--- /dev/null
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+
+#pragma once
+
+#include <vector>
+#include "crimson/net/Fwd.h"
+
+class CryptoKey;
+
+namespace ceph::auth {
+
+// TODO: revisit interfaces for non-dummy implementations
+class AuthClient {
+public:
+ virtual ~AuthClient() {}
+
+ // Build an authentication request to begin the handshake
+ virtual int get_auth_request(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ uint32_t *method,
+ std::vector<uint32_t> *preferred_modes,
+ bufferlist *out) = 0;
+
+ // Handle server's request to continue the handshake
+ virtual int handle_auth_reply_more(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ const bufferlist& bl,
+ bufferlist *reply) = 0;
+
+ // Handle server's indication that authentication succeeded
+ virtual int handle_auth_done(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ uint64_t global_id,
+ uint32_t con_mode,
+ const bufferlist& bl,
+ CryptoKey *session_key,
+ std::string *connection_secret) = 0;
+
+ // Handle server's indication that the previous auth attempt failed
+ virtual int handle_auth_bad_method(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ uint32_t old_auth_method,
+ int result,
+ const std::vector<uint32_t>& allowed_methods,
+ const std::vector<uint32_t>& allowed_modes) = 0;
+};
+
+} // namespace ceph::auth
--- /dev/null
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+
+#pragma once
+
+#include <vector>
+#include "auth/AuthAuthorizeHandler.h"
+#include "crimson/net/Fwd.h"
+
+namespace ceph::auth {
+
+// TODO: revisit interfaces for non-dummy implementations
+class AuthServer {
+public:
+ // TODO:
+ // AuthRegistry auth_registry;
+
+ AuthServer() {}
+ virtual ~AuthServer() {}
+
+ // Get authentication methods and connection modes for the given peer type
+ virtual void get_supported_auth_methods(
+ int peer_type,
+ std::vector<uint32_t> *methods,
+ std::vector<uint32_t> *modes = nullptr) {
+ // auth_registry.get_supported_methods(peer_type, methods, modes);
+ *methods = { CEPH_AUTH_NONE };
+ if (modes != nullptr) {
+ *modes = { CEPH_CON_MODE_CRC };
+ }
+ }
+
+ // Get support connection modes for the given peer type and auth method
+ virtual void get_supported_con_modes(
+ int peer_type,
+ uint32_t auth_method,
+ std::vector<uint32_t> *modes) {
+ // auth_registry.get_supported_modes(peer_type, auth_method, modes);
+ *modes = { CEPH_CON_MODE_CRC };
+ }
+
+ // Get support connection modes for the given peer type and auth method
+ virtual uint32_t pick_con_mode(
+ int peer_type,
+ uint32_t auth_method,
+ const std::vector<uint32_t>& preferred_modes) {
+ // return auth_registry.pick_mode(peer_type, auth_method, preferred_modes);
+ ceph_assert(auth_method == CEPH_AUTH_NONE);
+ ceph_assert(preferred_modes.size() &&
+ preferred_modes[0] == CEPH_CON_MODE_CRC);
+ return CEPH_CON_MODE_CRC;
+ }
+
+ // return an AuthAuthorizeHandler for the given peer type and auth method
+ AuthAuthorizeHandler *get_auth_authorize_handler(
+ int peer_type,
+ int auth_method) {
+ // return auth_registry.get_handler(peer_type, auth_method);
+ return nullptr;
+ }
+
+ // Handle an authentication request on an incoming connection
+ virtual int handle_auth_request(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ bool more, //< true if this is not the first part of the handshake
+ uint32_t auth_method,
+ const bufferlist& bl,
+ bufferlist *reply) = 0;
+};
+
+} // namespace ceph::auth
--- /dev/null
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+
+#include "AuthClient.h"
+#include "AuthServer.h"
+
+namespace ceph::auth {
+
+class DummyAuthClientServer : public AuthClient,
+ public AuthServer {
+public:
+ DummyAuthClientServer() {}
+
+ // client
+ int get_auth_request(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ uint32_t *method,
+ std::vector<uint32_t> *preferred_modes,
+ bufferlist *out) override {
+ *method = CEPH_AUTH_NONE;
+ *preferred_modes = { CEPH_CON_MODE_CRC };
+ return 0;
+ }
+
+ int handle_auth_reply_more(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ const bufferlist& bl,
+ bufferlist *reply) override {
+ ceph_abort();
+ }
+
+ int handle_auth_done(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ uint64_t global_id,
+ uint32_t con_mode,
+ const bufferlist& bl,
+ CryptoKey *session_key,
+ std::string *connection_secret) {
+ return 0;
+ }
+
+ int handle_auth_bad_method(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ uint32_t old_auth_method,
+ int result,
+ const std::vector<uint32_t>& allowed_methods,
+ const std::vector<uint32_t>& allowed_modes) override {
+ ceph_abort();
+ }
+
+ // server
+ int handle_auth_request(
+ ceph::net::ConnectionRef conn,
+ AuthConnectionMetaRef auth_meta,
+ bool more,
+ uint32_t auth_method,
+ const bufferlist& bl,
+ bufferlist *reply) override {
+ return 1;
+ }
+};
+
+} // namespace ceph::auth
class AuthAuthorizer;
+namespace ceph::auth {
+class AuthClient;
+class AuthServer;
+}
+
namespace ceph::net {
using Throttle = ceph::thread::Throttle;
uint32_t global_seq = 0;
uint32_t crc_flags = 0;
+ public:
+ ceph::auth::AuthClient *auth_client = 0;
+ ceph::auth::AuthServer *auth_server = 0;
+
public:
Messenger(const entity_name_t& name)
: my_name(name)
crc_flags |= MSG_CRC_HEADER;
}
+ void set_auth_client(ceph::auth::AuthClient *ac) {
+ auth_client = ac;
+ }
+ void set_auth_server(ceph::auth::AuthServer *as) {
+ auth_server = as;
+ }
+
// get the local messenger shard if it is accessed by another core
virtual Messenger* get_local_shard() {
return this;
#include "include/msgr.h"
+#include "crimson/auth/AuthClient.h"
+#include "crimson/auth/AuthServer.h"
+
#include "Dispatcher.h"
#include "Errors.h"
#include "Socket.h"
#include "auth/Auth.h"
#include "messages/MPing.h"
+#include "crimson/auth/DummyAuth.h"
#include "crimson/net/Connection.h"
#include "crimson/net/Dispatcher.h"
#include "crimson/net/Messenger.h"
struct Server {
ceph::thread::Throttle byte_throttler;
ceph::net::Messenger& msgr;
+ ceph::auth::DummyAuthClientServer dummy_auth;
struct ServerDispatcher : ceph::net::Dispatcher {
unsigned count = 0;
seastar::condition_variable on_reply;
struct Client {
ceph::thread::Throttle byte_throttler;
ceph::net::Messenger& msgr;
+ ceph::auth::DummyAuthClientServer dummy_auth;
struct ClientDispatcher : ceph::net::Dispatcher {
unsigned count = 0;
seastar::condition_variable on_reply;
// bind the server
server.msgr.set_policy_throttler(entity_name_t::TYPE_OSD,
&server.byte_throttler);
+ server.msgr.set_auth_client(&server.dummy_auth);
+ server.msgr.set_auth_server(&server.dummy_auth);
return server.msgr.bind(entity_addrvec_t{addr})
.then([&server] {
return server.msgr.start(&server.dispatcher);
std::cout << "client sending to " << addr << std::endl;
client.msgr.set_policy_throttler(entity_name_t::TYPE_OSD,
&client.byte_throttler);
+ client.msgr.set_auth_client(&client.dummy_auth);
+ client.msgr.set_auth_server(&client.dummy_auth);
return client.msgr.start(&client.dispatcher)
.then([addr, &client] {
return client.msgr.connect(addr, entity_name_t::TYPE_OSD);
projects / ceph.git / commitdiff