ZOOKEEPER-1112: Add support for C client for SASL authentication Patch …

…apache#2 2nd patch * provides a simple api for sasl authentication (zoo_sasl_init, zoo_sasl_connect, zoo_sasl_authenticate) * requires libsasl2 (and plugins) * autoconf/make configuration * test for digest-md5 authentication * extended configuration for digest-md5 sasl server required by sasl2 (Forward-ported from https://reviews.apache.org/r/2315/ by Damien Diederen.)
ztzg · Aug 12, 2019 · 7ec98f8 · 7ec98f8
1 parent 7098bb9
commit 7ec98f8
Show file tree

Hide file tree

Showing 6 changed files with 452 additions and 11 deletions.
diff --git a/zookeeper-client/zookeeper-client-c/Makefile.am b/zookeeper-client/zookeeper-client-c/Makefile.am
@@ -18,7 +18,17 @@ endif
 
 LIB_LDFLAGS = -no-undefined -version-info 2 $(SOLARIS_LIB_LDFLAGS)
 
-pkginclude_HEADERS = include/zookeeper.h include/zookeeper_version.h include/zookeeper_log.h include/proto.h include/recordio.h generated/zookeeper.jute.h
+if WANT_SASL
+SASL_CFLAGS = -DSASL
+SASL_LIBS = -lsasl2
+SASL_HDR = include/zookeeper_sasl.h
+SASL_SRC = src/zk_sasl.c $(SASL_HDR)
+else
+STATIC_CXX=-DUSE_STATIC_LIB
+STATIC_LD=-static-libtool-libs
+endif
+
+pkginclude_HEADERS = include/zookeeper.h include/zookeeper_version.h include/zookeeper_log.h include/proto.h include/recordio.h generated/zookeeper.jute.h $(SASL_HDR)
 EXTRA_DIST=LICENSE
 
 HASHTABLE_SRC = src/hashtable/hashtable_itr.h src/hashtable/hashtable_itr.c \
@@ -31,13 +41,13 @@ COMMON_SRC = src/zookeeper.c include/zookeeper.h include/zookeeper_version.h inc
     src/recordio.c include/recordio.h include/proto.h \
     src/zk_adaptor.h generated/zookeeper.jute.c \
     src/zk_log.c src/zk_hashtable.h src/zk_hashtable.c \
-	src/addrvec.h src/addrvec.c
+    src/addrvec.h src/addrvec.c $(SASL_SRC)
 
 # These are the symbols (classes, mostly) we want to export from our library.
 EXPORT_SYMBOLS = '(zoo_|zookeeper_|zhandle|Z|format_log_message|log_message|logLevel|deallocate_|allocate_|zerror|is_unrecoverable)'
 noinst_LTLIBRARIES += libzkst.la
 libzkst_la_SOURCES =$(COMMON_SRC) src/st_adaptor.c
-libzkst_la_LIBADD = -lm $(CLOCK_GETTIME_LIBS)
+libzkst_la_LIBADD = -lm $(CLOCK_GETTIME_LIBS) $(SASL_LIBS)
 
 lib_LTLIBRARIES = libzookeeper_st.la
 libzookeeper_st_la_SOURCES =
@@ -49,7 +59,7 @@ if WANT_SYNCAPI
 noinst_LTLIBRARIES += libzkmt.la
 libzkmt_la_SOURCES =$(COMMON_SRC) src/mt_adaptor.c
 libzkmt_la_CFLAGS = -DTHREADED
-libzkmt_la_LIBADD = -lm $(CLOCK_GETTIME_LIBS)
+libzkmt_la_LIBADD = -lm $(CLOCK_GETTIME_LIBS) $(SASL_LIBS)
 
 lib_LTLIBRARIES += libzookeeper_mt.la
 libzookeeper_mt_la_SOURCES =
@@ -62,17 +72,18 @@ bin_PROGRAMS = cli_st
 
 cli_st_SOURCES = src/cli.c
 cli_st_LDADD = libzookeeper_st.la
+cli_st_CFLAGS = $(SASL_CFLAGS)
 
 if WANT_SYNCAPI
 bin_PROGRAMS += cli_mt load_gen
 
 cli_mt_SOURCES = src/cli.c
 cli_mt_LDADD = libzookeeper_mt.la
-cli_mt_CFLAGS = -DTHREADED
+cli_mt_CFLAGS = -DTHREADED $(SASL_CFLAGS)
 
 load_gen_SOURCES = src/load_gen.c
 load_gen_LDADD = libzookeeper_mt.la
-load_gen_CFLAGS = -DTHREADED
+load_gen_CFLAGS = -DTHREADED $(SASL_CFLAGS)
 
 endif
 
@@ -122,14 +133,14 @@ TESTS_ENVIRONMENT = ZKROOT=${srcdir}/../.. \
                     CLASSPATH=$$CLASSPATH:$$CLOVER_HOME/lib/clover*.jar
 nodist_zktest_st_SOURCES = $(TEST_SOURCES)
 zktest_st_LDADD = libzkst.la libhashtable.la $(CPPUNIT_LIBS) -ldl
-zktest_st_CXXFLAGS = -DUSE_STATIC_LIB $(CPPUNIT_CFLAGS) $(USEIPV6) $(SOLARIS_CPPFLAGS)
+zktest_st_CXXFLAGS = -DUSE_STATIC_LIB $(CPPUNIT_CFLAGS) $(USEIPV6) $(SOLARIS_CPPFLAGS) $(SASL_CFLAGS)
 zktest_st_LDFLAGS = -shared $(SYMBOL_WRAPPERS) $(SOLARIS_LIB_LDFLAGS)
 
 if WANT_SYNCAPI
   check_PROGRAMS += zktest-mt
   nodist_zktest_mt_SOURCES = $(TEST_SOURCES) tests/PthreadMocks.cc
   zktest_mt_LDADD = libzkmt.la libhashtable.la -lpthread $(CPPUNIT_LIBS) -ldl
-  zktest_mt_CXXFLAGS = -DUSE_STATIC_LIB -DTHREADED $(CPPUNIT_CFLAGS) $(USEIPV6)
+  zktest_mt_CXXFLAGS = -DUSE_STATIC_LIB -DTHREADED $(CPPUNIT_CFLAGS) $(USEIPV6) $(SASL_CFLAGS)
 if SOLARIS
   SHELL_SYMBOL_WRAPPERS_MT = cat ${srcdir}/tests/wrappers-mt.opt
   SYMBOL_WRAPPERS_MT=$(SYMBOL_WRAPPERS) $(SHELL_SYMBOL_WRAPPERS_MT:sh)

diff --git a/zookeeper-client/zookeeper-client-c/configure.ac b/zookeeper-client/zookeeper-client-c/configure.ac
@@ -111,6 +111,23 @@ fi
 
 AM_CONDITIONAL([WANT_SYNCAPI],[test "x$with_syncapi" != xno])
 
+AC_ARG_WITH([sasl],
+ [AS_HELP_STRING([--with-sasl],[build with support for SASL [default=yes]])],
+ [],[with_sasl=yes])
+
+AC_CHECK_LIB([sasl2], [sasl_client_init],[have_sasl=yes],[have_sasl=no])
+
+if test "x$with_sasl" != xno && test "x$have_sasl" = xno; then
+    AC_MSG_WARN([cannot build SASL support -- sasl2 not found])
+    with_sasl=no
+fi
+if test "x$with_sasl" != xno; then
+    AC_MSG_NOTICE([building with SASL support])
+else
+    AC_MSG_NOTICE([building without SASL support])
+fi
+AM_CONDITIONAL([WANT_SASL],[test "x$with_sasl" != xno])
+
 # Checks for header files.
 AC_HEADER_STDC
 AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h sys/utsname.h])

diff --git a/zookeeper-client/zookeeper-client-c/include/zookeeper_sasl.h b/zookeeper-client/zookeeper-client-c/include/zookeeper_sasl.h
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ZOOKEEPER_SASL_H_
+#define ZOOKEEPER_SASL_H_
+
+#include <sasl/sasl.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief initialize sasl library
+ *
+ * \param callbacks sasl callbacks
+ * \return ZSYSTEMERROR if initialization failed
+ */
+ZOOAPI int zoo_sasl_init(sasl_callback_t *callbacks);
+
+/**
+ * \brief creates a sasl connection for the zookeeper socket
+ *
+ * \param zh the zookeeper handle obtained by a call to \ref zookeeper_init
+ * \param servicename name of the zookeeper service
+ * \param host host of the zookeeper service
+ * \param sasl_conn out parameter for the created sasl connection
+ * \param mech out parameter for the sasl mechanisms supported by the client
+ * \param mechlen out parameter for the count of supported mechs
+ * \return ZSYSTEMERRROR if connection failed
+ */
+ZOOAPI int zoo_sasl_connect(zhandle_t *zh, char *servicename,
+        char *host, zoo_sasl_conn_t **sasl_conn, const char **mechs, int *mechlen);
+
+/**
+ * \brief authenticates asynchronously
+ *
+ * \param zh the zookeeper handle obtained by a call to \ref zookeeper_init
+ * \param zh the connection handle obtained by a call to \ref zoo_sasl_connect
+ * \param mech the selected mechanism
+ * \param supportedmechs mechanisms supported by client (obtained by a call
+ * to \ref zoo_sasl_connect)
+ * \return
+ */
+ZOOAPI int zoo_asasl_authenticate(zhandle_t *th, zoo_sasl_conn_t *conn, const char *mech,
+        const char *supportedmechs);
+
+#ifdef THREADED
+/**
+ * \brief authenticates synchronously
+ *
+ * \param zh the zookeeper handle obtained by a call to \ref zookeeper_init
+ * \param zh the connection handle obtained by a call to \ref zoo_sasl_connect
+ * \param mech the selected mechanism
+ * \param supportedmechs mechanisms supported by client (obtained by a call
+ * to \ref zoo_sasl_connect)
+ * \return
+ */
+ZOOAPI int zoo_sasl_authenticate(zhandle_t *th, zoo_sasl_conn_t *conn, const char *mech,
+        const char *supportedmechs);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ZOOKEEPER_SASL_H_ */