPass", child->key) == 0)
+ cf_util_get_string (child, &cb->clientkeypass);
+ else if (strcasecmp ("SSLVersion", child->key) == 0)
+ {
+ char *value = NULL;
+
+ cf_util_get_string (child, &value);
+
+ if (value == NULL || strcasecmp ("default", value) == 0)
+ cb->sslversion = CURL_SSLVERSION_DEFAULT;
+ else if (strcasecmp ("SSLv2", value) == 0)
+ cb->sslversion = CURL_SSLVERSION_SSLv2;
+ else if (strcasecmp ("SSLv3", value) == 0)
+ cb->sslversion = CURL_SSLVERSION_SSLv3;
+ else if (strcasecmp ("TLSv1", value) == 0)
+ cb->sslversion = CURL_SSLVERSION_TLSv1;
+#if (LIBCURL_VERSION_MAJOR > 7) || (LIBCURL_VERSION_MAJOR == 7 && LIBCURL_VERSION_MINOR >= 34)
+ else if (strcasecmp ("TLSv1_0", value) == 0)
+ cb->sslversion = CURL_SSLVERSION_TLSv1_0;
+ else if (strcasecmp ("TLSv1_1", value) == 0)
+ cb->sslversion = CURL_SSLVERSION_TLSv1_1;
+ else if (strcasecmp ("TLSv1_2", value) == 0)
+ cb->sslversion = CURL_SSLVERSION_TLSv1_2;
+#endif
+ else
+ ERROR ("write_http plugin: Invalid SSLVersion "
+ "option: %s.", value);
+
+ sfree(value);
+ }
else if (strcasecmp ("Format", child->key) == 0)
config_set_format (cb, child);
else if (strcasecmp ("StoreRates", child->key) == 0)
return (0);
} /* }}} int wh_config */
+static int wh_init (void) /* {{{ */
+{
+ /* Call this while collectd is still single-threaded to avoid
+ * initialization issues in libgcrypt. */
+ curl_global_init (CURL_GLOBAL_SSL);
+ return (0);
+} /* }}} int wh_init */
+
void module_register (void) /* {{{ */
{
plugin_register_complex_config ("write_http", wh_config);
+ plugin_register_init ("write_http", wh_init);
} /* }}} void module_register */
/* vim: set fdm=marker sw=8 ts=8 tw=78 et : */