rgw ldap: move conditional LDAPEngine init into it's ctor

rgw::auth::ExternalAuthStrategy defines an LDAPEngine in a
ctor-initializer list, making it too late to conditionally initialize
-it- in ExternalAuthStrategy's ctor.

Fixes: https://tracker.ceph.com/issues/24228
Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit 97e6c9dac7ca9050d7b16ac160120acbe6ddc33c)

diff --git a/src/rgw/rgw_auth_s3.h b/src/rgw/rgw_auth_s3.h
index d3b6e44b74cbdda46c12b935a3673a192e0e2e15..0917c52c18214a5589276a815e69e7f851d098f1 100644 (file)
--- a/src/rgw/rgw_auth_s3.h
+++ b/src/rgw/rgw_auth_s3.h
@@ -75,8 +75,7 @@ public:
 
     }
 
-    if (cct->_conf->rgw_s3_auth_use_ldap &&
-        ! cct->_conf->rgw_ldap_uri.empty()) {
+    if (ldap_engine.valid()) {
       add_engine(Control::SUFFICIENT, ldap_engine);
     }
   }

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 67d0712f1f1b37b6339862fbff96f526ada2a2ce..9ed0563fb66cff11403a3b26ff5f471cd5eabfa2 100644 (file)
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -4115,6 +4115,11 @@ std::mutex rgw::auth::s3::LDAPEngine::mtx;
 
 void rgw::auth::s3::LDAPEngine::init(CephContext* const cct)
 {
+  if (! cct->_conf->rgw_s3_auth_use_ldap ||
+      ! cct->_conf->rgw_ldap_uri.empty()) {
+    return;
+  }
+
   if (! ldh) {
     std::lock_guard<std::mutex> lck(mtx);
     if (! ldh) {
@@ -4134,6 +4139,11 @@ void rgw::auth::s3::LDAPEngine::init(CephContext* const cct)
   }
 }
 
+bool rgw::auth::s3::LDAPEngine::valid() {
+  std::lock_guard<std::mutex> lck(mtx);
+  return (!!ldh);
+}
+
 rgw::auth::RemoteApplier::acl_strategy_t
 rgw::auth::s3::LDAPEngine::get_acl_strategy() const
 {

diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h
index 9e5ef4316aeb00d77cb614e3f7145b738ebd137b..919e7c5a0ced1dd228f1d72071ae618e34a9ee49 100644 (file)
--- a/src/rgw/rgw_rest_s3.h
+++ b/src/rgw/rgw_rest_s3.h
@@ -846,6 +846,7 @@ public:
     return "rgw::auth::s3::LDAPEngine";
   }
 
+  static bool valid();
   static void shutdown();
 };