Skip to content

Commit

Permalink
Merge pull request #3 from STNS/tls
Browse files Browse the repository at this point in the history 
support tls authentication
  • Loading branch information
@pyama86
pyama86 authored Feb 20, 2019
2 parents 310abc2 + 438033e commit 1d4d556
Show file tree
Hide file tree
Showing 5 changed files with 31 additions and 1 deletion.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,7 @@ changelog:
git-chglog -o CHANGELOG.md

docker:
docker rm -f libnss-stns
docker rm -f libnss-stns | true
docker build -f dockerfiles/Dockerfile -t libnss_develop .
docker run --privileged -d --name libnss-stns -v "`pwd`":/stns -it libnss_develop /sbin/init
docker exec -it libnss-stns /bin/bash
Expand Down
8 changes: 8 additions & 0 deletions stns.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ void stns_load_config(char *filename, stns_conf_t *c)
{
char errbuf[200];
const char *raw;
toml_table_t *in_tab;

FILE *fp = fopen(filename, "r");
if (!fp) {
Expand All @@ -81,6 +82,8 @@ void stns_load_config(char *filename, stns_conf_t *c)
GET_TOML_BYKEY(query_wrapper, toml_rtos, NULL, TOML_NULL_OR_INT);
GET_TOML_BYKEY(chain_ssh_wrapper, toml_rtos, NULL, TOML_NULL_OR_INT);
GET_TOML_BYKEY(http_proxy, toml_rtos, NULL, TOML_NULL_OR_INT);
GET_TOML_BY_TABLE_KEY(tls, key, toml_rtos, NULL, TOML_NULL_OR_INT);
GET_TOML_BY_TABLE_KEY(tls, cert, toml_rtos, NULL, TOML_NULL_OR_INT);

GET_TOML_BYKEY(uid_shift, toml_rtoi, 0, TOML_NULL_OR_INT);
GET_TOML_BYKEY(gid_shift, toml_rtoi, 0, TOML_NULL_OR_INT);
Expand Down Expand Up @@ -224,6 +227,11 @@ static CURLcode inner_http_request(stns_conf_t *c, char *path, stns_response_t *
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1);
curl_easy_setopt(curl, CURLOPT_FAILONERROR, 1);

if (c->tls_cert != NULL && c->tls_key != NULL) {
curl_easy_setopt(curl, CURLOPT_SSLCERT, c->tls_cert);
curl_easy_setopt(curl, CURLOPT_SSLKEY, c->tls_key);
}

if (c->user != NULL) {
curl_easy_setopt(curl, CURLOPT_USERNAME, c->user);
}
Expand Down
14 changes: 14 additions & 0 deletions stns.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ struct stns_conf_t {
char *chain_ssh_wrapper;
char *http_proxy;
char *cache_dir;
char *tls_cert;
char *tls_key;
int uid_shift;
int gid_shift;
int ssl_verify;
Expand Down Expand Up @@ -278,6 +280,18 @@ extern void set_group_lowest_id(int);
} else { \
str_or_int(m, empty) \
}
#define GET_TOML_BY_TABLE_KEY(t, m, method, empty, str_or_int) \
if (0 != (in_tab = toml_table_in(tab, #t))) { \
if (0 != (raw = toml_raw_in(in_tab, #m))) { \
if (0 != method(raw, &c->t##_##m)) { \
syslog(LOG_ERR, "%s(stns)[L%d] cannot parse toml file:%s key:%s", __func__, __LINE__, filename, #m); \
} \
} else { \
str_or_int(t##_##m, empty) \
} \
} else { \
str_or_int(t##_##m, empty) \
}

#define UNLOAD_TOML_BYKEY(m) \
if (c->m != NULL) { \
Expand Down
4 changes: 4 additions & 0 deletions stns_test.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,8 @@ Test(stns_load_config, load_ok)
cr_assert_eq(c.request_timeout, 3);
cr_assert_eq(c.request_retry, 3);
cr_assert_eq(c.negative_cache_ttl, 10);
cr_assert_str_eq(c.tls_cert, "example_cert");
cr_assert_str_eq(c.tls_key, "example_key");
}

Test(stns_request, http_request)
Expand All @@ -69,6 +71,8 @@ Test(stns_request, http_request)
c.user = NULL;
c.password = NULL;
c.query_wrapper = NULL;
c.tls_cert = NULL;
c.tls_key = NULL;
c.request_timeout = 3;
c.request_retry = 3;
c.auth_token = NULL;
Expand Down
4 changes: 4 additions & 0 deletions test/stns.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,7 @@ gid_shift = 2000
request_timeout = 3
request_retry = 3
negative_cache_ttl = 10

[tls]
cert = "example_cert"
key = "example_key"

0 comments on commit 1d4d556

Please sign in to comment.