#pragma once
+#include <cstdint>
+#include <string>
+#include <tuple>
#include <vector>
+#include "include/buffer_fwd.h"
#include "crimson/net/Fwd.h"
class CryptoKey;
using std::logic_error::logic_error;
};
+using method_t = uint32_t;
+
// TODO: revisit interfaces for non-dummy implementations
class AuthClient {
public:
virtual ~AuthClient() {}
- // Build an authentication request to begin the handshake
- virtual int get_auth_request(
- ceph::net::ConnectionRef conn,
- AuthConnectionMetaRef auth_meta,
- uint32_t *method,
- std::vector<uint32_t> *preferred_modes,
- bufferlist *out) = 0;
+ /// Build an authentication request to begin the handshake
+ ///
+ /// @throw auth::error if unable to build the request
+ virtual std::tuple<method_t, // auth method
+ std::vector<uint32_t>, // preferred modes
+ ceph::bufferlist> // auth bl
+ get_auth_request(ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta) = 0;
- // Handle server's request to continue the handshake
- virtual int handle_auth_reply_more(
+ /// Handle server's request to continue the handshake
+ ///
+ /// @throw auth::error if unable to build the request
+ virtual ceph::bufferlist handle_auth_reply_more(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
- const bufferlist& bl,
- bufferlist *reply) = 0;
+ const ceph::bufferlist& bl) = 0;
- // Handle server's indication that authentication succeeded
+ /// Handle server's indication that authentication succeeded
+ ///
+ /// @return 0 if authenticated, a negative number otherwise
virtual int handle_auth_done(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
uint64_t global_id,
uint32_t con_mode,
- const bufferlist& bl,
- CryptoKey *session_key,
- std::string *connection_secret) = 0;
+ const bufferlist& bl) = 0;
- // Handle server's indication that the previous auth attempt failed
+ /// Handle server's indication that the previous auth attempt failed
+ ///
+ /// @return 0 if will try next auth method, a negative number if we have no
+ /// more options
virtual int handle_auth_bad_method(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
return nullptr;
}
- int get_auth_request(
+ std::tuple<uint32_t, std::vector<uint32_t>, bufferlist> get_auth_request(
ceph::net::ConnectionRef conn,
- AuthConnectionMetaRef auth_meta,
- uint32_t *method,
- std::vector<uint32_t> *preferred_modes,
- bufferlist *out) override {
- *method = CEPH_AUTH_NONE;
- *preferred_modes = { CEPH_CON_MODE_CRC };
- return 0;
+ AuthConnectionMetaRef auth_meta) override {
+ return {CEPH_AUTH_NONE, {CEPH_CON_MODE_CRC}, {}};
}
- int handle_auth_reply_more(
+ ceph::bufferlist handle_auth_reply_more(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
- const bufferlist& bl,
- bufferlist *reply) override {
+ const bufferlist& bl) override {
ceph_abort();
}
AuthConnectionMetaRef auth_meta,
uint64_t global_id,
uint32_t con_mode,
- const bufferlist& bl,
- CryptoKey *session_key,
- std::string *connection_secret) {
+ const bufferlist& bl) override {
return 0;
}
logger().debug("{} auth reply more len={}",
conn, auth_more.auth_payload().length());
ceph_assert(messenger.get_auth_client());
- ceph::bufferlist reply;
- int r = messenger.get_auth_client()->handle_auth_reply_more(
- conn.shared_from_this(), auth_meta, auth_more.auth_payload(), &reply);
- if (r < 0) {
- logger().error("{} auth_client handle_auth_reply_more returned {}",
- conn, r);
- abort_in_fault();
- }
+ // let execute_connecting() take care of the thrown exception
+ auto reply = messenger.get_auth_client()->handle_auth_reply_more(
+ conn.shared_from_this(), auth_meta, auth_more.auth_payload());
auto more_reply = AuthRequestMoreFrame::Encode(reply);
return write_frame(more_reply);
}).then([this] {
conn.shared_from_this(), auth_meta,
auth_done.global_id(),
auth_done.con_mode(),
- auth_done.auth_payload(),
- &auth_meta->session_key,
- &auth_meta->connection_secret);
+ auth_done.auth_payload());
if (r < 0) {
logger().error("{} auth_client handle_auth_done returned {}", conn, r);
abort_in_fault();
// send_auth_request() logic
ceph_assert(messenger.get_auth_client());
- bufferlist bl;
- vector<uint32_t> preferred_modes;
- int r = messenger.get_auth_client()->get_auth_request(
- conn.shared_from_this(), auth_meta, &auth_meta->auth_method,
- &preferred_modes, &bl);
- if (r < 0) {
- logger().error("{} get_initial_auth_request returned {}", conn, r);
+ try {
+ auto [auth_method, preferred_modes, bl] =
+ messenger.get_auth_client()->get_auth_request(conn.shared_from_this(), auth_meta);
+ auth_meta->auth_method = auth_method;
+ auto frame = AuthRequestFrame::Encode(auth_method, preferred_modes, bl);
+ return write_frame(frame).then([this] {
+ return handle_auth_reply();
+ });
+ } catch (const ceph::auth::error& e) {
+ logger().error("{} get_initial_auth_request returned {}", conn, e);
dispatch_reset();
abort_in_close();
+ return seastar::now();
}
-
- auto frame = AuthRequestFrame::Encode(auth_meta->auth_method, preferred_modes, bl);
- return write_frame(frame).then([this] {
- return handle_auth_reply();
- });
}
seastar::future<bool> ProtocolV2::process_wait()
projects / ceph.git / commitdiff