auth: pass mon caps to the session

author Yehuda Sadeh <yehuda@hq.newdream.net>

Fri, 23 Oct 2009 22:47:05 +0000 (15:47 -0700)

committer Yehuda Sadeh <yehuda@hq.newdream.net>

Fri, 23 Oct 2009 22:50:35 +0000 (15:50 -0700)
author Yehuda Sadeh <yehuda@hq.newdream.net>
Fri, 23 Oct 2009 22:47:05 +0000 (15:47 -0700)
committer Yehuda Sadeh <yehuda@hq.newdream.net>
Fri, 23 Oct 2009 22:50:35 +0000 (15:50 -0700)
diff --git a/src/auth/AuthServiceHandler.h b/src/auth/AuthServiceHandler.h

index 1cc0f3d117ad6435723bdf16cef610031a5cd313..88702236f45906bff944fef922a012b16ebdf302 100644 (file)
--- a/src/auth/AuthServiceHandler.h
+++ b/src/auth/AuthServiceHandler.h
@@ -24,7 +24,7 @@ struct AuthServiceHandler {
    virtual ~AuthServiceHandler() { }
  
    virtual int start_session(bufferlist& result) = 0;
-  virtual int handle_request(bufferlist::iterator& indata, bufferlist& result) = 0;
+  virtual int handle_request(bufferlist::iterator& indata, bufferlist& result, bufferlist& caps) = 0;
  };
  
  extern AuthServiceHandler *get_auth_service_handler(KeyServer *ks, set<__u32>& supported);
diff --git a/src/auth/cephx/CephxKeyServer.cc b/src/auth/cephx/CephxKeyServer.cc

index 436768497c96ce769ac242b631fce096b0ee229a..30d490fc12ba11afdffdc4320af84db2ccf6dc96 100644 (file)
--- a/src/auth/cephx/CephxKeyServer.cc
+++ b/src/auth/cephx/CephxKeyServer.cc
@@ -314,6 +314,20 @@ bool KeyServer::get_rotating_encrypted(EntityName& name, bufferlist& enc_bl)
    return true;
  }
  
+bool KeyServer::_get_service_caps(EntityName& name, uint32_t service_id, bufferlist& caps)
+{
+  string s = ceph_entity_type_name(service_id);
+
+  return data.get_caps(name, s, caps);
+}
+
+bool KeyServer::get_service_caps(EntityName& name, uint32_t service_id, bufferlist& caps)
+{
+  Mutex::Locker l(lock);
+  return _get_service_caps(name, service_id, caps);
+}
+
+
  int KeyServer::_build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info)
  {
    info.ticket.name = auth_ticket_info.ticket.name;
diff --git a/src/auth/cephx/CephxKeyServer.h b/src/auth/cephx/CephxKeyServer.h

index b217b6d7f7cde2a9bdbb027f968e2ab6c0381e6e..e9d92831310fe67ffb6735c99cf9da60b64484df 100644 (file)
--- a/src/auth/cephx/CephxKeyServer.h
+++ b/src/auth/cephx/CephxKeyServer.h
@@ -161,6 +161,7 @@ class KeyServer : public KeyStore {
    void _generate_all_rotating_secrets(bool init);
    bool _check_rotate();
    int _build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info);
+  bool _get_service_caps(EntityName& name, uint32_t service_id, bufferlist& caps);
  public:
    KeyServer();
  
@@ -229,6 +230,7 @@ public:
    bool get_rotating_encrypted(EntityName& name, bufferlist& enc_bl);
  
    Mutex& get_lock() { return lock; }
+  bool get_service_caps(EntityName& name, uint32_t service_id, bufferlist& caps);
  };
  WRITE_CLASS_ENCODER(KeyServer);
  
diff --git a/src/auth/cephx/CephxServiceHandler.cc b/src/auth/cephx/CephxServiceHandler.cc

index 47adee1e68633f02aa1ed6b0cf18f37b168f7a29..dd19c6c42c8484c9cf88ebfc642b664a049c7e30 100644 (file)
--- a/src/auth/cephx/CephxServiceHandler.cc
+++ b/src/auth/cephx/CephxServiceHandler.cc
@@ -36,7 +36,7 @@ int CephxServiceHandler::start_session(bufferlist& result_bl)
    return CEPH_AUTH_CEPHX;
  }
  
-int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist& result_bl)
+int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist& result_bl, bufferlist& caps)
  {
    int ret = 0;
  
@@ -117,6 +117,10 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
          ret = -EIO;
          break;
        }
+
+      if (!key_server->get_service_caps(entity_name, CEPH_ENTITY_TYPE_MON, caps)) {
+        dout(0) << "could not get mon caps for " << entity_name << dendl;
+      }
      }
      break;
  
diff --git a/src/auth/cephx/CephxServiceHandler.h b/src/auth/cephx/CephxServiceHandler.h

index 336786e134dac3523043edb6e9d10d186b80a5eb..5abbab28e43f66777d100e9b92fa4948335ecb51 100644 (file)
--- a/src/auth/cephx/CephxServiceHandler.h
+++ b/src/auth/cephx/CephxServiceHandler.h
@@ -31,7 +31,7 @@ public:
    ~CephxServiceHandler() {}
    
    int start_session(bufferlist& result_bl);
-  int handle_request(bufferlist::iterator& indata, bufferlist& result_bl);
+  int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, bufferlist& caps);
    void build_cephx_response_header(int request_type, int status, bufferlist& bl);
  };
  
diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc

index d6666005fdaab818d72d561a852816c9e647a34f..5cc4b3b4a9637f58f4d512c63506a44ef7809254 100644 (file)
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -258,9 +258,10 @@ bool AuthMonitor::preprocess_auth(MAuth *m)
  {
    dout(0) << "preprocess_auth() blob_size=" << m->get_auth_payload().length() << dendl;
    int ret = 0;
+  bufferlist caps;
+  MAuthReply *reply;
  
    Session *s = (Session *)m->get_connection()->get_priv();
-  s->put();
  
    bufferlist response_bl;
    bufferlist::iterator indata = m->auth_payload.begin();
@@ -293,20 +294,25 @@ bool AuthMonitor::preprocess_auth(MAuth *m)
    } else if (s->auth_handler) {
      // handle the request
      try {
-      ret = s->auth_handler->handle_request(indata, response_bl);
+      ret = s->auth_handler->handle_request(indata, response_bl, caps);
+      if (caps.length()) {
+        s->caps.parse(caps);
+      }
      } catch (buffer::error *err) {
        ret = -EINVAL;
        dout(0) << "caught error when trying to handle auth request, probably malformed request" << dendl;
      }
      if (ret == -EIO) {
        paxos->wait_for_active(new C_RetryMessage(this, m));
-      return true;
+      goto done;
      }
    } else {
      ret = -EINVAL;  // no protocol selected?
    }
-  MAuthReply *reply = new MAuthReply(proto, &response_bl, ret);
+  reply = new MAuthReply(proto, &response_bl, ret);
    mon->messenger->send_message(reply, m->get_orig_source_inst());
+done:
+  s->put();
    return true;
  }
  
diff --git a/src/mon/Session.h b/src/mon/Session.h

index d2b7b8cae070da2ecf355c9e53b5c2c05cc58cd8..8da590ae452c037b078bf5009fff54b5c2335ef7 100644 (file)
--- a/src/mon/Session.h
+++ b/src/mon/Session.h
@@ -32,6 +32,12 @@ struct Subscription {
    Subscription(Session *s, const nstring& t) : session(s), type(t), type_item(this) {};
  };
  
+class MonCaps {
+  bool get_next_token(string s, size_t& pos, string& token);
+public:
+  MonCaps() {}
+  bool parse(bufferlist& bl) { return true; }
+};
  
  struct Session : public RefCountedObject {
    entity_inst_t inst;
@@ -39,6 +45,7 @@ struct Session : public RefCountedObject {
    bool closed;
    xlist<Session*>::item item;
    set<__u64> routed_request_tids;
+  MonCaps caps;
  
    map<nstring, Subscription*> sub_map;
author	Yehuda Sadeh <yehuda@hq.newdream.net>
	Fri, 23 Oct 2009 22:47:05 +0000 (15:47 -0700)
committer	Yehuda Sadeh <yehuda@hq.newdream.net>
	Fri, 23 Oct 2009 22:50:35 +0000 (15:50 -0700)
src/auth/AuthServiceHandler.h		patch \| blob \| history
src/auth/cephx/CephxKeyServer.cc		patch \| blob \| history
src/auth/cephx/CephxKeyServer.h		patch \| blob \| history
src/auth/cephx/CephxServiceHandler.cc		patch \| blob \| history
src/auth/cephx/CephxServiceHandler.h		patch \| blob \| history
src/mon/AuthMonitor.cc		patch \| blob \| history
src/mon/Session.h		patch \| blob \| history