1 files changed, 75 insertions, 3 deletions

diff --git a/src/config.c b/src/config.c
index 1d3f1b7..d3c8a66 100644
--- a/src/config.c
+++ b/src/config.c
@@ -254,6 +254,72 @@ cb_ssl(enum grecs_callback_command cmd,
 	return 0;
 }
 
+static int
+cb_authentication_provider(enum grecs_callback_command cmd,
+			   grecs_locus_t *locus,
+			   void *varptr,
+			   grecs_value_t *value,
+			   void *cb_data)
+{
+	char *s;
+	
+	if (cmd != grecs_callback_set_value) {
+		grecs_error(locus, 0, "Unexpected block statement");
+		return 1;
+	}
+	if (!value || value->type != GRECS_TYPE_ARRAY || value->v.arg.c != 2) {
+		grecs_error(locus, 0, "expected two values");
+		return 1;
+	}
+	if (value->v.arg.v[0]->type != GRECS_TYPE_STRING) {
+		grecs_error(&value->v.arg.v[0]->locus, 0,
+			    "first argument not a string");
+		return 1;
+	}
+	if (value->v.arg.v[1]->type != GRECS_TYPE_STRING) {
+		grecs_error(&value->v.arg.v[1]->locus, 0,
+			    "second argument not a string");
+		return 1;
+	}
+
+	s = value->v.arg.v[0]->v.string;
+	
+	if (strcmp(s, "file") == 0) {
+		authentication_provider = authp_file;
+		free(access_file_name);
+		access_file_name = grecs_strdup(value->v.arg.v[1]->v.string);
+	} else if (strcmp(s, "instance-store") == 0) {
+		authentication_provider = authp_instance;
+		free(access_key);
+		access_key = grecs_strdup(value->v.arg.v[1]->v.string);
+	} else {
+		grecs_error(&value->locus, 0, "unknown provider");
+	}
+	return 0;
+}
+
+static int
+cb_access_file(enum grecs_callback_command cmd,
+	       grecs_locus_t *locus,
+	       void *varptr,
+	       grecs_value_t *value,
+	       void *cb_data)
+{
+	if (cmd != grecs_callback_set_value) {
+		grecs_error(locus, 0, "Unexpected block statement");
+		return 1;
+	}
+	if (!value || value->type != GRECS_TYPE_STRING) {
+		grecs_error(locus, 0, "expected string value");
+		return 1;
+	}
+
+	authentication_provider = authp_file;
+	free(*(char**)varptr);
+	*(char**)varptr = grecs_strdup(value->v.string);
+	return 0;
+}
+
 static struct grecs_keyword eclat_kw[] = {
 	{ "default-endpoint", "hostname",
 	  "Set default EC2 endpoint",
@@ -264,9 +330,15 @@ static struct grecs_keyword eclat_kw[] = {
 	{ "signature-version", "version",
 	  "Signature version",
 	  grecs_type_string, GRECS_DFLT, &signature_version },
-	{ "access-file", "file",
-	  "Specify a file containing `accessID:accessKey' pairs",
-	  grecs_type_string, GRECS_DFLT, &access_file_name },
+	{ "authentication-provider", "<type: file|instance-store> <arg: string>",
+	  "Define authentication provider.",
+	  grecs_type_string, GRECS_DFLT, NULL, 0, cb_authentication_provider },
+	{ "access-file", "name",
+	  "A shorthand for\n"
+	  "  authentication-provider file <name>\n"
+	  "Specifies a file containing `accessID:accessKey' pairs.",
+	  grecs_type_string, GRECS_DFLT, &access_file_name, 0,
+	  cb_access_file },
 	{ "default-region", "name",
 	  "Define default AWS region",
 	  grecs_type_string, GRECS_DFLT, &region_name },