]> git.apps.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8b85704)
auth: send request for tickets when needed
authorYehuda Sadeh <yehuda@hq.newdream.net>
Mon, 26 Oct 2009 23:25:19 +0000 (16:25 -0700)
committerYehuda Sadeh <yehuda@hq.newdream.net>
Mon, 26 Oct 2009 23:25:19 +0000 (16:25 -0700)
src/auth/AuthClientHandler.h patch | blob | history
src/auth/cephx/CephxClientHandler.cc patch | blob | history
src/auth/cephx/CephxClientHandler.h patch | blob | history
src/auth/cephx/CephxProtocol.cc patch | blob | history
src/mon/MonClient.cc patch | blob | history

diff --git a/src/auth/AuthClientHandler.h b/src/auth/AuthClientHandler.h
index f0947d1671e4792bd2702059facd4e9d19ccc6e1..35a13b17a0cb8b3b1318b6a4038a74dfbe66f906 100644 (file)
--- a/src/auth/AuthClientHandler.h
+++ b/src/auth/AuthClientHandler.h
@@ -70,6 +70,7 @@ public:
   virtual AuthAuthorizer *build_authorizer(uint32_t service_id) = 0;
 
   virtual void validate_tickets() = 0;
+  virtual bool need_tickets() = 0;
 };
 
 
diff --git a/src/auth/cephx/CephxClientHandler.cc b/src/auth/cephx/CephxClientHandler.cc
index 72e703e8646454eb006921b83ec1bb983a4fdab3..f3919ad4a4ce5811be56acf23be9e263bd9350ea 100644 (file)
--- a/src/auth/cephx/CephxClientHandler.cc
+++ b/src/auth/cephx/CephxClientHandler.cc
@@ -190,3 +190,9 @@ void CephxClientHandler::validate_tickets()
   tickets.validate_tickets(want, need);
 }
 
+bool CephxClientHandler::need_tickets()
+{
+  validate_tickets();
+  return (need != 0);
+}
+
diff --git a/src/auth/cephx/CephxClientHandler.h b/src/auth/cephx/CephxClientHandler.h
index 5967f7968c3e211fd940a3eb74747f34b3e52eb1..f1da845353e94181b2c5d5694f11fda2f708b2ed 100644 (file)
--- a/src/auth/cephx/CephxClientHandler.h
+++ b/src/auth/cephx/CephxClientHandler.h
@@ -53,7 +53,7 @@ public:
   AuthAuthorizer *build_authorizer(uint32_t service_id);
 
   void validate_tickets();
-
+  bool need_tickets();
 };
 
 #endif
diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc
index afe0b23cf5187c4bef9e3ba98dc3d6832e04f98f..dcdcb13226ce27c2ba91e4dd070ad60258415c77 100644 (file)
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -80,7 +80,8 @@ bool CephXTicketHandler::verify_service_ticket_reply(CryptoKey& secret,
   ::decode(ticket, indata);
   dout(10) << "verify_service_ticket_reply service " << ceph_entity_type_name(service_id)
           << " secret_id " << ticket.secret_id
-          << " session_key " << msg_a.session_key << dendl;  
+          << " session_key " << msg_a.session_key
+           << " validity=" << msg_a.validity << dendl;
   session_key = msg_a.session_key;
   has_key_flag = true;
   return true;
diff --git a/src/mon/MonClient.cc b/src/mon/MonClient.cc
index fca473745b4e1fadc3ad53444d72001f736c6c13..2a6df410a1db972607a887cac03307fc67869936 100644 (file)
--- a/src/mon/MonClient.cc
+++ b/src/mon/MonClient.cc
@@ -537,6 +537,13 @@ int MonClient::wait_authenticate(double timeout)
 
 int MonClient::_check_auth_rotating()
 {
+  if (state == MC_STATE_HAVE_SESSION && auth && auth->need_tickets()) {
+    MAuth *m = new MAuth;
+    m->protocol = auth->get_protocol();
+    auth->build_request(m->auth_payload);
+    _send_mon_message(m);
+  }
+
   if (!g_keyring.need_rotating_secrets())
     return 0;
 
Unnamed repository; edit this file 'description' to name the repository.