rgw_ldap: merge cleanups

* match LDAPHelper op return codes to RGW (-POSIX)
* make temporary LDAP handle local (MT-safe)
* add required --encode and --ttype to usage
* use versioned encoding macros

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>

diff --git a/src/rgw/rgw_ldap.h b/src/rgw/rgw_ldap.h
index 62cff3cbde702c7bfcaf054c81900999d581d0ad..bf90d1a11596aba69f052bb6ae741571bf116c38 100644 (file)
--- a/src/rgw/rgw_ldap.h
+++ b/src/rgw/rgw_ldap.h
@@ -21,7 +21,7 @@ namespace rgw {
     std::string binddn;
     std::string searchdn;
     std::string memberattr;
-    LDAP *ldap, *tldap;
+    LDAP *ldap;
 
   public:
     LDAPHelper(std::string _uri, std::string _binddn, std::string _searchdn,
@@ -34,21 +34,23 @@ namespace rgw {
     int init() {
       int ret;
       ret = ldap_initialize(&ldap, uri.c_str());
-      return ret;
+      return (ret == LDAP_SUCCESS) ? ret : -EINVAL;
     }
 
     int bind() {
-      return ldap_simple_bind_s(ldap, nullptr, nullptr);
+      int ret;
+      ret = ldap_simple_bind_s(ldap, nullptr, nullptr);
+      return (ret == LDAP_SUCCESS) ? ret : -EINVAL;
     }
 
     int simple_bind(const char *dn, const std::string& pwd) {
+      LDAP* tldap;
       int ret = ldap_initialize(&tldap, uri.c_str());
       ret = ldap_simple_bind_s(tldap, dn, pwd.c_str());
       if (ret == LDAP_SUCCESS) {
        ldap_unbind(tldap);
-       return 0;
       }
-      return -1;
+      return ret; // OpenLDAP client error space
     }
 
     int auth(const std::string uid, const std::string pwd) {
@@ -66,12 +68,11 @@ namespace rgw {
       if (ret == LDAP_SUCCESS) {
        entry = ldap_first_entry(ldap, answer);
        char *dn = ldap_get_dn(ldap, entry);
-       //std::cout << dn << std::endl;
        ret = simple_bind(dn, pwd);
        ldap_memfree(dn);
        ldap_msgfree(answer);
       }
-      return ret;
+      return (ret == LDAP_SUCCESS) ? ret : -EACCES;
     }
 
     ~LDAPHelper() {

diff --git a/src/rgw/rgw_token.cc b/src/rgw/rgw_token.cc
index 95be3da8631a92da3b7ff4738db27f584b8b90a4..c4ae0f0cdfdb07feb6f9fe0009c1c47b67ee7059 100644 (file)
--- a/src/rgw/rgw_token.cc
+++ b/src/rgw/rgw_token.cc
@@ -49,9 +49,10 @@ namespace {
 
 void usage()
 {
-  cout << "usage: radosgw-token [options...]" << std::endl;
-  cout << "\t(maybe exporting RGW_ACCESS_KEY_ID and RGW_SECRET_ACCESS_KEY)"
+  cout << "usage: radosgw-token --encode --ttype=<token type> [options...]" << std::endl;
+  cout << "\t(maybe exporting RGW_ACCESS_KEY_ID and RGW_SECRET_ACCESS_KEY)"    
        << std::endl;
+  cout << "\t <token type> := ad | ldap" << std::endl;
   cout << "\n";
   generic_client_usage();
 }

diff --git a/src/rgw/rgw_token.h b/src/rgw/rgw_token.h
index df10314801cf91b416893473850a0cc4eb8ab002..7dce9a9ef3cebb776c4800b796d24ba1a8827dfc 100644 (file)
--- a/src/rgw/rgw_token.h
+++ b/src/rgw/rgw_token.h
@@ -93,23 +93,27 @@ namespace rgw {
     void encode(bufferlist& bl) const {
       uint32_t ver = version();
       string typestr{from_type(type)};
+      ENCODE_START(1, 1, bl);
       ::encode(type_name, bl);
       ::encode(ver, bl);
       ::encode(typestr, bl);
       ::encode(id, bl);
       ::encode(key, bl);
+      ENCODE_FINISH(bl);
     }
 
     void decode(bufferlist::iterator& bl) {
       string name;
       string typestr;
       uint32_t version;
+      DECODE_START(1, bl);
       ::decode(name, bl);
       ::decode(version, bl);
       ::decode(typestr, bl);
       type = to_type(typestr.c_str());
       ::decode(id, bl);
       ::decode(key, bl);
+      DECODE_FINISH(bl);
     }
 
     void dump(Formatter* f) const {