*
*/
-#ifndef __MAUTH_H
-#define __MAUTH_H
+#ifndef __MAUTHMON_H
+#define __MAUTHMON_H
#include "include/AuthLibrary.h"
#include "messages/PaxosServiceMessage.h"
#include "MonitorStore.h"
#include "messages/MMonCommand.h"
+#include "messages/MAuth.h"
+#include "messages/MAuthReply.h"
#include "messages/MAuthMon.h"
#include "messages/MAuthMonAck.h"
#include "messages/MAuthRotating.h"
case MSG_MON_COMMAND:
return preprocess_command((MMonCommand*)m);
+ case CEPH_MSG_AUTH:
+ return preprocess_auth((MAuth *)m);
+
+ case MSG_AUTH_ROTATING:
+ return preprocess_auth_rotating((MAuthRotating *)m);
+
case MSG_AUTHMON:
- return preprocess_auth((MAuthMon*)m);
+ return preprocess_auth_mon((MAuthMon*)m);
default:
assert(0);
case MSG_MON_COMMAND:
return prepare_command((MMonCommand*)m);
case MSG_AUTHMON:
- return prepare_auth((MAuthMon*)m);
+ return prepare_auth_mon((MAuthMon*)m);
default:
assert(0);
delete m;
}
-bool AuthMonitor::preprocess_auth(MAuthMon *m)
+
+bool AuthMonitor::preprocess_auth(MAuth *m)
+{
+ stringstream ss;
+ // already mounted?
+ dout(0) << "preprocess_auth() blob_size=" << m->get_auth_payload().length() << dendl;
+ entity_addr_t addr = m->get_orig_source_addr();
+
+ dout(0) << "preprocess_auth() addr=" << addr << dendl;
+
+ AuthServiceHandler *handler = auth_mgr.get_auth_handler(addr);
+ assert(handler);
+
+ bufferlist response_bl;
+
+ int ret;
+ try {
+ ret = handler->handle_request(m->get_auth_payload(), response_bl);
+ } catch (buffer::error *err) {
+ ret = -EINVAL;
+ dout(0) << "caught error when trying to handle auth request, probably malformed request" << dendl;
+ }
+ MAuthReply *reply = new MAuthReply(&response_bl, ret);
+
+ if (reply) {
+ mon->messenger->send_message(reply,
+ m->get_orig_source_inst());
+ } else {
+ /* out of memory.. what are we supposed to do now? */
+ }
+ return true;
+}
+
+
+bool AuthMonitor::preprocess_auth_rotating(MAuthRotating *m)
{
- dout(10) << "preprocess_auth " << *m << " from " << m->get_orig_source() << dendl;
+ dout(10) << "handle_request " << *m << " from " << m->get_orig_source() << dendl;
+ MAuthRotating *reply = new MAuthRotating();
+
+ if (!reply)
+ return true;
+
+ if (keys_server.get_rotating_encrypted(m->entity_name, reply->response_bl)) {
+ reply->status = 0;
+ } else {
+ reply->status = -EPERM;
+ }
+
+ mon->messenger->send_message(reply, m->get_orig_source_inst());
+ delete m;
+ return true;
+}
+
+
+// auth mon
+
+bool AuthMonitor::preprocess_auth_mon(MAuthMon *m)
+{
+ dout(10) << "preprocess_auth_mon " << *m << " from " << m->get_orig_source() << dendl;
int num_new = 0;
for (deque<AuthLibEntry>::iterator p = m->info.begin();
return false;
}
-bool AuthMonitor::prepare_auth(MAuthMon *m)
+bool AuthMonitor::prepare_auth_mon(MAuthMon *m)
{
dout(10) << "prepare_auth " << *m << " from " << m->get_orig_source() << dendl;
return false;
}
-
-void AuthMonitor::handle_request(MAuthRotating *m)
-{
- dout(10) << "handle_request " << *m << " from " << m->get_orig_source() << dendl;
- MAuthRotating *reply = new MAuthRotating();
-
- if (!reply)
- return;
-
- if (keys_server.get_rotating_encrypted(m->entity_name, reply->response_bl)) {
- reply->status = 0;
- } else {
- reply->status = -EPERM;
- }
-
- mon->messenger->send_message(reply, m->get_orig_source_inst());
- delete m;
-}
-
#include "mon/Monitor.h"
#include "include/AuthLibrary.h"
+
#include "auth/KeysServer.h"
+#include "auth/AuthServiceManager.h"
+
class MMonCommand;
+class MAuth;
class MAuthMon;
class MAuthRotating;
KeysServer keys_server;
version_t last_rotating_ver;
+ AuthServiceManager auth_mgr;
+
void on_active();
void create_initial(bufferlist& bl);
bool preprocess_query(PaxosServiceMessage *m); // true if processed.
bool prepare_update(PaxosServiceMessage *m);
- bool preprocess_auth(MAuthMon *m);
- bool prepare_auth(MAuthMon *m);
+ bool preprocess_auth(MAuth *m);
+
+ bool preprocess_auth_rotating(MAuthRotating *m);
+
+ bool preprocess_auth_mon(MAuthMon *m);
+ bool prepare_auth_mon(MAuthMon *m);
void _updated_auth(MAuthMon *m, entity_inst_t who);
struct C_Auth : public Context {
void check_rotate();
public:
- AuthMonitor(Monitor *mn, Paxos *p) : PaxosService(mn, p), last_rotating_ver(0) { }
- void handle_request(MAuthMon *m);
- void handle_request(MAuthRotating *m);
+ AuthMonitor(Monitor *mn, Paxos *p) : PaxosService(mn, p), last_rotating_ver(0) {
+ auth_mgr.init(mn);
+ }
+ void pre_auth(MAuth *m);
void tick(); // check state, take actions
};
#include "MonitorStore.h"
#include "messages/MMonMap.h"
-#include "messages/MAuth.h"
-#include "messages/MAuthReply.h"
#include "messages/MClientMount.h"
#include "messages/MClientMountAck.h"
#include "messages/MMonCommand.h"
// -------
-bool ClientMonitor::check_auth(MAuth *m)
-{
- stringstream ss;
- // already mounted?
- dout(0) << "ClientMonitor::check_auth() blob_size=" << m->get_auth_payload().length() << dendl;
- entity_addr_t addr = m->get_orig_source_addr();
-
- dout(0) << "ClientMonitor::check_auth() addr=" << addr << dendl;
-
- AuthServiceHandler* handler = auth_mgr.get_auth_handler(addr);
- assert(handler);
-
- bufferlist response_bl;
-
- int ret;
- try {
- ret = handler->handle_request(m->get_auth_payload(), response_bl);
- } catch (buffer::error *err) {
- ret = -EINVAL;
- dout(0) << "caught error when trying to handle auth request, probably malformed request" << dendl;
- }
- MAuthReply *reply = new MAuthReply(&response_bl, ret);
-
- if (reply) {
- mon->messenger->send_message(reply,
- m->get_orig_source_inst());
- } else {
- /* out of memory.. what are we supposed to do now? */
- }
- return true;
-}
-
bool ClientMonitor::preprocess_query(PaxosServiceMessage *m)
{
dout(10) << "preprocess_query " << *m << " from " << m->get_orig_source_inst() << dendl;
switch (m->get_type()) {
- case CEPH_MSG_AUTH:
- dout(0) << "YY preprocess_query" << dendl;
- return check_auth((MAuth *)m);
-
case CEPH_MSG_CLIENT_MOUNT:
return preprocess_mount((MClientMount *)m);
#include "PaxosService.h"
#include "ClientMap.h"
-#include "auth/AuthServiceManager.h"
-
class Monitor;
class Paxos;
class MAuth;
};
ClientMap client_map, pending_map;
- AuthServiceManager auth_mgr;
client_t next_client;
private:
void committed();
- bool check_auth(MAuth *m);
-
bool preprocess_mount(MClientMount *m);
bool prepare_mount(MClientMount *m);
void _mounted(client_t c, MClientMount *m);
void on_election_start();
public:
- ClientMonitor(Monitor *mn, Paxos *p) : PaxosService(mn, p), next_client(-1) { auth_mgr.init(mn); }
+ ClientMonitor(Monitor *mn, Paxos *p) : PaxosService(mn, p), next_client(-1) { }
void tick(); // check state, take actions
paxos_service[PAXOS_MDSMAP]->dispatch((PaxosServiceMessage*)m);
break;
- // clients
+ // auth
case CEPH_MSG_AUTH:
- dout(0) << "Monitor::dispatch_impl() got CEPH_MSG_CLIENT_AUTH" << dendl;
+ case MSG_AUTH_ROTATING:
+ case MSG_AUTHMON:
+ paxos_service[PAXOS_AUTH]->dispatch((PaxosServiceMessage*)m);
+ break;
+
+ // clients
case CEPH_MSG_CLIENT_MOUNT:
paxos_service[PAXOS_CLIENTMAP]->dispatch((PaxosServiceMessage*)m);
break;
handle_class((MClass *)m);
break;
- case MSG_AUTH_ROTATING:
- handle_rotating((MAuthRotating *)m);
- break;
default:
return false;
}
}
}
-/*
- get auth rotating secret request
- */
-
-void Monitor::handle_rotating(MAuthRotating *m)
-{
- authmon()->handle_request(m);
-}
-
-
void Monitor::handle_route(MRoute *m)
{
dout(10) << "handle_route " << *m->msg << " to " << m->dest << dendl;
void handle_command(class MMonCommand *m);
void handle_observe(MMonObserve *m);
void handle_class(MClass *m);
- void handle_rotating(MAuthRotating *m);
void handle_route(MRoute *m);
void reply_command(MMonCommand *m, int rc, const string &rs, version_t version);
#include "include/xlist.h"
#include "msg/msg_types.h"
+#include "auth/Crypto.h"
struct Session;
map<nstring, Subscription*> sub_map;
+ CryptoKey session_key;
+
Session(entity_inst_t i) : inst(i), closed(false), item(this) {}
~Session() {
generic_dout(0) << "~Session " << this << dendl;
projects / ceph.git / commitdiff