auth: CephxProtocol const cleanup

need_key() and build_authorizer() can be const.

Signed-off-by: Josh Durgin <josh.durgin@inktank.com>

diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc
index 6956f453fb747c3c2909b35e06b99eb24108964b..f57f06358644dd53b1710d44445835870cd07c22 100644 (file)
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -197,7 +197,7 @@ bool CephXTicketHandler::have_key()
   return have_key_flag;
 }
 
-bool CephXTicketHandler::need_key()
+bool CephXTicketHandler::need_key() const
 {
   if (have_key_flag) {
     return (!expires.is_zero()) && (ceph_clock_now(cct) >= renew_after);
@@ -214,9 +214,9 @@ bool CephXTicketManager::have_key(uint32_t service_id)
   return iter->second.have_key();
 }
 
-bool CephXTicketManager::need_key(uint32_t service_id)
+bool CephXTicketManager::need_key(uint32_t service_id) const
 {
-  map<uint32_t, CephXTicketHandler>::iterator iter = tickets_map.find(service_id);
+  map<uint32_t, CephXTicketHandler>::const_iterator iter = tickets_map.find(service_id);
   if (iter == tickets_map.end())
     return true;
   return iter->second.need_key();
@@ -290,7 +290,7 @@ bool CephXTicketManager::verify_service_ticket_reply(CryptoKey& secret,
  *
  * ticket, {timestamp}^session_key
  */
-CephXAuthorizer *CephXTicketHandler::build_authorizer(uint64_t global_id)
+CephXAuthorizer *CephXTicketHandler::build_authorizer(uint64_t global_id) const
 {
   CephXAuthorizer *a = new CephXAuthorizer(cct);
   a->session_key = session_key;
@@ -320,16 +320,16 @@ CephXAuthorizer *CephXTicketHandler::build_authorizer(uint64_t global_id)
  *
  * ticket, {timestamp}^session_key
  */
-CephXAuthorizer *CephXTicketManager::build_authorizer(uint32_t service_id)
+CephXAuthorizer *CephXTicketManager::build_authorizer(uint32_t service_id) const
 {
-  map<uint32_t, CephXTicketHandler>::iterator iter = tickets_map.find(service_id);
+  map<uint32_t, CephXTicketHandler>::const_iterator iter = tickets_map.find(service_id);
   if (iter == tickets_map.end()) {
     ldout(cct, 0) << "no TicketHandler for service "
                  << ceph_entity_type_name(service_id) << dendl;
     return NULL;
   }
 
-  CephXTicketHandler& handler = iter->second;
+  const CephXTicketHandler& handler = iter->second;
   return handler.build_authorizer(global_id);
 }
 

diff --git a/src/auth/cephx/CephxProtocol.h b/src/auth/cephx/CephxProtocol.h
index 19f4f23035339ff8468e9b1456684c74fcd7d457..8a3e09462e34887e7d8d9f2e328868afc0f9f564 100644 (file)
--- a/src/auth/cephx/CephxProtocol.h
+++ b/src/auth/cephx/CephxProtocol.h
@@ -303,10 +303,10 @@ struct CephXTicketHandler {
   bool verify_service_ticket_reply(CryptoKey& principal_secret,
                                 bufferlist::iterator& indata);
   // to access the service
-  CephXAuthorizer *build_authorizer(uint64_t global_id);
+  CephXAuthorizer *build_authorizer(uint64_t global_id) const;
 
   bool have_key();
-  bool need_key();
+  bool need_key() const;
 
   void invalidate_ticket() {
     have_key_flag = 0;
@@ -335,9 +335,9 @@ struct CephXTicketManager {
     assert(res.second);
     return res.first->second;
   }
-  CephXAuthorizer *build_authorizer(uint32_t service_id);
+  CephXAuthorizer *build_authorizer(uint32_t service_id) const;
   bool have_key(uint32_t service_id);
-  bool need_key(uint32_t service_id);
+  bool need_key(uint32_t service_id) const;
   void set_have_need_key(uint32_t service_id, uint32_t& have, uint32_t& need);
   void validate_tickets(uint32_t mask, uint32_t& have, uint32_t& need);
   void invalidate_ticket(uint32_t service_id);