Skip to content

Commit

Permalink
fix tls connection options (#3037)
Browse files Browse the repository at this point in the history
  • Loading branch information
@DmitriyMusatkin
DmitriyMusatkin authored Jul 16, 2024
1 parent ed6ec6c commit a623a95
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 68 deletions.
2 changes: 1 addition & 1 deletion crt/aws-crt-cpp
Submodule aws-crt-cpp updated 8 files
+1 −1 VERSION
+1 −1 crt/aws-c-cal
+1 −1 crt/aws-c-http
+1 −1 crt/aws-c-io
+1 −1 crt/aws-c-s3
+1 −1 crt/aws-lc
+1 −1 crt/s2n
+1 −0 source/io/SocketOptions.cpp
35 changes: 9 additions & 26 deletions generated/src/aws-cpp-sdk-s3-crt/source/S3CrtClient.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -371,17 +371,18 @@ void S3CrtClient::init(const S3Crt::ClientConfiguration& config,
static const size_t DEFAULT_PART_SIZE = 5 * 1024 * 1024; // 5MB
s3CrtConfig.part_size = config.partSize < DEFAULT_PART_SIZE ? DEFAULT_PART_SIZE : config.partSize;

Aws::UniquePtr<Aws::Crt::Io::TlsConnectionOptions> pTlsConnectionOptions;
Aws::Crt::Io::TlsConnectionOptions *rawPTlsConnectionOptions = nullptr;
if (config.tlsConnectionOptions)
{
pTlsConnectionOptions = Aws::MakeUnique<Aws::Crt::Io::TlsConnectionOptions>(ALLOCATION_TAG, *config.tlsConnectionOptions);
rawPTlsConnectionOptions = config.tlsConnectionOptions.get();
if (!config.caPath.empty() || !config.caFile.empty())
{
AWS_LOGSTREAM_WARN(ALLOCATION_TAG, "caPath or caFile on client configuration are ignored in case of user-configured TlsConnectionOptions provided");
}
}

if (!pTlsConnectionOptions)
Aws::UniquePtr<Aws::Crt::Io::TlsConnectionOptions> pTlsConnectionOptions;
if (!rawPTlsConnectionOptions)
{
Aws::Crt::Io::TlsContextOptions crtTlsContextOptions = Aws::Crt::Io::TlsContextOptions::InitDefaultClient();
if (!config.caPath.empty() || !config.caFile.empty())
Expand All @@ -396,29 +397,15 @@ void S3CrtClient::init(const S3Crt::ClientConfiguration& config,
}
Aws::Crt::Io::TlsContext crtTlsContext(crtTlsContextOptions, Aws::Crt::Io::TlsMode::CLIENT);
pTlsConnectionOptions = Aws::MakeUnique<Aws::Crt::Io::TlsConnectionOptions>(ALLOCATION_TAG, crtTlsContext.NewConnectionOptions());
rawPTlsConnectionOptions = pTlsConnectionOptions.get();
}

aws_tls_connection_options nonConstTlsOptions;
AWS_ZERO_STRUCT(nonConstTlsOptions);
if (pTlsConnectionOptions)
{
ResolveEndpointOutcome endpointOutcome = m_endpointProvider->ResolveEndpoint({});
if (!endpointOutcome.IsSuccess())
{
AWS_LOGSTREAM_FATAL(ALLOCATION_TAG, "Failed to initialize S3 Crt client: failed to resolve base URI: " << endpointOutcome.GetError().GetMessage());
m_isInitialized = false;
return;
}
Aws::Crt::ByteCursor serverName = Aws::Crt::ByteCursorFromCString(endpointOutcome.GetResult().GetURI().GetAuthority().c_str());
pTlsConnectionOptions->SetServerName(serverName);
aws_tls_connection_options_copy(&nonConstTlsOptions, pTlsConnectionOptions->GetUnderlyingHandle());
s3CrtConfig.tls_connection_options = &nonConstTlsOptions;
}
else
{
s3CrtConfig.tls_connection_options = nullptr;
if (!rawPTlsConnectionOptions) {
rawPTlsConnectionOptions = Aws::GetDefaultTlsConnectionOptions();
}

s3CrtConfig.tls_connection_options = rawPTlsConnectionOptions ? rawPTlsConnectionOptions->GetUnderlyingHandle() : nullptr;

Aws::Crt::Http::HttpClientConnectionProxyOptions proxyOptions;
aws_http_proxy_options raw_proxy_options;

Expand Down Expand Up @@ -490,10 +477,6 @@ void S3CrtClient::init(const S3Crt::ClientConfiguration& config,
s3CrtConfig.s3express_provider_override_factory = S3CrtIdentityProviderAdapter::ProviderFactory;

m_s3CrtClient = aws_s3_client_new(Aws::get_aws_allocator(), &s3CrtConfig);
if (pTlsConnectionOptions)
{
aws_tls_connection_options_clean_up(&nonConstTlsOptions);
}
if (!m_s3CrtClient)
{
AWS_LOGSTREAM_FATAL(ALLOCATION_TAG, "Failed to allocate aws_s3_client instance, abort.");
Expand Down
30 changes: 15 additions & 15 deletions prefetch_crt_dependency.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,21 +3,21 @@
# SPDX-License-Identifier: Apache-2.0.

CRT_URI_PREFIX=https://codeload.github.com/awslabs
CRT_URI=${CRT_URI_PREFIX}/aws-crt-cpp/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2

AWS_C_AUTH_URI=${CRT_URI_PREFIX}/aws-c-auth/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_CAL_URI=${CRT_URI_PREFIX}/aws-c-cal/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_COMMON_URI=${CRT_URI_PREFIX}/aws-c-common/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_COMPRESSION_URI=${CRT_URI_PREFIX}/aws-c-compression/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_EVENT_STREAM_URI=${CRT_URI_PREFIX}/aws-c-event-stream/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_HTTP_URI=${CRT_URI_PREFIX}/aws-c-http/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_IO_URI=${CRT_URI_PREFIX}/aws-c-io/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_MQTT_URI=${CRT_URI_PREFIX}/aws-c-mqtt/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_S3_URI=${CRT_URI_PREFIX}/aws-c-s3/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_C_SDKUTILS_URI=${CRT_URI_PREFIX}/aws-c-sdkutils/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_CHECKSUMS_URI=${CRT_URI_PREFIX}/aws-checksums/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
AWS_LC_URI=${CRT_URI_PREFIX}/aws-lc/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
S2N_URI=${CRT_URI_PREFIX}/s2n/zip/d966cde6e615ff3d8f9861bd6c724cca60da927c # v0.27.2
CRT_URI=${CRT_URI_PREFIX}/aws-crt-cpp/zip/fed4ba5e3f722609b069aa67cbfb830ca94c4995 # v0.27.4

AWS_C_AUTH_URI=${CRT_URI_PREFIX}/aws-c-auth/zip/53a31bacf2918e848e00b052d2e25cba0be069d9 # v0.7.22
AWS_C_CAL_URI=${CRT_URI_PREFIX}/aws-c-cal/zip/71810b1ade7af4747104ae245b74240ae8e8cf77 # v0.7.1
AWS_C_COMMON_URI=${CRT_URI_PREFIX}/aws-c-common/zip/6d974f92c1d86391c1dcb1173239adf757c52b2d # v0.9.23
AWS_C_COMPRESSION_URI=${CRT_URI_PREFIX}/aws-c-compression/zip/ea1d421a421ad83a540309a94c38d50b6a5d836b # v0.2.18
AWS_C_EVENT_STREAM_URI=${CRT_URI_PREFIX}/aws-c-event-stream/zip/1a70c50f78a6e706f1f91a4ed138478271b6d9d3 # v0.4.2
AWS_C_HTTP_URI=${CRT_URI_PREFIX}/aws-c-http/zip/652e2febf2242d6b3562267dc0dd982375ed698e # v0.8.3
AWS_C_IO_URI=${CRT_URI_PREFIX}/aws-c-io/zip/d04508d113851f1bc15630d93490b2aa09676137 # v0.14.11
AWS_C_MQTT_URI=${CRT_URI_PREFIX}/aws-c-mqtt/zip/ed7bbd68c03d7022c915a2924740ab7992ad2311 # v0.10.4
AWS_C_S3_URI=${CRT_URI_PREFIX}/aws-c-s3/zip/0ab4d58ef0bd97970d43828cb6b57a3de5747343 # v0.6.4
AWS_C_SDKUTILS_URI=${CRT_URI_PREFIX}/aws-c-sdkutils/zip/8c7af71f91ed5b9d2a043d51f120495f43723f80 # v0.1.16
AWS_CHECKSUMS_URI=${CRT_URI_PREFIX}/aws-checksums/zip/aac442a2dbbb5e72d0a3eca8313cf65e7e1cac2f # v0.1.18
AWS_LC_URI=${CRT_URI_PREFIX}/aws-lc/zip/05d3bfd6303c65d7392dee1a47d6e161c36a04e5 # v1.31.0
S2N_URI=${CRT_URI_PREFIX}/s2n/zip/073c7b415a17d271a7b2c8c385d0e641fc94871f # v1.4.17


echo "Removing CRT"
Expand Down
35 changes: 9 additions & 26 deletions .../amazonaws/util/awsclientgenerator/velocity/cpp/s3/s3-crt/S3CrtServiceClientSourceInit.vm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -400,17 +400,18 @@ void ${className}::init(const ${clientConfigurationNamespace}::ClientConfigurati
static const size_t DEFAULT_PART_SIZE = 5 * 1024 * 1024; // 5MB
s3CrtConfig.part_size = config.partSize < DEFAULT_PART_SIZE ? DEFAULT_PART_SIZE : config.partSize;

Aws::UniquePtr<Aws::Crt::Io::TlsConnectionOptions> pTlsConnectionOptions;
Aws::Crt::Io::TlsConnectionOptions *rawPTlsConnectionOptions = nullptr;
if (config.tlsConnectionOptions)
{
pTlsConnectionOptions = Aws::MakeUnique<Aws::Crt::Io::TlsConnectionOptions>(ALLOCATION_TAG, *config.tlsConnectionOptions);
rawPTlsConnectionOptions = config.tlsConnectionOptions.get();
if (!config.caPath.empty() || !config.caFile.empty())
{
AWS_LOGSTREAM_WARN(ALLOCATION_TAG, "caPath or caFile on client configuration are ignored in case of user-configured TlsConnectionOptions provided");
}
}

if (!pTlsConnectionOptions)
Aws::UniquePtr<Aws::Crt::Io::TlsConnectionOptions> pTlsConnectionOptions;
if (!rawPTlsConnectionOptions)
{
Aws::Crt::Io::TlsContextOptions crtTlsContextOptions = Aws::Crt::Io::TlsContextOptions::InitDefaultClient();
if (!config.caPath.empty() || !config.caFile.empty())
Expand All @@ -425,29 +426,15 @@ void ${className}::init(const ${clientConfigurationNamespace}::ClientConfigurati
}
Aws::Crt::Io::TlsContext crtTlsContext(crtTlsContextOptions, Aws::Crt::Io::TlsMode::CLIENT);
pTlsConnectionOptions = Aws::MakeUnique<Aws::Crt::Io::TlsConnectionOptions>(ALLOCATION_TAG, crtTlsContext.NewConnectionOptions());
rawPTlsConnectionOptions = pTlsConnectionOptions.get();
}

aws_tls_connection_options nonConstTlsOptions;
AWS_ZERO_STRUCT(nonConstTlsOptions);
if (pTlsConnectionOptions)
{
ResolveEndpointOutcome endpointOutcome = m_endpointProvider->ResolveEndpoint({});
if (!endpointOutcome.IsSuccess())
{
AWS_LOGSTREAM_FATAL(ALLOCATION_TAG, "Failed to initialize S3 Crt client: failed to resolve base URI: " << endpointOutcome.GetError().GetMessage());
m_isInitialized = false;
return;
}
Aws::Crt::ByteCursor serverName = Aws::Crt::ByteCursorFromCString(endpointOutcome.GetResult().GetURI().GetAuthority().c_str());
pTlsConnectionOptions->SetServerName(serverName);
aws_tls_connection_options_copy(&nonConstTlsOptions, pTlsConnectionOptions->GetUnderlyingHandle());
s3CrtConfig.tls_connection_options = &nonConstTlsOptions;
}
else
{
s3CrtConfig.tls_connection_options = nullptr;
if (!rawPTlsConnectionOptions) {
rawPTlsConnectionOptions = Aws::GetDefaultTlsConnectionOptions();
}

s3CrtConfig.tls_connection_options = rawPTlsConnectionOptions ? rawPTlsConnectionOptions->GetUnderlyingHandle() : nullptr;

Aws::Crt::Http::HttpClientConnectionProxyOptions proxyOptions;
aws_http_proxy_options raw_proxy_options;

Expand Down Expand Up @@ -519,10 +506,6 @@ void ${className}::init(const ${clientConfigurationNamespace}::ClientConfigurati
s3CrtConfig.s3express_provider_override_factory = S3CrtIdentityProviderAdapter::ProviderFactory;

m_s3CrtClient = aws_s3_client_new(Aws::get_aws_allocator(), &s3CrtConfig);
if (pTlsConnectionOptions)
{
aws_tls_connection_options_clean_up(&nonConstTlsOptions);
}
if (!m_s3CrtClient)
{
AWS_LOGSTREAM_FATAL(ALLOCATION_TAG, "Failed to allocate aws_s3_client instance, abort.");
Expand Down

0 comments on commit a623a95

Please sign in to comment.