diff options
| author | Jan-Willem Blokland <Jan-Willem.Blokland@Shell.com> | 2023-07-14 20:15:11 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-07-14 20:15:11 (GMT) |
| commit | 305ac8886566968ae58ba771e0ae2ba6434ac9f0 (patch) | |
| tree | f298531f43ad0d0a22ae81c4fb7f4eb2fac4bd33 /tools | |
| parent | f21cd485a7eea5c6ec6b5dac0ccdd2118559d969 (diff) | |
| download | hdf5-305ac8886566968ae58ba771e0ae2ba6434ac9f0.zip hdf5-305ac8886566968ae58ba771e0ae2ba6434ac9f0.tar.gz hdf5-305ac8886566968ae58ba771e0ae2ba6434ac9f0.tar.bz2 | |
ROS3: (feature) Temporary security credentials (#3030)
- Implemented support for AWS temporary security credentials.
For this kind of credentials also a session/security token
should be included in the request by adding the
x-amz-security-token header.
Co-authored-by: Larry Knox <lrknox@hdfgroup.org>
Co-authored-by: Jordan Henderson <jhenderson@hdfgroup.org>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/lib/h5tools.c | 6 | ||||
| -rw-r--r-- | tools/lib/h5tools_utils.c | 85 | ||||
| -rw-r--r-- | tools/lib/h5tools_utils.h | 12 | ||||
| -rw-r--r-- | tools/libtest/h5tools_test_utils.c | 338 | ||||
| -rw-r--r-- | tools/src/h5dump/h5dump.c | 15 | ||||
| -rw-r--r-- | tools/src/h5ls/h5ls.c | 15 | ||||
| -rw-r--r-- | tools/src/h5stat/h5stat.c | 15 |
7 files changed, 270 insertions, 216 deletions
diff --git a/tools/lib/h5tools.c b/tools/lib/h5tools.c index 5beffa4..76f3839 100644 --- a/tools/lib/h5tools.c +++ b/tools/lib/h5tools.c @@ -565,8 +565,12 @@ h5tools_set_fapl_vfd(hid_t fapl_id, h5tools_vfd_info_t *vfd_info) #ifdef H5_HAVE_ROS3_VFD if (!vfd_info->info) H5TOOLS_GOTO_ERROR(FAIL, "Read-only S3 VFD info is invalid"); - if (H5Pset_fapl_ros3(fapl_id, (const H5FD_ros3_fapl_t *)vfd_info->info) < 0) + if (H5Pset_fapl_ros3(fapl_id, &((const H5FD_ros3_fapl_ext_t *)vfd_info->info)->fa) < 0) H5TOOLS_GOTO_ERROR(FAIL, "H5Pset_fapl_ros3() failed"); + + if (H5Pset_fapl_ros3_token(fapl_id, ((const H5FD_ros3_fapl_ext_t *)vfd_info->info)->token) < + 0) + H5TOOLS_GOTO_ERROR(FAIL, "H5Pset_fapl_ros3_token() failed"); #else H5TOOLS_GOTO_ERROR(FAIL, "Read-only S3 VFD is not enabled"); #endif diff --git a/tools/lib/h5tools_utils.c b/tools/lib/h5tools_utils.c index e9b6dfc..fc9a646 100644 --- a/tools/lib/h5tools_utils.c +++ b/tools/lib/h5tools_utils.c @@ -1025,9 +1025,9 @@ done: *---------------------------------------------------------------------------- */ herr_t -h5tools_parse_ros3_fapl_tuple(const char *tuple_str, int delim, H5FD_ros3_fapl_t *fapl_config_out) +h5tools_parse_ros3_fapl_tuple(const char *tuple_str, int delim, H5FD_ros3_fapl_ext_t *fapl_config_out) { - const char *ccred[3]; + const char *ccred[4]; unsigned nelems = 0; char *s3cred_src = NULL; char **s3cred = NULL; @@ -1038,12 +1038,18 @@ h5tools_parse_ros3_fapl_tuple(const char *tuple_str, int delim, H5FD_ros3_fapl_t H5TOOLS_GOTO_ERROR(FAIL, "failed to parse S3 VFD info tuple"); /* Sanity-check tuple count */ - if (nelems != 3) + if (nelems != 3 && nelems != 4) H5TOOLS_GOTO_ERROR(FAIL, "invalid S3 VFD credentials"); ccred[0] = (const char *)s3cred[0]; ccred[1] = (const char *)s3cred[1]; ccred[2] = (const char *)s3cred[2]; + if (nelems == 3) { + ccred[3] = ""; + } + else { + ccred[3] = (const char *)s3cred[3]; + } if (0 == h5tools_populate_ros3_fapl(fapl_config_out, ccred)) H5TOOLS_GOTO_ERROR(FAIL, "failed to populate S3 VFD FAPL config"); @@ -1090,34 +1096,35 @@ done: * * NULL fapl pointer: (NULL, {...} ) * * Warning: In all cases below, fapl will be set as "default" * before error occurs. - * * NULL value strings: (&fa, {NULL?, NULL? NULL?, ...}) + * * NULL value strings: (&fa, {NULL?, NULL? NULL?, NULL?, ...}) * * Incomplete fapl info: - * * empty region, non-empty id, key either way - * * (&fa, {"", "...", "?"}) - * * empty id, non-empty region, key either way - * * (&fa, {"...", "", "?"}) - * * "non-empty key and either id or region empty - * * (&fa, {"", "", "...") - * * (&fa, {"", "...", "...") - * * (&fa, {"...", "", "...") + * * empty region, non-empty id, key either way, token either way + * * (&fa, token, {"", "...", "?", "?"}) + * * empty id, non-empty region, key either way, token either way + * * (&fa, token, {"...", "", "?", "?"}) + * * "non-empty key, token either way and either id or region empty + * * (&fa, token, {"", "", "...", "?") + * * (&fa, token, {"", "...", "...", "?") + * * (&fa, token, {"...", "", "...", "?") * * Any string would overflow allowed space in fapl definition. * or * 1 (success) * * Sets components in fapl_t pointer, copying strings as appropriate. * * "Default" fapl (valid version, authenticate->False, empty strings) * * `values` pointer is NULL - * * (&fa, NULL) - * * first three strings in `values` are empty ("") - * * (&fa, {"", "", "", ...} + * * (&fa, token, NULL) + * * first four strings in `values` are empty ("") + * * (&fa, token, {"", "", "", "", ...}) * * Authenticating fapl - * * region, id, and optional key provided - * * (&fa, {"...", "...", ""}) - * * (&fa, {"...", "...", "..."}) + * * region, id, optional key and option session token provided + * * (&fa, token, {"...", "...", "", ""}) + * * (&fa, token, {"...", "...", "...", ""}) + * * (&fa, token, {"...", "...", "...", "..."}) * *---------------------------------------------------------------------------- */ int -h5tools_populate_ros3_fapl(H5FD_ros3_fapl_t *fa, const char **values) +h5tools_populate_ros3_fapl(H5FD_ros3_fapl_ext_t *fa, const char **values) { int show_progress = 0; /* set to 1 for debugging */ int ret_value = 1; /* 1 for success, 0 for failure */ @@ -1138,11 +1145,12 @@ h5tools_populate_ros3_fapl(H5FD_ros3_fapl_t *fa, const char **values) if (show_progress) { printf(" preset fapl with default values\n"); } - fa->version = H5FD_CURR_ROS3_FAPL_T_VERSION; - fa->authenticate = FALSE; - *(fa->aws_region) = '\0'; - *(fa->secret_id) = '\0'; - *(fa->secret_key) = '\0'; + fa->fa.version = H5FD_CURR_ROS3_FAPL_T_VERSION; + fa->fa.authenticate = FALSE; + *(fa->fa.aws_region) = '\0'; + *(fa->fa.secret_id) = '\0'; + *(fa->fa.secret_key) = '\0'; + *(fa->token) = '\0'; /* sanity-check supplied values */ @@ -1168,6 +1176,13 @@ h5tools_populate_ros3_fapl(H5FD_ros3_fapl_t *fa, const char **values) ret_value = 0; goto done; } + if (values[3] == NULL) { + if (show_progress) { + printf(" ERROR: token value cannot be NULL\n"); + } + ret_value = 0; + goto done; + } /* if region and ID are supplied (key optional), write to fapl... * fail if value would overflow @@ -1180,7 +1195,7 @@ h5tools_populate_ros3_fapl(H5FD_ros3_fapl_t *fa, const char **values) ret_value = 0; goto done; } - memcpy(fa->aws_region, values[0], (HDstrlen(values[0]) + 1)); + memcpy(fa->fa.aws_region, values[0], (HDstrlen(values[0]) + 1)); if (show_progress) { printf(" aws_region set\n"); } @@ -1192,7 +1207,7 @@ h5tools_populate_ros3_fapl(H5FD_ros3_fapl_t *fa, const char **values) ret_value = 0; goto done; } - memcpy(fa->secret_id, values[1], (HDstrlen(values[1]) + 1)); + memcpy(fa->fa.secret_id, values[1], (HDstrlen(values[1]) + 1)); if (show_progress) { printf(" secret_id set\n"); } @@ -1204,17 +1219,29 @@ h5tools_populate_ros3_fapl(H5FD_ros3_fapl_t *fa, const char **values) ret_value = 0; goto done; } - memcpy(fa->secret_key, values[2], (HDstrlen(values[2]) + 1)); + memcpy(fa->fa.secret_key, values[2], (HDstrlen(values[2]) + 1)); if (show_progress) { printf(" secret_key set\n"); } - fa->authenticate = TRUE; + if (HDstrlen(values[3]) > H5FD_ROS3_MAX_SECRET_TOK_LEN) { + if (show_progress) { + printf(" ERROR: token value too long\n"); + } + ret_value = 0; + goto done; + } + memcpy(fa->token, values[3], (HDstrlen(values[3]) + 1)); + if (show_progress) { + printf(" token set\n"); + } + + fa->fa.authenticate = TRUE; if (show_progress) { printf(" set to authenticate\n"); } } - else if (*values[0] != '\0' || *values[1] != '\0' || *values[2] != '\0') { + else if (*values[0] != '\0' || *values[1] != '\0' || *values[2] != '\0' || *values[3] != '\0') { if (show_progress) { printf(" ERROR: invalid assortment of empty/non-empty values\n"); } diff --git a/tools/lib/h5tools_utils.h b/tools/lib/h5tools_utils.h index c721ab4..2efa53f 100644 --- a/tools/lib/h5tools_utils.h +++ b/tools/lib/h5tools_utils.h @@ -61,6 +61,14 @@ typedef struct find_objs_t { table_t *dset_table; } find_objs_t; +#ifdef H5_HAVE_ROS3_VFD +/*extended configuration struct for holding the configuration data to the #H5FD_ROS3 driver */ +typedef struct H5FD_ros3_fapl_ext_t { + H5FD_ros3_fapl_t fa; /* ROS3 configuration struct*/ + char token[H5FD_ROS3_MAX_SECRET_TOK_LEN + 1]; /* Session/security token*/ +} H5FD_ros3_fapl_ext_t; +#endif /* H5_HAVE_ROS3_VFD */ + H5TOOLS_DLLVAR unsigned h5tools_nCols; /*max number of columns for outputting */ /* Definitions of useful routines */ @@ -126,8 +134,8 @@ H5TOOLS_DLL void h5tools_setstatus(int d_status); H5TOOLS_DLL int h5tools_getenv_update_hyperslab_bufsize(void); #ifdef H5_HAVE_ROS3_VFD H5TOOLS_DLL herr_t h5tools_parse_ros3_fapl_tuple(const char *tuple_str, int delim, - H5FD_ros3_fapl_t *fapl_config_out); -H5TOOLS_DLL int h5tools_populate_ros3_fapl(H5FD_ros3_fapl_t *fa, const char **values); + H5FD_ros3_fapl_ext_t *fapl_config_out); +H5TOOLS_DLL int h5tools_populate_ros3_fapl(H5FD_ros3_fapl_ext_t *fa, const char **values); #endif /* H5_HAVE_ROS3_VFD */ #ifdef H5_HAVE_LIBHDFS H5TOOLS_DLL herr_t h5tools_parse_hdfs_fapl_tuple(const char *tuple_str, int delim, diff --git a/tools/libtest/h5tools_test_utils.c b/tools/libtest/h5tools_test_utils.c index d1da145..87c2ce9 100644 --- a/tools/libtest/h5tools_test_utils.c +++ b/tools/libtest/h5tools_test_utils.c @@ -22,10 +22,6 @@ #define UTIL_TEST_DEBUG 0 -#ifndef __js_test__ - -#define __js_test__ 1L - /***************************************************************************** * * FILE-LOCAL TESTING MACROS @@ -59,7 +55,6 @@ * * JSVERIFY_EXP_ACT - ifdef flag, configures comparison order * FAIL_IF() - check condition - * FAIL_UNLESS() - check _not_ condition * JSVERIFY() - long-int equality check; prints reason/comparison * JSVERIFY_NOT() - long-int inequality check; prints * JSVERIFY_STR() - string equality check; prints @@ -125,31 +120,6 @@ H5_GCC_CLANG_DIAG_OFF("format") /*---------------------------------------------------------------------------- * - * Macro: FAIL_UNLESS() - * - * Purpose: - * - * TEST_ERROR wrapper to reduce cognitive overhead from "negative tests", - * e.g., "a != b". - * - * Opposite of FAIL_IF; fails if the given condition is _not_ true. - * - * `FAIL_IF( 5 != my_op() )` - * is equivalent to - * `FAIL_UNLESS( 5 == my_op() )` - * However, `JSVERIFY(5, my_op(), "bad return")` may be even clearer. - * (see JSVERIFY) - * - *---------------------------------------------------------------------------- - */ -#define FAIL_UNLESS(condition) \ - if (!(condition)) { \ - JSFAILED_AT() \ - goto error; \ - } - -/*---------------------------------------------------------------------------- - * * Macro: JSERR_LONG() * * Purpose: @@ -314,8 +284,6 @@ H5_GCC_CLANG_DIAG_OFF("format") #endif /* ifdef/else JSVERIFY_EXP_ACT */ -#endif /* __js_test__ */ - /* if > 0, be very verbose when performing tests */ #define H5TOOLS_UTILS_TEST_DEBUG 0 @@ -508,11 +476,11 @@ test_parse_tuple(void) success = parse_tuple(tc.in_str, tc.sep, &cpy, &count, &parsed); JSVERIFY(tc.exp_ret, success, "function returned incorrect value") - JSVERIFY(tc.exp_nelems, count, NULL) + JSVERIFY(tc.exp_nelems, count, (char *)NULL) if (success == SUCCEED) { FAIL_IF(parsed == NULL) for (elem_i = 0; elem_i < count; elem_i++) { - JSVERIFY_STR(tc.exp_elems[elem_i], parsed[elem_i], NULL) + JSVERIFY_STR(tc.exp_elems[elem_i], parsed[elem_i], (char *)NULL) } /* TEARDOWN */ assert(parsed != NULL); @@ -605,104 +573,109 @@ test_populate_ros3_fa(void) /* NULL values pointer yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, TRUE, "u", "v", "w"}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, TRUE, "u", "v", "w"}, "x"}; if (show_progress) { printf("NULL values pointer\n"); } JSVERIFY(1, h5tools_populate_ros3_fapl(&fa, NULL), "NULL values pointer yields \"default\" fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* all-empty values * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, TRUE, "u", "v", "w"}; - const char *values[] = {"", "", ""}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, TRUE, "u", "v", "w"}, "x"}; + const char *values[] = {"", "", "", ""}; if (show_progress) { printf("all empty values\n"); } JSVERIFY(1, h5tools_populate_ros3_fapl(&fa, values), "empty values yields \"default\" fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* successfully set fapl with values * excess value is ignored */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"x", "y", "z", "a"}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", "y", "z", "a", "b"}; if (show_progress) { printf("successful full set\n"); } JSVERIFY(1, h5tools_populate_ros3_fapl(&fa, values), "four values") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(TRUE, fa.authenticate, NULL) - JSVERIFY_STR("x", fa.aws_region, NULL) - JSVERIFY_STR("y", fa.secret_id, NULL) - JSVERIFY_STR("z", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(TRUE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("x", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("y", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("z", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("a", fa.token, (char *)NULL) } /* NULL region * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {NULL, "y", "z", NULL}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {NULL, "y", "z", ""}; if (show_progress) { printf("NULL region\n"); } JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* empty region * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"", "y", "z", NULL}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"", "y", "z", ""}; if (show_progress) { printf("empty region; non-empty id, key\n"); } JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* region overflow * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"somewhere over the rainbow not too high " - "there is another rainbow bounding some darkened sky", - "y", "z"}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"somewhere over the rainbow not too high " + "there is another rainbow bounding some darkened sky", + "y", "z", ""}; if (show_progress) { printf("region overflow\n"); @@ -711,68 +684,71 @@ test_populate_ros3_fa(void) assert(HDstrlen(values[0]) > H5FD_ROS3_MAX_REGION_LEN); JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* NULL id * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"x", NULL, "z", NULL}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", NULL, "z", ""}; if (show_progress) { printf("NULL id\n"); } JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* empty id (non-empty region, key) * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"x", "", "z", NULL}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", "", "z", ""}; if (show_progress) { printf("empty id; non-empty region and key\n"); } JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* id overflow * partial set: region */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"x", + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", "Why is it necessary to solve the problem? " - "What benefits will you receive by solving the problem? " - "What is the unknown? " - "What is it you don't yet understand? " - "What is the information you have? " - "What isn't the problem? " - "Is the information insufficient, redundant, or contradictory? " - "Should you draw a diagram or figure of the problem? " - "What are the boundaries of the problem? " - "Can you separate the various parts of the problem?", - "z"}; + "What benefits will you receive by solving the problem? " + "What is the unknown? " + "What is it you don't yet understand? " + "What is the information you have? " + "What isn't the problem? " + "Is the information insufficient, redundant, or contradictory? " + "Should you draw a diagram or figure of the problem? " + "What are the boundaries of the problem? " + "Can you separate the various parts of the problem?", + "z", ""}; if (show_progress) { printf("id overflow\n"); @@ -781,105 +757,131 @@ test_populate_ros3_fa(void) assert(HDstrlen(values[1]) > H5FD_ROS3_MAX_SECRET_ID_LEN); JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("x", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("x", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* NULL key * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"x", "y", NULL, NULL}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", "y", NULL, ""}; if (show_progress) { printf("NULL key\n"); } JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) + } + + /* NULL token + * yields default fapl + */ + { + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", "y", "z", NULL}; + + if (show_progress) { + printf("NULL key\n"); + } + + JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill token") + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* empty key (non-empty region, id) * yields authenticating fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"x", "y", "", NULL}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", "y", "", ""}; if (show_progress) { printf("empty key; non-empty region and id\n"); } JSVERIFY(1, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(TRUE, fa.authenticate, NULL) - JSVERIFY_STR("x", fa.aws_region, NULL) - JSVERIFY_STR("y", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(TRUE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("x", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("y", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* empty key, region (non-empty id) * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"", "y", "", NULL}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"", "y", "", ""}; if (show_progress) { printf("empty key and region; non-empty id\n"); } JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* empty key, id (non-empty region) * yields default fapl */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"x", "", "", NULL}; + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", "", "", ""}; if (show_progress) { printf("empty key and id; non-empty region\n"); } JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("", fa.aws_region, NULL) - JSVERIFY_STR("", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* key overflow * partial set: region, id */ { - H5FD_ros3_fapl_t fa = {bad_version, FALSE, "a", "b", "c"}; - const char *values[] = {"x", "y", + H5FD_ros3_fapl_ext_t fa = {{bad_version, FALSE, "a", "b", "c"}, "d"}; + const char *values[] = {"x", "y", "Why is it necessary to solve the problem? " - "What benefits will you receive by solving the problem? " - "What is the unknown? " - "What is it you don't yet understand? " - "What is the information you have? " - "What isn't the problem? " - "Is the information insufficient, redundant, or contradictory? " - "Should you draw a diagram or figure of the problem? " - "What are the boundaries of the problem? " - "Can you separate the various parts of the problem?"}; + "What benefits will you receive by solving the problem? " + "What is the unknown? " + "What is it you don't yet understand? " + "What is the information you have? " + "What isn't the problem? " + "Is the information insufficient, redundant, or contradictory? " + "Should you draw a diagram or figure of the problem? " + "What are the boundaries of the problem? " + "Can you separate the various parts of the problem?", + ""}; if (show_progress) { printf("key overflow\n"); @@ -888,22 +890,23 @@ test_populate_ros3_fa(void) assert(HDstrlen(values[2]) > H5FD_ROS3_MAX_SECRET_KEY_LEN); JSVERIFY(0, h5tools_populate_ros3_fapl(&fa, values), "could not fill fapl") - JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.version, NULL) - JSVERIFY(FALSE, fa.authenticate, NULL) - JSVERIFY_STR("x", fa.aws_region, NULL) - JSVERIFY_STR("y", fa.secret_id, NULL) - JSVERIFY_STR("", fa.secret_key, NULL) + JSVERIFY(H5FD_CURR_ROS3_FAPL_T_VERSION, fa.fa.version, (char *)NULL) + JSVERIFY(FALSE, fa.fa.authenticate, (char *)NULL) + JSVERIFY_STR("x", fa.fa.aws_region, (char *)NULL) + JSVERIFY_STR("y", fa.fa.secret_id, (char *)NULL) + JSVERIFY_STR("", fa.fa.secret_key, (char *)NULL) + JSVERIFY_STR("", fa.token, (char *)NULL) } /* use case */ { - H5FD_ros3_fapl_t fa = {0, 0, "", "", ""}; - const char *values[] = {"us-east-2", "AKIAIMC3D3XLYXLN5COA", - "ugs5aVVnLFCErO/8uW14iWE3K5AgXMpsMlWneO/+"}; + H5FD_ros3_fapl_ext_t fa = {{0, 0, "", "", ""}, ""}; + const char *values[] = {"us-east-2", "AKIAIMC3D3XLYXLN5COA", + "ugs5aVVnLFCErO/8uW14iWE3K5AgXMpsMlWneO/+", ""}; JSVERIFY(1, h5tools_populate_ros3_fapl(&fa, values), "unable to set use case") - JSVERIFY(1, fa.version, "version check") - JSVERIFY(1, fa.authenticate, "should authenticate") + JSVERIFY(1, fa.fa.version, "version check") + JSVERIFY(1, fa.fa.authenticate, "should authenticate") } PASSED(); @@ -962,14 +965,7 @@ test_set_configured_fapl(void) hid_t fapl_id = H5I_INVALID_HID; other_fa_t wrong_fa = {0x432, 0xf82, 0x9093}; #ifdef H5_HAVE_ROS3_VFD - H5FD_ros3_fapl_t ros3_anon_fa = {1, FALSE, "", "", ""}; - H5FD_ros3_fapl_t ros3_auth_fa = { - 1, /* fapl version */ - TRUE, /* authenticate */ - "us-east-1", /* aws region */ - "12345677890abcdef", /* simulate access key ID */ - "oiwnerwe9u0234nJw0-aoj+dsf", /* simulate secret key */ - }; + H5FD_ros3_fapl_ext_t ros3_anon_fa = {{1, FALSE, "", "", ""}, ""}; #endif /* H5_HAVE_ROS3_VFD */ #ifdef H5_HAVE_LIBHDFS H5FD_hdfs_fapl_t hdfs_fa = { @@ -1114,7 +1110,17 @@ test_set_configured_fapl(void) vfd_info.type = VFD_BY_NAME; vfd_info.info = C.conf_fa; vfd_info.u.name = C.vfdname; - result = h5tools_get_fapl(H5P_DEFAULT, NULL, &vfd_info); + + if (C.expected == 1) + result = h5tools_get_fapl(H5P_DEFAULT, NULL, &vfd_info); + else { + H5E_BEGIN_TRY + { + result = h5tools_get_fapl(H5P_DEFAULT, NULL, &vfd_info); + } + H5E_END_TRY; + } + if (C.expected == 0) { JSVERIFY(result, H5I_INVALID_HID, C.message) } diff --git a/tools/src/h5dump/h5dump.c b/tools/src/h5dump/h5dump.c index dd223f3..1458354 100644 --- a/tools/src/h5dump/h5dump.c +++ b/tools/src/h5dump/h5dump.c @@ -32,12 +32,15 @@ static hbool_t get_onion_revision_count = FALSE; #ifdef H5_HAVE_ROS3_VFD /* Default "anonymous" S3 configuration */ -static H5FD_ros3_fapl_t ros3_fa_g = { - 1, /* Structure Version */ - FALSE, /* Authenticate? */ - "", /* AWS Region */ - "", /* Access Key ID */ - "", /* Secret Access Key */ +static H5FD_ros3_fapl_ext_t ros3_fa_g = { + { + 1, /* Structure Version */ + FALSE, /* Authenticate? */ + "", /* AWS Region */ + "", /* Access Key ID */ + "", /* Secret Access Key */ + }, + "", /* Session/security token */ }; #endif /* H5_HAVE_ROS3_VFD */ diff --git a/tools/src/h5ls/h5ls.c b/tools/src/h5ls/h5ls.c index ed81210..b6ce9b1 100644 --- a/tools/src/h5ls/h5ls.c +++ b/tools/src/h5ls/h5ls.c @@ -2656,12 +2656,15 @@ main(int argc, char *argv[]) #ifdef H5_HAVE_ROS3_VFD /* Default "anonymous" S3 configuration */ - H5FD_ros3_fapl_t ros3_fa = { - 1, /* Structure Version */ - FALSE, /* Authenticate? */ - "", /* AWS Region */ - "", /* Access Key ID */ - "", /* Secret Access Key */ + H5FD_ros3_fapl_ext_t ros3_fa = { + { + 1, /* Structure Version */ + FALSE, /* Authenticate? */ + "", /* AWS Region */ + "", /* Access Key ID */ + "", /* Secret Access Key */ + }, + "", /* Session/security token */ }; #endif /* H5_HAVE_ROS3_VFD */ diff --git a/tools/src/h5stat/h5stat.c b/tools/src/h5stat/h5stat.c index f9ca18a..5cfa61d 100644 --- a/tools/src/h5stat/h5stat.c +++ b/tools/src/h5stat/h5stat.c @@ -119,12 +119,15 @@ static const char *drivername = NULL; #ifdef H5_HAVE_ROS3_VFD /* Default "anonymous" S3 configuration */ -static H5FD_ros3_fapl_t ros3_fa = { - 1, /* Structure Version */ - FALSE, /* Authenticate? */ - "", /* AWS Region */ - "", /* Access Key ID */ - "", /* Secret Access Key */ +static H5FD_ros3_fapl_ext_t ros3_fa = { + { + 1, /* Structure Version */ + FALSE, /* Authenticate? */ + "", /* AWS Region */ + "", /* Access Key ID */ + "", /* Secret Access Key */ + }, + "", /* Session/security token */ }; #endif /* H5_HAVE_ROS3_VFD */ |