Make the CAPath option available on all OSes and change to throw on runtime on non-linux. (Azure#5207)

ahsonkhan · web-flow · commit 88242f3cf1c0 · 2024-01-10T17:16:50.000-08:00
* Make the CAPath option available on all OSes and change to throw on
runtime on non-linux.

* Address PR feedback, update test, and let curl fail on unsupported
platforms.
diff --git a/sdk/core/azure-core/inc/azure/core/http/curl_transport.hpp b/sdk/core/azure-core/inc/azure/core/http/curl_transport.hpp
@@ -123,7 +123,6 @@ namespace Azure { namespace Core { namespace Http {
      */
     std::string CAInfo;
 
-#if defined(AZ_PLATFORM_LINUX)
     /**
      * @brief Path to a directory which holds PEM encoded file, containing the certificate
      * authorities sent to libcurl handle directly.
@@ -135,7 +134,6 @@ namespace Azure { namespace Core { namespace Http {
      *
      */
     std::string CAPath;
-#endif
 
     /**
      * @brief All HTTP requests will keep the connection channel open to the service.
diff --git a/sdk/core/azure-core/src/http/curl/curl.cpp b/sdk/core/azure-core/src/http/curl/curl.cpp
@@ -1283,11 +1283,7 @@ inline std::string GetConnectionKey(std::string const& host, CurlTransportOption
   key.append(",");
   key.append(!options.CAInfo.empty() ? options.CAInfo : "0");
   key.append(",");
-#if defined(AZ_PLATFORM_LINUX)
   key.append(!options.CAPath.empty() ? options.CAPath : "0");
-#else
-  key.append("0"); // CAPath is always empty on Windows;
-#endif
   key.append(",");
   key.append(
       options.Proxy.HasValue() ? (options.Proxy.Value().empty() ? "NoProxy" : options.Proxy.Value())
@@ -2320,7 +2316,6 @@ CurlConnection::CurlConnection(
     }
   }
 
-#if defined(AZ_PLATFORM_LINUX)
   if (!options.CAPath.empty())
   {
     if (!SetLibcurlOption(m_handle, CURLOPT_CAPATH, options.CAPath.c_str(), &result))
@@ -2331,7 +2326,6 @@ CurlConnection::CurlConnection(
           + std::string(curl_easy_strerror(result)));
     }
   }
-#endif
 
 #if LIBCURL_VERSION_NUM >= 0x074D00 // 7.77.0
   if (!options.SslOptions.PemEncodedExpectedRootCertificates.empty())
diff --git a/sdk/core/azure-core/test/ut/curl_options_test.cpp b/sdk/core/azure-core/test/ut/curl_options_test.cpp
@@ -235,10 +235,10 @@ namespace Azure { namespace Core { namespace Test {
                         .ConnectionPoolIndex.clear());
   }
 
-#if defined(AZ_PLATFORM_LINUX)
   TEST(CurlTransportOptions, setCADirectory)
   {
     Azure::Core::Http::CurlTransportOptions curlOptions;
+#if defined(AZ_PLATFORM_LINUX)
     // openssl default cert location will be used only if environment variable SSL_CERT_DIR
     // is not set
     const char* ca = getenv(X509_get_default_cert_dir_env());
@@ -250,6 +250,9 @@ namespace Azure { namespace Core { namespace Test {
     {
       curlOptions.CAPath = X509_get_default_cert_dir();
     }
+#else
+    curlOptions.CAPath = "UnsupportedPathOnWindows";
+#endif
 
     auto transportAdapter = std::make_shared<Azure::Core::Http::CurlTransport>(curlOptions);
     Azure::Core::Http::Policies::TransportOptions options;
@@ -265,6 +268,7 @@ namespace Azure { namespace Core { namespace Test {
     Azure::Core::Url url(AzureSdkHttpbinServer::Get());
     Azure::Core::Http::Request request(Azure::Core::Http::HttpMethod::Get, url);
 
+#if defined(AZ_PLATFORM_LINUX)
     std::unique_ptr<Azure::Core::Http::RawResponse> response;
     EXPECT_NO_THROW(response = pipeline.Send(request, Azure::Core::Context::ApplicationContext));
     EXPECT_EQ(response->GetStatusCode(), Azure::Core::Http::HttpStatusCode::Ok);
@@ -273,8 +277,24 @@ namespace Azure { namespace Core { namespace Test {
     // app-destruction
     EXPECT_NO_THROW(Azure::Core::Http::_detail::CurlConnectionPool::g_curlConnectionPool
                         .ConnectionPoolIndex.clear());
-  }
+#else
+    EXPECT_THROW(
+        pipeline.Send(request, Azure::Core::Context::ApplicationContext),
+        Azure::Core::Http::TransportException);
+    try
+    {
+      pipeline.Send(request, Azure::Core::Context::ApplicationContext);
+    }
+    catch (Azure::Core::Http::TransportException& e)
+    {
+      EXPECT_TRUE(
+          std::string(e.what()).find(
+              "A requested feature, protocol or option was not found built-in "
+              "in this libcurl due to a build-time decision.")
+          != std::string::npos);
+    }
 #endif
+  }
 
   TEST(CurlTransportOptions, httpsDefault)
   {

Original file line number	Diff line number	Diff line change
`@@ -1283,11 +1283,7 @@ inline std::string GetConnectionKey(std::string const& host, CurlTransportOption`
`1283`	`1283`	`key.append(",");`
`1284`	`1284`	`key.append(!options.CAInfo.empty() ? options.CAInfo : "0");`
`1285`	`1285`	`key.append(",");`
`1286`		`-#if defined(AZ_PLATFORM_LINUX)`
`1287`	`1286`	`key.append(!options.CAPath.empty() ? options.CAPath : "0");`
`1288`		`-#else`
`1289`		`- key.append("0"); // CAPath is always empty on Windows;`
`1290`		`-#endif`
`1291`	`1287`	`key.append(",");`
`1292`	`1288`	`key.append(`
`1293`	`1289`	`options.Proxy.HasValue() ? (options.Proxy.Value().empty() ? "NoProxy" : options.Proxy.Value())`
`@@ -2320,7 +2316,6 @@ CurlConnection::CurlConnection(`
`2320`	`2316`	`}`
`2321`	`2317`	`}`
`2322`	`2318`
`2323`		`-#if defined(AZ_PLATFORM_LINUX)`
`2324`	`2319`	`if (!options.CAPath.empty())`
`2325`	`2320`	`{`
`2326`	`2321`	`if (!SetLibcurlOption(m_handle, CURLOPT_CAPATH, options.CAPath.c_str(), &result))`
`@@ -2331,7 +2326,6 @@ CurlConnection::CurlConnection(`
`2331`	`2326`	`+ std::string(curl_easy_strerror(result)));`
`2332`	`2327`	`}`
`2333`	`2328`	`}`
`2334`		`-#endif`
`2335`	`2329`
`2336`	`2330`	`#if LIBCURL_VERSION_NUM >= 0x074D00 // 7.77.0`
`2337`	`2331`	`if (!options.SslOptions.PemEncodedExpectedRootCertificates.empty())`