They now use MonSession and get_service()->caps, respectively.
PaxosServiceMessage *msg;
entity_inst_t client;
MonCaps client_caps;
- bool has_caps;
- MForward() : Message(MSG_FORWARD), msg(NULL), has_caps(false) {}
+ MForward() : Message(MSG_FORWARD), msg(NULL) {}
//the message needs to have caps filled in!
MForward(PaxosServiceMessage *m) :
Message(MSG_FORWARD), msg(m) {
client = m->get_source_inst();
- if (m->caps) {
- client_caps = *m->caps;
- has_caps = true;
- } else {
- has_caps = false;
- generic_dout(10) << "creating MForward without caps on message "
- << m << dendl;
- }
+ client_caps = m->get_session()->caps;
}
~MForward() {
void encode_payload() {
::encode(client, payload);
- ::encode(has_caps, payload);
::encode(client_caps, payload);
encode_message(msg, payload);
}
void decode_payload() {
bufferlist::iterator p = payload.begin();
::decode(client, p);
- ::decode(has_caps, p);
::decode(client_caps, p);
msg = (PaxosServiceMessage *)decode_message(p);
- if (has_caps) msg->caps = &client_caps;
- else {
- msg->caps = NULL;
- generic_dout(10) << "Decoding MForward without any caps!" << dendl;
- }
- generic_dout(20) << "MForward decoded! " << *msg << client_caps << dendl;
}
const char *get_type_name() { return "forward"; }
* very long-lived -- it will still only last as long as the Session would
* normally.
*/
- Session *get_session() {
- Session *session = (Session *)get_connection()->get_priv();
+ MonSession *get_session() {
+ MonSession *session = (MonSession *)get_connection()->get_priv();
session->put();
return session;
}
{
dout(0) << "prep_auth() blob_size=" << m->get_auth_payload().length() << dendl;
- Session *s = (Session *)m->get_connection()->get_priv();
+ MonSession *s = (MonSession *)m->get_connection()->get_priv();
if (!s) {
dout(10) << "no session, dropping" << dendl;
delete m;
{
dout(10) << "preprocess_log " << *m << " from " << m->get_orig_source() << dendl;
- if (!m->caps->check_privileges(PAXOS_LOG, MON_CAP_X)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_LOG, MON_CAP_X)) {
dout(0) << "Received MLog from entity with insufficient privileges "
- << m->caps << dendl;
+ << m->get_session()->caps << dendl;
return true; //no reply expected
}
MDSMap::mds_info_t info;
//check privileges, ignore if fails
- if ( !m->caps->check_privileges(PAXOS_MDSMAP, MON_CAP_X)) {
+ if ( !m->get_session()->caps.check_privileges(PAXOS_MDSMAP, MON_CAP_X)) {
dout(0) << "received MMDSBeacon from entity with insufficient privileges "
- << *m->caps << dendl;
+ << m->get_session()->caps << dendl;
goto out;
}
dout(10) << "preprocess_offload_targets " << *m << " from " << m->get_orig_source() << dendl;
//check privileges, ignore message if fails
- if(!m->caps->check_privileges(PAXOS_MDSMAP, MON_CAP_X)) {
+ if(!m->get_session()->caps.check_privileges(PAXOS_MDSMAP, MON_CAP_X)) {
dout(0) << "got MMDSLoadTargets from entity with insufficient caps "
- << *m->caps << dendl;
+ << m->get_session()->caps << dendl;
return true;
}
delete *p;
for (vector<Paxos*>::iterator p = paxos.begin(); p != paxos.end(); p++)
delete *p;
- //clean out SessionMap's subscriptions
+ //clean out MonSessionMap's subscriptions
for (map<nstring, xlist<Subscription*> >::iterator i
= session_map.subs.begin();
i != session_map.subs.end();
session_map.remove_sub(i->second.front());
}
}
- //clean out SessionMap's sessions
+ //clean out MonSessionMap's sessions
while (!session_map.sessions.empty()) {
session_map.remove_session(session_map.sessions.front());
}
return;
}
- if (!m->caps->check_privileges(PAXOS_MONMAP, MON_CAP_ALL)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_MONMAP, MON_CAP_ALL)) {
string rs="Access denied";
reply_command((MMonCommand *)m, -EACCES, rs, 0);
}
void Monitor::forward_request_leader(PaxosServiceMessage *req)
{
int mon = get_leader();
- Session *session = 0;
+ MonSession *session = 0;
if (req->get_connection())
- session = (Session *)req->get_connection()->get_priv();
+ session = (MonSession *)req->get_connection()->get_priv();
if (req->session_mon >= 0) {
dout(10) << "forward_request won't double fwd request " << *req << dendl;
delete req;
//encode forward message and insert into routed_requests
encode_message(req, rr->request_bl);
- rr->session = (Session *)session->get();
+ rr->session = (MonSession *)session->get();
routed_requests[rr->tid] = rr;
session->routed_request_tids.insert(rr->tid);
{
dout(10) << "received forwarded message from " << m->msg->get_source_inst()
<< " via " << m->get_source_inst() << dendl;
- Session *session = (Session *)m->get_connection()->get_priv();
+ MonSession *session = (MonSession *)m->get_connection()->get_priv();
assert(session);
if (!session->caps.check_privileges(PAXOS_MONMAP, MON_CAP_X)) {
<< session->caps << dendl;
} else {
- Session *s = new Session(m->msg->get_source_inst());
+ MonSession *s = new MonSession(m->msg->get_source_inst());
s->caps = m->client_caps;
Connection *c = new Connection;
c->set_priv(s);
void Monitor::handle_route(MRoute *m)
{
- Session *session = (Session *)m->get_connection()->get_priv();
+ MonSession *session = (MonSession *)m->get_connection()->get_priv();
//check privileges
if (session && !session->caps.check_privileges(PAXOS_MONMAP, MON_CAP_X)) {
dout(0) << "MRoute received from entity without appropriate perms! "
}
}
-void Monitor::remove_session(Session *s)
+void Monitor::remove_session(MonSession *s)
{
dout(10) << "remove_session " << s << " " << s->inst << dendl;
assert(!s->closed);
//check that there are perms. Send a response back if they aren't sufficient,
//and delete the message (if it's not deleted for us, which happens when
//we own the connection to the requested observer).
- if (!m->caps->check_privileges(PAXOS_MONMAP, MON_CAP_X)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_MONMAP, MON_CAP_X)) {
bool delete_m = false;
if (m->session_mon) delete_m = true;
send_reply(m, m);
bool ret = true;
Connection *connection = m->get_connection();
- Session *s = NULL;
+ MonSession *s = NULL;
bool reuse_caps = false;
MonCaps caps;
EntityName entity_name;
bool src_is_mon;
if (connection) {
- s = (Session *)connection->get_priv();
+ s = (MonSession *)connection->get_priv();
if (s && s->closed) {
caps = s->caps;
reuse_caps = true;
break;
case MSG_MON_COMMAND:
- fill_caps(m);
handle_command((MMonCommand*)m);
break;
case MSG_OSD_BOOT:
case MSG_OSD_ALIVE:
case MSG_OSD_PGTEMP:
- fill_caps(m);
paxos_service[PAXOS_OSDMAP]->dispatch((PaxosServiceMessage*)m);
break;
case MSG_REMOVE_SNAPS:
- fill_caps(m);
paxos_service[PAXOS_OSDMAP]->dispatch((PaxosServiceMessage*)m);
break;
// MDSs
case MSG_MDS_BEACON:
case MSG_MDS_OFFLOAD_TARGETS:
- fill_caps(m);
paxos_service[PAXOS_MDSMAP]->dispatch((PaxosServiceMessage*)m);
break;
case MSG_MON_GLOBAL_ID:
case CEPH_MSG_AUTH:
/* no need to check caps here */
- fill_caps(m);
paxos_service[PAXOS_AUTH]->dispatch((PaxosServiceMessage*)m);
break;
case CEPH_MSG_STATFS:
case MSG_PGSTATS:
case MSG_GETPOOLSTATS:
- fill_caps(m);
paxos_service[PAXOS_PGMAP]->dispatch((PaxosServiceMessage*)m);
break;
case MSG_POOLOP:
- fill_caps(m);
paxos_service[PAXOS_OSDMAP]->dispatch((PaxosServiceMessage*)m);
break;
// log
case MSG_LOG:
- fill_caps(m);
paxos_service[PAXOS_LOG]->dispatch((PaxosServiceMessage*)m);
break;
break;
case MSG_MON_OBSERVE:
- fill_caps(m);
handle_observe((MMonObserve *)m);
break;
return ret;
}
-//if we can, fill in the PaxosServiceMessage's caps field.
-void Monitor::fill_caps(Message *m)
-{
- PaxosServiceMessage *msg = (PaxosServiceMessage *) m;
- if (msg->caps) return; //already filled in!
- Session *s = NULL;
- if (m->get_connection()) {
- s = (Session *) m->get_connection()->get_priv();
- if (s) {
- msg->caps = &s->caps;
- s->put();
- }
- } else { //it has to be a monitor if the Connection's not set
- msg->caps = mon_caps;
- }
-}
-
void Monitor::handle_subscribe(MMonSubscribe *m)
{
dout(10) << "handle_subscribe " << *m << dendl;
bool reply = false;
- Session *s = (Session *)m->get_connection()->get_priv();
+ MonSession *s = (MonSession *)m->get_connection()->get_priv();
if (!s) {
dout(10) << " no session, dropping" << dendl;
delete m;
if (con->get_peer_type() == CEPH_ENTITY_TYPE_MON)
return false;
- Session *s = (Session *)con->get_priv();
+ MonSession *s = (MonSession *)con->get_priv();
if (!s)
return false;
// trim sessions
utime_t now = g_clock.now();
- xlist<Session*>::iterator p = session_map.sessions.begin();
+ xlist<MonSession*>::iterator p = session_map.sessions.begin();
while (!p.end()) {
- Session *s = *p;
+ MonSession *s = *p;
++p;
// don't trim monitors
void Monitor::handle_class(MClass *m)
{
- if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
dout(0) << "MClass received from entity without sufficient privileges "
- << m->caps << dendl;
+ << m->get_session()->caps << dendl;
delete m;
return;
}
// -- sessions --
- SessionMap session_map;
+ MonSessionMap session_map;
void check_subs();
void check_sub(Subscription *sub);
struct RoutedRequest {
__u64 tid;
bufferlist request_bl;
- Session *session;
+ MonSession *session;
~RoutedRequest() {
if (session)
send_reply(req, reply, req->get_orig_source_inst());
}
void resend_routed_requests();
- void remove_session(Session *s);
+ void remove_session(MonSession *s);
void inject_args(const entity_inst_t& inst, string& args, version_t version) {
vector<string> a(1);
lock.Unlock();
return ret;
}
- //fill in caps field if possible
- void fill_caps(Message *m);
//mon_caps is used for un-connected messages from monitors
MonCaps * mon_caps;
bool ms_get_authorizer(int dest_type, AuthAuthorizer **authorizer, bool force_new);
// tell any osd
int r = osdmap.get_any_up_osd();
if (r >= 0) {
- Session *s = mon->session_map.get_random_osd_session();
+ MonSession *s = mon->session_map.get_random_osd_session();
if (s) {
dout(10) << "committed, telling random " << s->inst << " all about it" << dendl;
MOSDMap *m = build_incremental(osdmap.get_epoch() - 1); // whatev, they'll request more if they need it
}
//check permissions
- if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
dout(0) << "got MOSDFailure from entity with insufficient caps "
- << *m->caps << dendl;
+ << m->get_session()->caps << dendl;
goto didit;
}
}
//check permissions, ignore if failed (no response expected)
- if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
dout(0) << "got preprocess_boot message from entity with insufficient caps"
- << *m->caps << dendl;
+ << m->get_session()->caps << dendl;
delete m;
return true;
}
bool OSDMonitor::preprocess_alive(MOSDAlive *m)
{
//check permissions, ignore if failed
- if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
dout(0) << "attempt to send MOSDAlive from entity with insufficient privileges:"
- << *m->caps << dendl;
+ << m->get_session()->caps << dendl;
return true;
}
int from = m->get_orig_source().num();
dout(10) << "preprocess_pgtemp " << *m << dendl;
//check caps
- if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
dout(0) << "attempt to send MOSDPGTemp from entity with insufficient caps "
- << *m->caps << dendl;
+ << m->get_session()->caps << dendl;
return true;
}
vector<int> empty;
dout(7) << "preprocess_remove_snaps " << *m << dendl;
//check privilege, ignore if failed
- if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_RW)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_OSDMAP, MON_CAP_RW)) {
dout(0) << "got preprocess_remove_snaps from entity with insufficient caps "
- << *m->caps << dendl;
+ << m->get_session()->caps << dendl;
delete m;
return true;
}
dout(10) << "prepare_new_pool from "
<< (m->get_connection()) << dendl;
if (m->auid) {
- if(m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_W, m->auid)) {
+ if(m->get_session()->
+ caps.check_privileges(PAXOS_OSDMAP, MON_CAP_W, m->auid)) {
return prepare_new_pool(m->name, m->auid);
} else {
dout(5) << "attempt to create new pool without sufficient auid privileges!"
<< "message: " << *m << std::endl
- << "caps: " << *m->caps << dendl;
+ << "caps: " << m->get_session()->caps << dendl;
return -EPERM;
}
} else {
- if (m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_W)) {
- return prepare_new_pool(m->name, m->caps->auid);
+ if (m->get_session()->caps.check_privileges(PAXOS_OSDMAP, MON_CAP_W)) {
+ return prepare_new_pool(m->name, m->get_session()->caps.auid);
} else {
dout(5) << "attempt to create new pool without sufficient caps!"
<< "message: " << *m << std::endl
- << "caps: " << *m->caps << dendl;
+ << "caps: " << m->get_session()->caps << dendl;
return -EPERM;
}
}
bool OSDMonitor::prepare_pool_op_auid (MPoolOp *m)
{
//check that current user can write to new auid
- if(m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_W, m->auid)) {
+ if(m->get_session()->
+ caps.check_privileges(PAXOS_OSDMAP, MON_CAP_W, m->auid)) {
//check that current user can write to old auid
int old_auid = osdmap.get_pg_pool(m->pool)->v.auid;
- if(m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_W, old_auid)) {
+ if(m->get_session()->
+ caps.check_privileges(PAXOS_OSDMAP, MON_CAP_W, old_auid)) {
//update pg_pool_t with new auid
pending_inc.new_pools[m->pool] = *(osdmap.get_pg_pool(m->pool));
pending_inc.new_pools[m->pool].v.auid = m->auid;
void PGMonitor::handle_statfs(MStatfs *statfs)
{
//check caps
- if(!statfs->caps->check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
+ if(!statfs->get_session()->caps.check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
dout(0) << "MStatfs received from entity with insufficient privileges "
- << *statfs->caps << dendl;
+ << statfs->get_session()->caps << dendl;
goto out;
}
MStatfsReply *reply;
{
MGetPoolStatsReply *reply;
- if (!m->caps->check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
+ if (!m->get_session()->caps.check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
dout(0) << "MGetPoolStats received from entity with insufficient caps "
- << *m->caps << dendl;
+ << m->get_session()->caps << dendl;
goto out;
}
int from = stats->get_orig_source().num();
MPGStatsAck *ack;
//check caps
- if (!stats->caps->check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
+ if (!stats->get_session()->caps.check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
dout(0) << "MPGStats received from entity with insufficient privileges "
- << *stats->caps << dendl;
+ << stats->get_session()->caps << dendl;
goto out;
}
// first, just see if they need a new osdmap. but
projects / ceph.git / commitdiff