Add secure_connection param to BlobStore to configure security.
Default is https. Setting secure_connection=0 makes it http.
This commit is contained in:
Balachandar Namasivayam
parent
93497d7d42
commit
b2c32ea4f2
|
|
@ -49,6 +49,7 @@ BlobStoreEndpoint::Stats BlobStoreEndpoint::Stats::operator-(const Stats &rhs) {
|
||||||
BlobStoreEndpoint::Stats BlobStoreEndpoint::s_stats;
|
BlobStoreEndpoint::Stats BlobStoreEndpoint::s_stats;
|
||||||
|
|
||||||
BlobStoreEndpoint::BlobKnobs::BlobKnobs() {
|
BlobStoreEndpoint::BlobKnobs::BlobKnobs() {
|
||||||
|
secure_connection = 1;
|
||||||
connect_tries = CLIENT_KNOBS->BLOBSTORE_CONNECT_TRIES;
|
connect_tries = CLIENT_KNOBS->BLOBSTORE_CONNECT_TRIES;
|
||||||
connect_timeout = CLIENT_KNOBS->BLOBSTORE_CONNECT_TIMEOUT;
|
connect_timeout = CLIENT_KNOBS->BLOBSTORE_CONNECT_TIMEOUT;
|
||||||
max_connection_life = CLIENT_KNOBS->BLOBSTORE_MAX_CONNECTION_LIFE;
|
max_connection_life = CLIENT_KNOBS->BLOBSTORE_MAX_CONNECTION_LIFE;
|
||||||
|
|
@ -71,6 +72,7 @@ BlobStoreEndpoint::BlobKnobs::BlobKnobs() {
|
||||||
|
|
||||||
bool BlobStoreEndpoint::BlobKnobs::set(StringRef name, int value) {
|
bool BlobStoreEndpoint::BlobKnobs::set(StringRef name, int value) {
|
||||||
#define TRY_PARAM(n, sn) if(name == LiteralStringRef(#n) || name == LiteralStringRef(#sn)) { n = value; return true; }
|
#define TRY_PARAM(n, sn) if(name == LiteralStringRef(#n) || name == LiteralStringRef(#sn)) { n = value; return true; }
|
||||||
|
TRY_PARAM(secure_connection, sc)
|
||||||
TRY_PARAM(connect_tries, ct);
|
TRY_PARAM(connect_tries, ct);
|
||||||
TRY_PARAM(connect_timeout, cto);
|
TRY_PARAM(connect_timeout, cto);
|
||||||
TRY_PARAM(max_connection_life, mcl);
|
TRY_PARAM(max_connection_life, mcl);
|
||||||
|
|
@ -98,6 +100,7 @@ std::string BlobStoreEndpoint::BlobKnobs::getURLParameters() const {
|
||||||
static BlobKnobs defaults;
|
static BlobKnobs defaults;
|
||||||
std::string r;
|
std::string r;
|
||||||
#define _CHECK_PARAM(n, sn) if(n != defaults. n) { r += format("%s%s=%d", r.empty() ? "" : "&", #sn, n); }
|
#define _CHECK_PARAM(n, sn) if(n != defaults. n) { r += format("%s%s=%d", r.empty() ? "" : "&", #sn, n); }
|
||||||
|
_CHECK_PARAM(secure_connection, sc);
|
||||||
_CHECK_PARAM(connect_tries, ct);
|
_CHECK_PARAM(connect_tries, ct);
|
||||||
_CHECK_PARAM(connect_timeout, cto);
|
_CHECK_PARAM(connect_timeout, cto);
|
||||||
_CHECK_PARAM(max_connection_life, mcl);
|
_CHECK_PARAM(max_connection_life, mcl);
|
||||||
|
|
@ -149,7 +152,7 @@ Reference<BlobStoreEndpoint> BlobStoreEndpoint::fromString(std::string const &ur
|
||||||
StringRef value = t.eat("&");
|
StringRef value = t.eat("&");
|
||||||
char *valueEnd;
|
char *valueEnd;
|
||||||
int ivalue = strtol(value.toString().c_str(), &valueEnd, 10);
|
int ivalue = strtol(value.toString().c_str(), &valueEnd, 10);
|
||||||
if(*valueEnd || ivalue == 0)
|
if(*valueEnd || (ivalue == 0 && value.toString() != "0"))
|
||||||
throw format("%s is not a valid value for %s", value.toString().c_str(), name.toString().c_str());
|
throw format("%s is not a valid value for %s", value.toString().c_str(), name.toString().c_str());
|
||||||
if(!knobs.set(name, ivalue))
|
if(!knobs.set(name, ivalue))
|
||||||
throw format("%s is not a valid parameter name", name.toString().c_str());
|
throw format("%s is not a valid parameter name", name.toString().c_str());
|
||||||
|
|
@ -393,8 +396,10 @@ ACTOR Future<BlobStoreEndpoint::ReusableConnection> connect_impl(Reference<BlobS
|
||||||
return rconn;
|
return rconn;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
std::string service = b->service;
|
||||||
state Reference<IConnection> conn = wait(INetworkConnections::net()->connect(b->host, b->service.empty() ? "https" : b->service, true));
|
if (service.empty())
|
||||||
|
service = b->knobs.secure_connection ? "https" : "http";
|
||||||
|
state Reference<IConnection> conn = wait(INetworkConnections::net()->connect(b->host, service, b->knobs.secure_connection ? true : false));
|
||||||
|
|
||||||
TraceEvent("BlobStoreEndpointNewConnection")
|
TraceEvent("BlobStoreEndpointNewConnection")
|
||||||
.detail("RemoteEndpoint", conn->getPeerAddress())
|
.detail("RemoteEndpoint", conn->getPeerAddress())
|
||||||
|
|
|
||||||
|
|
@ -48,7 +48,8 @@ public:
|
||||||
|
|
||||||
struct BlobKnobs {
|
struct BlobKnobs {
|
||||||
BlobKnobs();
|
BlobKnobs();
|
||||||
int connect_tries,
|
int secure_connection,
|
||||||
|
connect_tries,
|
||||||
connect_timeout,
|
connect_timeout,
|
||||||
max_connection_life,
|
max_connection_life,
|
||||||
request_tries,
|
request_tries,
|
||||||
|
|
@ -70,6 +71,7 @@ public:
|
||||||
std::string getURLParameters() const;
|
std::string getURLParameters() const;
|
||||||
static std::vector<std::string> getKnobDescriptions() {
|
static std::vector<std::string> getKnobDescriptions() {
|
||||||
return {
|
return {
|
||||||
|
"secure_connection (or sc) Set 1 for secure connection and 0 for insecure connection.",
|
||||||
"connect_tries (or ct) Number of times to try to connect for each request.",
|
"connect_tries (or ct) Number of times to try to connect for each request.",
|
||||||
"connect_timeout (or cto) Number of seconds to wait for a connect request to succeed.",
|
"connect_timeout (or cto) Number of seconds to wait for a connect request to succeed.",
|
||||||
"max_connection_life (or mcl) Maximum number of seconds to use a single TCP connection.",
|
"max_connection_life (or mcl) Maximum number of seconds to use a single TCP connection.",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue