auth: separate writes of build_request() into prepare_build_request()

validate_tickets() updates internal state, as does
tickets.get_handler(). Move them into a new method called before
build_request() so build_request() can be declared const.

Signed-off-by: Josh Durgin <josh.durgin@inktank.com>

diff --git a/src/auth/AuthClientHandler.h b/src/auth/AuthClientHandler.h
index ec86ce875608d4bec8539fb24a717e80263a4c91..6a22140f7287b9acd77c51d049663992e076aaaf 100644 (file)
--- a/src/auth/AuthClientHandler.h
+++ b/src/auth/AuthClientHandler.h
@@ -61,6 +61,7 @@ public:
   virtual int get_protocol() = 0;
 
   virtual void reset() = 0;
+  virtual void prepare_build_request() = 0;
   virtual int build_request(bufferlist& bl) = 0;
   virtual int handle_response(int ret, bufferlist::iterator& iter) = 0;
   virtual bool build_rotating_request(bufferlist& bl) = 0;

diff --git a/src/auth/cephx/CephxClientHandler.cc b/src/auth/cephx/CephxClientHandler.cc
index 8a8f44da697623411134b03a6860a9e99bcf9c00..7df5658c7db48aecdd5da368c57b8bbd19022b88 100644 (file)
--- a/src/auth/cephx/CephxClientHandler.cc
+++ b/src/auth/cephx/CephxClientHandler.cc
@@ -31,16 +31,7 @@ int CephxClientHandler::build_request(bufferlist& bl)
 {
   ldout(cct, 10) << "build_request" << dendl;
 
-  ldout(cct, 10) << "validate_tickets: want=" << want << " need=" << need << " have=" << have << dendl;
-
-  lock.get_write();
-  validate_tickets();
-  lock.put_write();
-
   RWLock::RLocker l(lock);
-  ldout(cct, 10) << "want=" << want << " need=" << need << " have=" << have << dendl;
-
-  CephXTicketHandler& ticket_handler = tickets.get_handler(CEPH_ENTITY_TYPE_AUTH);
 
   if (need & CEPH_ENTITY_TYPE_AUTH) {
     /* authenticate */
@@ -61,7 +52,7 @@ int CephxClientHandler::build_request(bufferlist& bl)
       return -EIO;
     }
 
-    req.old_ticket = ticket_handler.ticket;
+    req.old_ticket = ticket_handler->ticket;
 
     if (req.old_ticket.blob.length()) {
       ldout(cct, 20) << "old ticket len=" << req.old_ticket.blob.length() << dendl;
@@ -81,7 +72,7 @@ int CephxClientHandler::build_request(bufferlist& bl)
     header.request_type = CEPHX_GET_PRINCIPAL_SESSION_KEY;
     ::encode(header, bl);
 
-    CephXAuthorizer *authorizer = ticket_handler.build_authorizer(global_id);
+    CephXAuthorizer *authorizer = ticket_handler->build_authorizer(global_id);
     if (!authorizer)
       return -EINVAL;
     bl.claim_append(authorizer->bl);
@@ -198,6 +189,18 @@ bool CephxClientHandler::build_rotating_request(bufferlist& bl)
   return true;
 }
 
+void CephxClientHandler::prepare_build_request()
+{
+  RWLock::WLocker l(lock);
+  ldout(cct, 10) << "validate_tickets: want=" << want << " need=" << need
+                << " have=" << have << dendl;
+  validate_tickets();
+  ldout(cct, 10) << "want=" << want << " need=" << need << " have=" << have
+                << dendl;
+
+  ticket_handler = &(tickets.get_handler(CEPH_ENTITY_TYPE_AUTH));
+}
+
 void CephxClientHandler::validate_tickets()
 {
   // lock should be held for write

diff --git a/src/auth/cephx/CephxClientHandler.h b/src/auth/cephx/CephxClientHandler.h
index eb0f5b64f11d879c6c3e2d1c478fcb123ddf90a8..024cfb990aa8a64b81a7d19737900c5f618ea3e5 100644 (file)
--- a/src/auth/cephx/CephxClientHandler.h
+++ b/src/auth/cephx/CephxClientHandler.h
@@ -27,7 +27,8 @@ class CephxClientHandler : public AuthClientHandler {
   uint64_t server_challenge;
   
   CephXTicketManager tickets;
-  
+  CephXTicketHandler* ticket_handler;
+
   RotatingKeyRing *rotating_secrets;
   KeyRing *keyring;
 
@@ -37,6 +38,7 @@ public:
       starting(false),
       server_challenge(0),
       tickets(cct_),
+      ticket_handler(NULL),
       rotating_secrets(rsecrets),
       keyring(rsecrets->get_keyring())
   {
@@ -48,6 +50,7 @@ public:
     starting = true;
     server_challenge = 0;
   }
+  void prepare_build_request();
   int build_request(bufferlist& bl);
   int handle_response(int ret, bufferlist::iterator& iter);
   bool build_rotating_request(bufferlist& bl);

diff --git a/src/auth/none/AuthNoneClientHandler.h b/src/auth/none/AuthNoneClientHandler.h
index d86a02a1602180bd31a43b04c606d16e70415af4..509ada8d454f660a5991eee772b04d9ffcb37e09 100644 (file)
--- a/src/auth/none/AuthNoneClientHandler.h
+++ b/src/auth/none/AuthNoneClientHandler.h
@@ -27,6 +27,7 @@ public:
 
   void reset() { }
 
+  void prepare_build_request() {}
   int build_request(bufferlist& bl) { return 0; }
   int handle_response(int ret, bufferlist::iterator& iter) { return 0; }
   bool build_rotating_request(bufferlist& bl) { return false; }

diff --git a/src/auth/unknown/AuthUnknownClientHandler.h b/src/auth/unknown/AuthUnknownClientHandler.h
index ba30eced508abcc16a4dc2693298c2e69b97b7f8..71ff0f4faed19098551c9899b947e5d1ceac7fd3 100644 (file)
--- a/src/auth/unknown/AuthUnknownClientHandler.h
+++ b/src/auth/unknown/AuthUnknownClientHandler.h
@@ -27,6 +27,7 @@ public:
 
   void reset() { }
 
+  void prepare_build_request() {}
   int build_request(bufferlist& bl) { return 0; }
   int handle_response(int ret, bufferlist::iterator& iter) { return 0; }
   bool build_rotating_request(bufferlist& bl) { return false; }

diff --git a/src/mon/MonClient.cc b/src/mon/MonClient.cc
index af76476f8ce83a69a6b4a2d76c4bef4ac5286950..f30be1b05f55cdc76a33f97fbbde818c8a9f4dda 100644 (file)
--- a/src/mon/MonClient.cc
+++ b/src/mon/MonClient.cc
@@ -504,6 +504,7 @@ void MonClient::handle_auth(MAuthReply *m)
   if (ret == -EAGAIN) {
     MAuth *ma = new MAuth;
     ma->protocol = auth->get_protocol();
+    auth->prepare_build_request();
     ret = auth->build_request(ma->auth_payload);
     _send_mon_message(ma, true);
     return;
@@ -777,6 +778,7 @@ int MonClient::_check_auth_tickets()
       ldout(cct, 10) << "_check_auth_tickets getting new tickets!" << dendl;
       MAuth *m = new MAuth;
       m->protocol = auth->get_protocol();
+      auth->prepare_build_request();
       auth->build_request(m->auth_payload);
       _send_mon_message(m);
     }