octoleo/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2025-01-22 21:38:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #553 from orozery/custom_cipher_suite

Browse Source 
add TLS cipher suites customization
This commit is contained in:
Takeshi Nakatani 2017-04-16 19:09:27 +09:00 committed by GitHub
commit efba9bcbc1
5 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/man/s3fs.1
View File

@ -243,6 +243,11 @@ Enable compatibility with S3-like APIs which do not support the virtual-host req
Usually s3fs outputs of the User-Agent in "s3fs/<version> (commit hash <hash>; <using ssl library name>)" format.
If this option is specified, s3fs suppresses the output of the User-Agent.
.TP
\fB\-o\fR cipher_suites
Customize TLS cipher suite list. Expects a colon separated list of cipher suite names.
A list of available cipher suites, depending on your TLS engine, can be found on the CURL library documentation:
https://curl.haxx.se/docs/ssl-ciphers.html
.TP
\fB\-o\fR dbglevel (default="crit")
Set the debug message level. set value as crit(critical), err(error), warn(warning), info(information) to debug level. default debug level is critical.
If s3fs run with "-d" option, the debug level is set information.

1
src/common.h
View File

@ -158,6 +158,7 @@ extern std::string host;
extern std::string bucket;
extern std::string mount_prefix;
extern std::string endpoint;
extern std::string cipher_suites;
extern s3fs_log_level debug_level;
extern const char* s3fs_log_nest[S3FS_LOG_NEST_MAX];

3
src/curl.cpp
View File

@ -1616,6 +1616,9 @@ bool S3fsCurl::ResetHandle(void)
curl_easy_setopt(hCurl, CURLOPT_DEBUGFUNCTION, S3fsCurl::CurlDebugFunc);
}
}
if(!cipher_suites.empty()) {
curl_easy_setopt(hCurl, CURLOPT_SSL_CIPHER_LIST, cipher_suites.c_str());
}
S3fsCurl::curl_times[hCurl] = time(0);
S3fsCurl::curl_progress[hCurl] = progress_t(-1, -1);

5
src/s3fs.cpp
View File

@ -93,6 +93,7 @@ std::string service_path = "/";
std::string host = "http://s3.amazonaws.com";
std::string bucket = "";
std::string endpoint = "us-east-1";
std::string cipher_suites = "";
s3fs_log_level debug_level = S3FS_LOG_CRIT;
const char* s3fs_log_nest[S3FS_LOG_NEST_MAX] = {"", " ", " ", " "};
@ -4722,6 +4723,10 @@ static int my_fuse_opt_proc(void* data, const char* arg, int key, struct fuse_ar
}
return 0;
}
if(0 == STR2NCMP(arg, "cipher_suites=")){
cipher_suites = strchr(arg, '=') + sizeof(char);
return 0;
}
//
// debug option for s3fs
//

7
src/s3fs_util.cpp
View File

@ -1179,6 +1179,13 @@ void show_help (void)
" curldbg - put curl debug message\n"
" Put the debug message from libcurl when this option is specified.\n"
"\n"
" cipher_suites - customize TLS cipher suite list\n"
" Customize the list of TLS cipher suites.\n"
" Expects a colon separated list of cipher suite names.\n"
" A list of available cipher suites, depending on your TLS engine,\n"
" can be found on the CURL library documentation:\n"
" https://curl.haxx.se/docs/ssl-ciphers.html\n"
"\n"
"FUSE/mount Options:\n"
"\n"
" Most of the generic mount options described in 'man mount' are\n"