crimson: add AuthService

AuthService is introduced to allow Dispatchers to access to
authorizers, even if it is not chained with a Dispatcher implementing
Dispatcher::ms_get_authorizer(). in this case, we need to grant access to
Heartbeat class. it has its own messengers dedicated for heartbeat
traffic. it's mon::Client which provides the facilities of authorization
via Dispatcher interface.

we could just cast mon::Client to ceph::common::Dispatch for accessing
Dispatcher::ms_get_authorizer(), but i want to make this explicit using
AuthService. as the consumers of Dispatch inteface is messenger and
ChainedDispatcher not the domain specific classes.

in future, we need to either implement Auth{Client,Server} or adapt to
this machinery for msgr V2.

Signed-off-by: Kefu Chai <kchai@redhat.com>

diff --git a/src/crimson/common/auth_service.h b/src/crimson/common/auth_service.h
new file mode 100644 (file)
index 0000000..94c256d
--- /dev/null
+++ b/src/crimson/common/auth_service.h
@@ -0,0 +1,16 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+
+#pragma once
+
+#include "crimson/net/Fwd.h"
+
+class AuthAuthorizer;
+
+namespace ceph::common {
+class AuthService {
+public:
+  virtual AuthAuthorizer* get_authorizer(peer_type_t peer) const = 0;
+  virtual ~AuthService() = default;
+};
+}

diff --git a/src/crimson/mon/MonClient.cc b/src/crimson/mon/MonClient.cc
index dba89c9f5124df76f01bcd0dd2fde5217372dfde..5d4f6c66a00258527f9fd59592438466ab5529d1 100644 (file)
--- a/src/crimson/mon/MonClient.cc
+++ b/src/crimson/mon/MonClient.cc
@@ -372,6 +372,10 @@ AuthAuthorizer* Client::ms_get_authorizer(peer_type_t peer) const
   }
 }
 
+AuthAuthorizer* Client::get_authorizer(peer_type_t peer) const
+{
+  return ms_get_authorizer(peer);
+}
 
 seastar::future<> Client::handle_monmap(ceph::net::ConnectionRef conn,
                                         Ref<MMonMap> m)

diff --git a/src/crimson/mon/MonClient.h b/src/crimson/mon/MonClient.h
index ffce5b06d19cf72c7a68d9f1b411a32790b78c12..1d9e368a77f271a906c4bd41c8d9b79fc9537c9a 100644 (file)
--- a/src/crimson/mon/MonClient.h
+++ b/src/crimson/mon/MonClient.h
@@ -11,6 +11,7 @@
 
 #include "auth/KeyRing.h"
 
+#include "crimson/common/auth_service.h"
 #include "crimson/net/Dispatcher.h"
 #include "crimson/net/Fwd.h"
 
@@ -36,7 +37,9 @@ namespace ceph::mon {
 
 class Connection;
 
-class Client : public ceph::net::Dispatcher {
+class Client : public ceph::net::Dispatcher,
+              public ceph::common::AuthService
+{
   EntityName entity_name;
   KeyRing keyring;
   std::unique_ptr<AuthMethodList> auth_methods;
@@ -83,6 +86,8 @@ public:
   void sub_unwant(const std::string& what);
   bool sub_want_increment(const std::string& what, version_t start, unsigned flags);
   seastar::future<> renew_subs();
+  // AuthService methods
+  AuthAuthorizer* get_authorizer(peer_type_t peer) const override;
 
 private:
   void tick();

diff --git a/src/crimson/osd/heartbeat.cc b/src/crimson/osd/heartbeat.cc
index 6dfefb3ba6913463b0e7477bd42576be3bc91f38..c1efce85c2e41b57118adf84b004a9c564fd0708 100644 (file)
--- a/src/crimson/osd/heartbeat.cc
+++ b/src/crimson/osd/heartbeat.cc
@@ -5,6 +5,7 @@
 #include "messages/MOSDPing.h"
 #include "messages/MOSDFailure.h"
 
+#include "crimson/common/auth_service.h"
 #include "crimson/common/config_proxy.h"
 #include "crimson/net/Connection.h"
 #include "crimson/net/Messenger.h"
@@ -308,6 +309,11 @@ seastar::future<> Heartbeat::handle_you_died()
   return seastar::now();
 }
 
+AuthAuthorizer* Heartbeat::ms_get_authorizer(peer_type_t peer) const
+{
+  return monc.get_authorizer(peer);
+}
+
 seastar::future<> Heartbeat::send_heartbeats()
 {
   using peers_item_t = typename peers_map_t::value_type;

diff --git a/src/crimson/osd/heartbeat.h b/src/crimson/osd/heartbeat.h
index b5eb0f7c2d49ac64d617ef3e02680a68ac85d9f2..f1565cf466e3a9cf27c4fd3d74ce9f94b072f7c6 100644 (file)
--- a/src/crimson/osd/heartbeat.h
+++ b/src/crimson/osd/heartbeat.h
@@ -44,6 +44,7 @@ public:
   // Dispatcher methods
   seastar::future<> ms_dispatch(ceph::net::ConnectionRef conn,
                                MessageRef m) override;
+  AuthAuthorizer* ms_get_authorizer(peer_type_t peer) const override;
 
 private:
   seastar::future<> handle_osd_ping(ceph::net::ConnectionRef conn,