rgw: refactor curl functionality

Move curl stuff into its own class, use it in swift token validation.

Signed-off-by: Yehuda Sadeh <yehuda@inktank.com>

5 files changed, 74 insertions, 20 deletions

diff --git a/src/Makefile.am b/src/Makefile.am
index 58ca3ffbb66..5ee003f2877 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -344,6 +344,7 @@ radosgw_SOURCES = \
         rgw/rgw_rest_swift.cc \
         rgw/rgw_rest_s3.cc \
         rgw/rgw_rest_usage.cc \
+        rgw/rgw_http_client.cc \
         rgw/rgw_swift.cc \
 	rgw/rgw_swift_auth.cc \
 	rgw/rgw_main.cc
@@ -1767,6 +1768,7 @@ noinst_HEADERS = \
 	rgw/rgw_gc.h\
 	rgw/rgw_multi_del.h\
 	rgw/rgw_op.h\
+	rgw/rgw_http_client.h\
 	rgw/rgw_swift.h\
 	rgw/rgw_swift_auth.h\
 	rgw/rgw_rados.h\
diff --git a/src/common/config_opts.h b/src/common/config_opts.h
index c6e8dc0ce99..3e45bbf48c7 100644
--- a/src/common/config_opts.h
+++ b/src/common/config_opts.h
@@ -420,6 +420,9 @@ OPTION(rgw_swift_url, OPT_STR, "")             // the swift url, being published
 OPTION(rgw_swift_url_prefix, OPT_STR, "swift") // entry point for which a url is considered a swift url
 OPTION(rgw_swift_auth_url, OPT_STR, "")        // default URL to go and verify tokens for v1 auth (if not using internal swift auth)
 OPTION(rgw_swift_auth_entry, OPT_STR, "auth")  // entry point for which a url is considered a swift auth url
+OPTION(rgw_swift_use_keystone, OPT_BOOL, false)  // should swift use keystone?
+OPTION(rgw_swift_keystone_url, OPT_STR, "")  // url for keystone server
+OPTION(rgw_swift_keystone_admin_token, OPT_STR, "")  // keystone admin token (shared secret)
 OPTION(rgw_admin_entry, OPT_STR, "admin")  // entry point for which a url is considered an admin request
 OPTION(rgw_enforce_swift_acls, OPT_BOOL, true)
 OPTION(rgw_print_continue, OPT_BOOL, true)  // enable if 100-Continue works
diff --git a/src/rgw/rgw_http_client.cc b/src/rgw/rgw_http_client.cc
new file mode 100644
index 00000000000..363b618b2c8
--- /dev/null
+++ b/src/rgw/rgw_http_client.cc
@@ -0,0 +1,36 @@
+#include <curl/curl.h>
+#include <curl/easy.h>
+
+#include "rgw_common.h"
+#include "rgw_http_client.h"
+
+#define dout_subsys ceph_subsys_rgw
+
+static size_t read_http_header(void *ptr, size_t size, size_t nmemb, void *_info)
+{
+  RGWHTTPClient *client = (RGWHTTPClient *)_info;
+  size_t len = size * nmemb;
+  int ret = client->read_header(ptr, size * nmemb);
+  if (ret < 0) {
+    dout(0) << "WARNING: client->read_header() returned ret=" << ret << dendl;
+  }
+
+  return len;
+}
+
+int RGWHTTPClient::process(const string& url)
+{
+  CURL *curl_handle;
+
+  curl_handle = curl_easy_init();
+  curl_easy_setopt(curl_handle, CURLOPT_URL, url.c_str());
+  curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L);
+  curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, read_http_header);
+  curl_easy_setopt(curl_handle,   CURLOPT_WRITEHEADER, (void *)this);
+  curl_easy_perform(curl_handle);
+  curl_easy_cleanup(curl_handle);
+
+  return 0;
+}
+
+
diff --git a/src/rgw/rgw_http_client.h b/src/rgw/rgw_http_client.h
new file mode 100644
index 00000000000..74148af1dc1
--- /dev/null
+++ b/src/rgw/rgw_http_client.h
@@ -0,0 +1,17 @@
+#ifndef CEPH_RGW_HTTP_CLIENT_H
+#define CEPH_RGW_HTTP_CLIENT_H
+
+#include "rgw_common.h"
+
+class RGWHTTPClient
+{
+public:
+  virtual ~RGWHTTPClient() {}
+  RGWHTTPClient() {}
+
+  virtual int read_header(void *ptr, size_t len) { return 0; }
+
+  int process(const string& url);
+};
+
+#endif
diff --git a/src/rgw/rgw_swift.cc b/src/rgw/rgw_swift.cc
index 212fadb2105..6694dd2b935 100644
--- a/src/rgw/rgw_swift.cc
+++ b/src/rgw/rgw_swift.cc
@@ -2,21 +2,25 @@
 #include <stdlib.h>
 #include <unistd.h>
 
-#include <curl/curl.h>
-#include <curl/easy.h>
-
 #include "rgw_common.h"
 #include "rgw_swift.h"
 #include "rgw_swift_auth.h"
 #include "rgw_user.h"
+#include "rgw_http_client.h"
 
 #define dout_subsys ceph_subsys_rgw
 
-static size_t read_http_header(void *ptr, size_t size, size_t nmemb, void *_info)
+class RGWValidateSwiftToken : public RGWHTTPClient {
+  struct rgw_swift_auth_info *info;
+public:
+  RGWValidateSwiftToken(struct rgw_swift_auth_info *_info) :info(_info) {}
+
+  int read_header(void *ptr, size_t len);
+};
+
+int RGWValidateSwiftToken::read_header(void *ptr, size_t len)
 {
-  size_t len = size * nmemb;
   char line[len + 1];
-  struct rgw_swift_auth_info *info = (struct rgw_swift_auth_info *)_info;
 
   char *s = (char *)ptr, *end = (char *)ptr + len;
   char *p = line;
@@ -54,13 +58,11 @@ static size_t read_http_header(void *ptr, size_t size, size_t nmemb, void *_info
     if (s != end)
       *p++ = *s++;
   }
-  return len;
+  return 0;
 }
 
 static int rgw_swift_validate_token(const char *token, struct rgw_swift_auth_info *info)
 {
-  CURL *curl_handle;
-
   if (g_conf->rgw_swift_auth_url.empty())
     return -EINVAL;
 
@@ -71,19 +73,13 @@ static int rgw_swift_validate_token(const char *token, struct rgw_swift_auth_inf
   char url_buf[auth_url.size() + 1 + strlen(token) + 1];
   sprintf(url_buf, "%s/%s", auth_url.c_str(), token);
 
-  dout(10) << "rgw_swift_validate_token url=" << url_buf << dendl;
-
-  curl_handle = curl_easy_init();
-
-  curl_easy_setopt(curl_handle, CURLOPT_URL, url_buf);
-  curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L);
-
-  curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, read_http_header);
+  RGWValidateSwiftToken validate(info);
 
-  curl_easy_setopt(curl_handle,   CURLOPT_WRITEHEADER, info);
+  dout(10) << "rgw_swift_validate_token url=" << url_buf << dendl;
 
-  curl_easy_perform(curl_handle);
-  curl_easy_cleanup(curl_handle);
+  int ret = validate.process(url_buf);
+  if (ret < 0)
+    return ret;
 
   return 0;
 }