From 64129e85cc5245a1a018ca1996d4be6ea0b02a0f Mon Sep 17 00:00:00 2001 From: Samunroyu <36890229+Samunroyu@users.noreply.github.com> Date: Tue, 21 Nov 2023 11:54:44 +0800 Subject: [PATCH] feat(thirdparty): compile curl with gssapi (#1683) The key manager get EEK from Apache Ranger KMS should set CURLOPT_HTTPAUTH with negotiate. So it's needed to compile libcurl with gssapi flag. --- src/http/http_client.cpp | 22 ++++++++++++++++++++++ src/http/http_client.h | 3 +++ src/http/http_method.h | 8 ++++++++ thirdparty/CMakeLists.txt | 7 ++++--- 4 files changed, 37 insertions(+), 3 deletions(-) diff --git a/src/http/http_client.cpp b/src/http/http_client.cpp index 32ae5eaea1..41e6b7f426 100644 --- a/src/http/http_client.cpp +++ b/src/http/http_client.cpp @@ -219,6 +219,28 @@ dsn::error_s http_client::set_method(http_method method) return dsn::error_s::ok(); } +dsn::error_s http_client::set_auth(http_auth_type authType) +{ + switch (authType) { + case http_auth_type::SPNEGO: + RETURN_IF_SETOPT_NOT_OK(CURLOPT_HTTPAUTH, CURLAUTH_NEGOTIATE); + break; + case http_auth_type::DIGEST: + RETURN_IF_SETOPT_NOT_OK(CURLOPT_HTTPAUTH, CURLAUTH_DIGEST); + break; + case http_auth_type::BASIC: + RETURN_IF_SETOPT_NOT_OK(CURLOPT_HTTPAUTH, CURLAUTH_BASIC); + break; + case http_auth_type::NONE: + break; + default: + RETURN_IF_SETOPT_NOT_OK(CURLOPT_HTTPAUTH, CURLAUTH_ANY); + break; + } + + return dsn::error_s::ok(); +} + dsn::error_s http_client::set_timeout(long timeout_ms) { RETURN_IF_SETOPT_NOT_OK(CURLOPT_TIMEOUT_MS, timeout_ms); diff --git a/src/http/http_client.h b/src/http/http_client.h index 190af11f2b..fe4b0ed18a 100644 --- a/src/http/http_client.h +++ b/src/http/http_client.h @@ -93,6 +93,9 @@ class http_client // Specify the maximum time in milliseconds that a request is allowed to complete. dsn::error_s set_timeout(long timeout_ms); + // Specify the http auth type which include NONE BASIC DIGEST SPNEGO + dsn::error_s set_auth(http_auth_type authType); + // Operations for the header fields. void clear_header_fields(); void set_accept(dsn::string_view val); diff --git a/src/http/http_method.h b/src/http/http_method.h index f337d24e78..5e13c756fc 100644 --- a/src/http/http_method.h +++ b/src/http/http_method.h @@ -28,6 +28,14 @@ enum class http_method INVALID = 100, }; +enum class http_auth_type +{ + NONE, + BASIC, + DIGEST, + SPNEGO, +}; + ENUM_BEGIN(http_method, http_method::INVALID) ENUM_REG2(http_method, GET) ENUM_REG2(http_method, POST) diff --git a/thirdparty/CMakeLists.txt b/thirdparty/CMakeLists.txt index 80a94828cb..8645ee1a1c 100644 --- a/thirdparty/CMakeLists.txt +++ b/thirdparty/CMakeLists.txt @@ -283,16 +283,17 @@ set(CURL_OPTIONS --disable-manual --disable-pop3 --disable-rtsp + --disable-shared --disable-smtp --disable-telnet --disable-tftp - --disable-shared + --without-libidn --without-librtmp - --without-zlib --without-libssh2 --without-ssl - --without-libidn + --without-zlib --without-zstd + --with-gssapi ) if (APPLE) set(CURL_OPTIONS