MCOL-3542: Add ability to set libmarias3 options via StorageManager cnf file.

2025-08-05 16:15:50 +03:00 · 2021-03-31 16:13:03 -05:00
parent d52ee51ca5
commit 401c0fd5c7
3 changed files with 54 additions and 1 deletions
--- a/storage-manager/src/S3Storage.cpp
+++ b/storage-manager/src/S3Storage.cpp
@@ -125,15 +125,38 @@ S3Storage::S3Storage(bool skipRetry) : skipRetryableErrors(skipRetry)
    STSendpoint = config->getValue("S3", "sts_endpoint");
    STSregion = config->getValue("S3", "sts_region");
    string ec2_mode = tolower(config->getValue("S3", "ec2_iam_mode"));
+    string use_http = tolower(config->getValue("S3", "use_http"));
+    string ssl_verify = tolower(config->getValue("S3", "ssl_verify"));
+    string port_number = config->getValue("S3", "port_number");
+
+
    bool keyMissing = false;
    isEC2Instance = false;
    ec2iamEnabled = false;
+    useHTTP = false;
+    sslVerify = true;
+    portNumber = 0;
+
+    if (!port_number.empty())
+    {
+        portNumber = stoi(port_number);
+    }

    if (ec2_mode == "enabled")
    {
        ec2iamEnabled = true;
    }

+    if (use_http == "enabled")
+    {
+        useHTTP = true;
+    }
+
+    if (ssl_verify == "disabled")
+    {
+        sslVerify = false;
+    }
+
    if (key.empty())
    {
        char *_key_id = getenv("AWS_ACCESS_KEY_ID");
@@ -676,9 +699,28 @@ ms3_st * S3Storage::getConnection()
    if (freeConns.empty())
    {
        ret = ms3_init(key.c_str(), secret.c_str(), region.c_str(), (endpoint.empty() ? NULL : endpoint.c_str()));
+        // Something went wrong with libmarias3 init
        if (ret == NULL)
+        {
            logger->log(LOG_ERR, "S3Storage::getConnection(): ms3_init returned NULL, no specific info to report");
-        if(!IAMrole.empty())
+        }
+        // Set option for use http instead of https
+        if (useHTTP)
+        {
+            ms3_set_option(ret, MS3_OPT_USE_HTTP, NULL);
+        }
+        // Set option to disable SSL Verification
+        if (!sslVerify)
+        {
+            ms3_set_option(ret, MS3_OPT_DISABLE_SSL_VERIFY, NULL);
+        }
+        // Port number is not 0 so it was set by cnf file
+        if (portNumber != 0)
+        {
+            ms3_set_option(ret, MS3_OPT_PORT_NUMBER, &portNumber);
+        }
+        // IAM role setup for keys
+        if (!IAMrole.empty())
        {
            if (isEC2Instance)
            {
--- a/storage-manager/src/S3Storage.h
+++ b/storage-manager/src/S3Storage.h
@@ -65,6 +65,9 @@ class S3Storage : public CloudStorage
        std::string STSregion;
        bool isEC2Instance;
        bool ec2iamEnabled;
+        bool useHTTP;
+        bool sslVerify;
+        int portNumber;
        
        struct Connection
        {
--- a/storage-manager/storagemanager.cnf.in
+++ b/storage-manager/storagemanager.cnf.in
@@ -131,6 +131,14 @@ bucket = some_bucket
 # provided by EC2 metadata for S3 authentication access/secret keys.
 # ec2_iam_mode=enabled

+# Setting use_http to 'enabled' for host to use http instead of https
+# The default is use_http = disabled (https)
+# use_http = enabled
+
+# Setting ssl_verify to 'disabled' for how to not use SSL verification
+# Default is ssl_verify = enabled
+# ssl_verify = disabled
+
 # The LocalStorage section configures the 'local storage' module
 # if specified by ObjectStorage/service.
 [LocalStorage]