From 3abcf76255c7fde50fa0e497d965fc82463cf235 Mon Sep 17 00:00:00 2001 From: Silvio Sepulveda Date: Tue, 5 Nov 2024 15:45:58 +0100 Subject: [PATCH] chore: support riak credentials parameters --- src/krc.erl | 2 +- src/krc_server.erl | 30 +++++++++++++++++++++++++++++- 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/src/krc.erl b/src/krc.erl index 2fe5821..2a9cf0a 100644 --- a/src/krc.erl +++ b/src/krc.erl @@ -470,7 +470,7 @@ conflict_ok_test() -> {ok, Obj} = get(krc_server, B, K, - fun(V1, V2) -> erlang:max(V1, V2) end), + fun(Val1, Val2) -> erlang:max(Val1, Val2) end), true = erlang:max(V1, V2) =:= krc_obj:val(Obj) end). diff --git a/src/krc_server.erl b/src/krc_server.erl index 038ebeb..2496396 100644 --- a/src/krc_server.erl +++ b/src/krc_server.erl @@ -363,7 +363,35 @@ opts(set_bucket)-> []. %% Connections copts() -> [ {auto_reconnect, false} %exit on TCP/IP error - ]. + ] ++ sopts(). + +%% Security options +sopts() -> + RiakUser = application:get_env(?APP, riak_user, undefined), + RiakPass = application:get_env(?APP, riak_pass, ""), + CACert = application:get_env(?APP, riak_cacertfile, undefined), + SSLOpts = application:get_env(?APP, riak_ssl_opts, []), + + %% Only used when using certificate-based authentication + RiakCertFile = application:get_env(?APP, riak_certfile, undefined), + RiakKeyFile = application:get_env(?APP, riak_keyfile, undefined), + + RiakCerts = + case RiakCertFile =/= undefined andalso RiakKeyFile =/= undefined of + true -> [{certfile, RiakCertFile}, {keyfile, RiakKeyFile}]; + false -> [] + end, + + %% These two options are the minimum required ones for security to work + case RiakUser =/= undefined andalso CACert =/= undefined of + true -> + [ {credentials, RiakUser, RiakPass} + , {cacertfile, CACert} + , {ssl_opts, SSLOpts} + | RiakCerts ]; + false -> + [] + end. %% Reads ropts() ->