From fdac71b46721818f8656abeb5ae8bfee5f8feceb Mon Sep 17 00:00:00 2001
From: Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com>
Date: Tue, 7 Mar 2023 16:28:52 +0100
Subject: Just-MR: Add command line options for SSL verification during archive
 fetch

---
 src/other_tools/just_mr/cli.hpp   | 14 ++++++++++++++
 src/other_tools/just_mr/utils.hpp |  6 ++++++
 2 files changed, 20 insertions(+)

(limited to 'src')

diff --git a/src/other_tools/just_mr/cli.hpp b/src/other_tools/just_mr/cli.hpp
index 6ed07125..5548e073 100644
--- a/src/other_tools/just_mr/cli.hpp
+++ b/src/other_tools/just_mr/cli.hpp
@@ -38,6 +38,7 @@ struct MultiRepoCommonArguments {
     std::vector<std::string> explicit_distdirs{};
     JustMR::PathsPtr just_mr_paths = std::make_shared<JustMR::Paths>();
     std::optional<std::vector<std::string>> local_launcher{std::nullopt};
+    JustMR::CAInfoPtr ca_info = std::make_shared<JustMR::CAInfo>();
     std::optional<std::filesystem::path> just_path{std::nullopt};
     std::optional<std::string> main{std::nullopt};
     std::optional<std::filesystem::path> rc_path{std::nullopt};
@@ -123,6 +124,19 @@ static inline void SetupMultiRepoCommonArguments(
         ->type_name("PATH")
         ->trigger_on_parse();  // run callback on all instances while parsing,
                                // not after all parsing is done
+    app->add_flag("--no-fetch-ssl-verify",
+                  clargs->ca_info->no_ssl_verify,
+                  "Do not perform SSL verification when fetching archives from "
+                  "remote.");
+    app->add_option_function<std::string>(
+           "--fetch-cacert",
+           [clargs](auto const& cacert_raw) {
+               clargs->ca_info->ca_bundle = std::filesystem::weakly_canonical(
+                   std::filesystem::absolute(cacert_raw));
+           },
+           "CA certificate bundle to use for SSL verification when fetching "
+           "archives from remote.")
+        ->type_name("CA_BUNDLE");
     app->add_option("--just", clargs->just_path, "Path to the just binary.")
         ->type_name("PATH");
     app->add_option("--main",
diff --git a/src/other_tools/just_mr/utils.hpp b/src/other_tools/just_mr/utils.hpp
index 57202a11..5cb82eb3 100644
--- a/src/other_tools/just_mr/utils.hpp
+++ b/src/other_tools/just_mr/utils.hpp
@@ -115,7 +115,13 @@ struct Paths {
     std::vector<std::filesystem::path> distdirs{};
 };
 
+struct CAInfo {
+    bool no_ssl_verify{false};
+    std::optional<std::filesystem::path> ca_bundle{std::nullopt};
+};
+
 using PathsPtr = std::shared_ptr<JustMR::Paths>;
+using CAInfoPtr = std::shared_ptr<JustMR::CAInfo>;
 
 namespace Utils {
 
-- 
cgit v1.2.3