serial = request_key("ceph", key_name, NULL, KEY_SPEC_USER_KEYRING);
return serial != -1;
}
-
-int get_secret_option(const char *secret, const char *key_name,
- char *secret_option, size_t max_len)
-{
- if (!key_name) {
- return -EINVAL;
- }
-
- int ret = 0;
- int olen = strlen(key_name) + 7;
- if (secret) {
- olen += strlen(secret);
- }
- char option[olen+1];
- int use_key = 1;
-
- option[olen] = '\0';
-
- /* when parsing kernel options (-o remount) we get '<hidden>' as the secret */
- if (secret && (strcmp(secret, "<hidden>") != 0)) {
- ret = set_kernel_secret(secret, key_name);
- if (ret < 0) {
- if (ret == -ENODEV || ret == -ENOSYS) {
- /* running against older kernel; fall back to secret= in options */
- snprintf(option, olen, "secret=%s", secret);
- ret = 0;
- use_key = 0;
- } else {
- char error_buf[80];
- fprintf(stderr, "adding ceph secret key to kernel failed: %s.\n",
- ceph_strerror_r(-ret, error_buf, sizeof(error_buf)));
- return ret;
- }
- }
- }
-
- if (use_key) {
- /* add key= option to identify key to use */
- snprintf(option, olen, "key=%s", key_name);
- }
-
- if (strlen(option) + 1 > max_len) {
- ret = -ERANGE;
- } else {
- secret_option[max_len-1] = '\0';
- strncpy(secret_option, option, max_len-1);
- }
-
- return ret;
-}
int read_secret_from_file(const char *filename, char *secret, size_t max_len);
-/*
- * Attempts to add the secret to the kernel, but falls back to
- * the old secret= option if the kernel is too old.
- */
-int get_secret_option(const char *secret, const char *key_name,
- char *secret_option, size_t secret_option_len);
-
int set_kernel_secret(const char *secret, const char *key_name);
int is_kernel_secret(const char *key_name);
free(cmi->cmi_conf);
}
-static int finalize_options(struct ceph_mount_info *cmi)
+static int append_key_or_secret_option(struct ceph_mount_info *cmi)
{
- int pos;
+ int pos = strlen(cmi->cmi_opts);
- if (cmi->cmi_secret[0] || is_kernel_secret(cmi->cmi_name)) {
- int ret;
- char secret_option[SECRET_OPTION_BUFSIZE];
+ if (!cmi->cmi_secret[0] && !is_kernel_secret(cmi->cmi_name))
+ return 0;
- ret = get_secret_option(cmi->cmi_secret, cmi->cmi_name,
- secret_option, sizeof(secret_option));
- if (ret < 0)
+ if (pos)
+ pos = safe_cat(&cmi->cmi_opts, &cmi->cmi_opts_len, pos, ",");
+
+ /* when parsing kernel options (-o remount) we get '<hidden>' as the secret */
+ if (cmi->cmi_secret[0] && (strcmp(cmi->cmi_secret, "<hidden>") != 0)) {
+ int ret = set_kernel_secret(cmi->cmi_secret, cmi->cmi_name);
+ if (ret < 0) {
+ if (ret == -ENODEV || ret == -ENOSYS) {
+ /* old kernel; fall back to secret= in options */
+ pos = safe_cat(&cmi->cmi_opts,
+ &cmi->cmi_opts_len, pos,
+ "secret=");
+ pos = safe_cat(&cmi->cmi_opts,
+ &cmi->cmi_opts_len, pos,
+ cmi->cmi_secret);
+ return 0;
+ }
+ fprintf(stderr, "adding ceph secret key to kernel failed: %s\n",
+ strerror(-ret));
return ret;
-
- pos = strlen(cmi->cmi_opts);
- if (pos)
- pos = safe_cat(&cmi->cmi_opts, &cmi->cmi_opts_len, pos, ",");
- pos = safe_cat(&cmi->cmi_opts, &cmi->cmi_opts_len, pos, secret_option);
+ }
}
+
+ pos = safe_cat(&cmi->cmi_opts, &cmi->cmi_opts_len, pos, "key=");
+ pos = safe_cat(&cmi->cmi_opts, &cmi->cmi_opts_len, pos, cmi->cmi_name);
+
return 0;
}
/* Ensure the ceph key_type is available */
modprobe();
- retval = finalize_options(&cmi);
+ retval = append_key_or_secret_option(&cmi);
if (retval) {
- fprintf(stderr, "couldn't finalize options: %d\n", retval);
+ fprintf(stderr, "couldn't append secret option: %d\n", retval);
retval = EX_USAGE;
goto out;
}
projects / ceph.git / commitdiff