auth: de-globalize AuthServiceHandler and pals

author Colin Patrick McCabe <cmccabe@alumni.cmu.edu>

Tue, 14 Jun 2011 19:10:07 +0000 (12:10 -0700)

committer Colin Patrick McCabe <cmccabe@alumni.cmu.edu>

Mon, 20 Jun 2011 23:22:27 +0000 (16:22 -0700)
author Colin Patrick McCabe <cmccabe@alumni.cmu.edu>
Tue, 14 Jun 2011 19:10:07 +0000 (12:10 -0700)
committer Colin Patrick McCabe <cmccabe@alumni.cmu.edu>
Mon, 20 Jun 2011 23:22:27 +0000 (16:22 -0700)
diff --git a/src/auth/AuthServiceHandler.cc b/src/auth/AuthServiceHandler.cc

index 36646576387f3bbb356582c5a9e25909af4987dc..665a7d65f512d05d8d36b55dcbc221f8737ee0d3 100644 (file)
--- a/src/auth/AuthServiceHandler.cc
+++ b/src/auth/AuthServiceHandler.cc
@@ -21,12 +21,13 @@
  #define DOUT_SUBSYS auth
  
  
-AuthServiceHandler *get_auth_service_handler(KeyServer *ks, set<__u32>& supported)
+AuthServiceHandler *get_auth_service_handler(CephContext *cct, KeyServer *ks,
+                                            set<__u32>& supported)
  {
    if (is_supported_auth(CEPH_AUTH_CEPHX) && supported.count(CEPH_AUTH_CEPHX))
-    return new CephxServiceHandler(ks);
+    return new CephxServiceHandler(cct, ks);
    if (is_supported_auth(CEPH_AUTH_NONE) && supported.count(CEPH_AUTH_NONE))
-    return new AuthNoneServiceHandler();
+    return new AuthNoneServiceHandler(cct);
    return NULL;
  }
  
diff --git a/src/auth/AuthServiceHandler.h b/src/auth/AuthServiceHandler.h

index b496f5ad6a1965040520e0f8b59c4f1955fa564e..b9e809e845fae95f235b3af9c29e30527b070715 100644 (file)
--- a/src/auth/AuthServiceHandler.h
+++ b/src/auth/AuthServiceHandler.h
@@ -19,13 +19,17 @@
  #include "common/config.h"
  #include "Auth.h"
  
+class CephContext;
  class KeyServer;
  
  struct AuthServiceHandler {
+protected:
+  CephContext *cct;
+public:
    EntityName entity_name;
    uint64_t global_id;
  
-  AuthServiceHandler() : global_id(0) {}
+  AuthServiceHandler(CephContext *cct_) : cct(cct_), global_id(0) {}
  
    virtual ~AuthServiceHandler() { }
  
@@ -35,6 +39,7 @@ struct AuthServiceHandler {
    EntityName& get_entity_name() { return entity_name; }
  };
  
-extern AuthServiceHandler *get_auth_service_handler(KeyServer *ks, set<__u32>& supported);
+extern AuthServiceHandler *get_auth_service_handler(CephContext *cct,
+                               KeyServer *ks, set<__u32>& supported);
  
  #endif
diff --git a/src/auth/cephx/CephxServiceHandler.cc b/src/auth/cephx/CephxServiceHandler.cc

index a58bc04d5bfc18772891406a0d6c65504c9cbdb7..08035a34bf085f3dbdc3f5d4615fe219e5192b40 100644 (file)
--- a/src/auth/cephx/CephxServiceHandler.cc
+++ b/src/auth/cephx/CephxServiceHandler.cc
@@ -36,7 +36,7 @@ int CephxServiceHandler::start_session(EntityName& name, bufferlist::iterator& i
    get_random_bytes((char *)&server_challenge, sizeof(server_challenge));
    if (!server_challenge)
      server_challenge = 1;  // always non-zero.
-  dout(10) << "start_session server_challenge " << hex << server_challenge << dec << dendl;
+  ldout(cct, 10) << "start_session server_challenge " << hex << server_challenge << dec << dendl;
  
    CephXServerChallenge ch;
    ch.server_challenge = server_challenge;
@@ -55,14 +55,14 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
    switch (cephx_header.request_type) {
    case CEPHX_GET_AUTH_SESSION_KEY:
      {
-      dout(10) << "handle_request get_auth_session_key for " << entity_name << dendl;
+      ldout(cct, 10) << "handle_request get_auth_session_key for " << entity_name << dendl;
  
        CephXAuthenticate req;
        ::decode(req, indata);
  
        CryptoKey secret;
        if (!key_server->get_secret(entity_name, secret)) {
-        dout(0) << "couldn't find entity name: " << entity_name << dendl;
+        ldout(cct, 0) << "couldn't find entity name: " << entity_name << dendl;
         ret = -EPERM;
         break;
        }
@@ -75,10 +75,10 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
        uint64_t expected_key;
        cephx_calc_client_server_challenge(secret, server_challenge, req.client_challenge, &expected_key);
  
-      dout(20) << " checking key: req.key=" << hex << req.key
+      ldout(cct, 20) << " checking key: req.key=" << hex << req.key
                << " expected_key=" << expected_key << dec << dendl;
        if (req.key != expected_key) {
-        dout(0) << " unexpected key: req.key=" << hex << req.key
+        ldout(cct, 0) << " unexpected key: req.key=" << hex << req.key
                 << " expected_key=" << expected_key << dec << dendl;
          ret = -EPERM;
         break;
@@ -98,15 +98,15 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
        if (cephx_decode_ticket(&g_ceph_context, key_server, CEPH_ENTITY_TYPE_AUTH,
                               req.old_ticket, old_ticket_info)) {
          global_id = old_ticket_info.ticket.global_id;
-        dout(10) << "decoded old_ticket with global_id=" << global_id << dendl;
+        ldout(cct, 10) << "decoded old_ticket with global_id=" << global_id << dendl;
          should_enc_ticket = true;
        }
  
-      info.ticket.init_timestamps(g_clock.now(), g_conf->auth_mon_ticket_ttl);
+      info.ticket.init_timestamps(g_clock.now(), cct->_conf->auth_mon_ticket_ttl);
        info.ticket.name = entity_name;
        info.ticket.global_id = global_id;
        info.ticket.auid = eauth.auid;
-      info.validity += g_conf->auth_mon_ticket_ttl;
+      info.validity += cct->_conf->auth_mon_ticket_ttl;
  
        if (auid) *auid = eauth.auid;
  
@@ -115,7 +115,7 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
        info.session_key = session_key;
        info.service_id = CEPH_ENTITY_TYPE_AUTH;
        if (!key_server->get_service_secret(CEPH_ENTITY_TYPE_AUTH, info.service_secret, info.secret_id)) {
-        dout(0) << " could not get service secret for auth subsystem" << dendl;
+        ldout(cct, 0) << " could not get service secret for auth subsystem" << dendl;
          ret = -EIO;
          break;
        }
@@ -130,14 +130,14 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
        }
  
        if (!key_server->get_service_caps(entity_name, CEPH_ENTITY_TYPE_MON, caps)) {
-        dout(0) << " could not get mon caps for " << entity_name << dendl;
+        ldout(cct, 0) << " could not get mon caps for " << entity_name << dendl;
        }
      }
      break;
  
    case CEPHX_GET_PRINCIPAL_SESSION_KEY:
      {
-      dout(10) << "handle_request get_principal_session_key" << dendl;
+      ldout(cct, 10) << "handle_request get_principal_session_key" << dendl;
  
        bufferlist tmp_bl;
        CephXServiceTicketInfo auth_ticket_info;
@@ -148,20 +148,20 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
  
        CephXServiceTicketRequest ticket_req;
        ::decode(ticket_req, indata);
-      dout(10) << " ticket_req.keys = " << ticket_req.keys << dendl;
+      ldout(cct, 10) << " ticket_req.keys = " << ticket_req.keys << dendl;
  
        ret = 0;
        vector<CephXSessionAuthInfo> info_vec;
        for (uint32_t service_id = 1; service_id <= ticket_req.keys; service_id <<= 1) {
          if (ticket_req.keys & service_id) {
-         dout(10) << " adding key for service " << ceph_entity_type_name(service_id) << dendl;
+         ldout(cct, 10) << " adding key for service " << ceph_entity_type_name(service_id) << dendl;
            CephXSessionAuthInfo info;
            int r = key_server->build_session_auth_info(service_id, auth_ticket_info, info);
            if (r < 0) {
              ret = r;
              break;
            }
-          info.validity += g_conf->auth_service_ticket_ttl;
+          info.validity += cct->_conf->auth_service_ticket_ttl;
            info_vec.push_back(info);
          }
        }
@@ -173,7 +173,7 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
  
    case CEPHX_GET_ROTATING_KEY:
      {
-      dout(10) << "handle_request getting rotating secret for " << entity_name << dendl;
+      ldout(cct, 10) << "handle_request getting rotating secret for " << entity_name << dendl;
        build_cephx_response_header(cephx_header.request_type, 0, result_bl);
        key_server->get_rotating_encrypted(entity_name, result_bl);
        ret = 0;
@@ -181,7 +181,7 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
      break;
  
    default:
-    dout(10) << "handle_request unknown op " << cephx_header.request_type << dendl;
+    ldout(cct, 10) << "handle_request unknown op " << cephx_header.request_type << dendl;
      return -EINVAL;
    }
    return ret;
diff --git a/src/auth/cephx/CephxServiceHandler.h b/src/auth/cephx/CephxServiceHandler.h

index a063b1a13c7aaf295f99e7acc626ae83e4f9b326..3649d3b5d57bd03425045479836802764c010336 100644 (file)
--- a/src/auth/cephx/CephxServiceHandler.h
+++ b/src/auth/cephx/CephxServiceHandler.h
@@ -25,7 +25,8 @@ class CephxServiceHandler  : public AuthServiceHandler {
    uint64_t server_challenge;
  
  public:
-  CephxServiceHandler(KeyServer *ks) : key_server(ks), server_challenge(0) {}
+  CephxServiceHandler(CephContext *cct_, KeyServer *ks) 
+    : AuthServiceHandler(cct_), key_server(ks), server_challenge(0) {}
    ~CephxServiceHandler() {}
    
    int start_session(EntityName& name, bufferlist::iterator& indata, bufferlist& result_bl, AuthCapsInfo& caps);
diff --git a/src/auth/none/AuthNoneServiceHandler.h b/src/auth/none/AuthNoneServiceHandler.h

index 69364bdfcec824be1acb5f2ac07380d6667c4d6f..1c37d79e75514db04d28a2eb0f5ae3ccd44fc25e 100644 (file)
--- a/src/auth/none/AuthNoneServiceHandler.h
+++ b/src/auth/none/AuthNoneServiceHandler.h
@@ -18,9 +18,12 @@
  #include "../AuthServiceHandler.h"
  #include "../Auth.h"
  
+class CephContext;
+
  class AuthNoneServiceHandler  : public AuthServiceHandler {
  public:
-  AuthNoneServiceHandler()  {}
+  AuthNoneServiceHandler(CephContext *cct_) 
+    : AuthServiceHandler(cct_) {}
    ~AuthNoneServiceHandler() {}
    
    int start_session(EntityName& name, bufferlist::iterator& indata, bufferlist& result_bl, AuthCapsInfo& caps) {
diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc

index 4cfc0769a233e3262c06ab5a73ce4ce82a4b619d..5a0b88ebcb9086f30fec716f3d24b9e7fb3011e7 100644 (file)
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -365,7 +365,8 @@ bool AuthMonitor::prep_auth(MAuth *m, bool paxos_writable)
        goto reply;
      }
  
-    s->auth_handler = get_auth_service_handler(&mon->key_server, supported);
+    s->auth_handler = get_auth_service_handler(&g_ceph_context,
+                                              &mon->key_server, supported);
      if (!s->auth_handler) {
        ret = -ENOTSUP;
        goto reply;
author	Colin Patrick McCabe <cmccabe@alumni.cmu.edu>
	Tue, 14 Jun 2011 19:10:07 +0000 (12:10 -0700)
committer	Colin Patrick McCabe <cmccabe@alumni.cmu.edu>
	Mon, 20 Jun 2011 23:22:27 +0000 (16:22 -0700)
src/auth/AuthServiceHandler.cc		patch \| blob \| history
src/auth/AuthServiceHandler.h		patch \| blob \| history
src/auth/cephx/CephxServiceHandler.cc		patch \| blob \| history
src/auth/cephx/CephxServiceHandler.h		patch \| blob \| history
src/auth/none/AuthNoneServiceHandler.h		patch \| blob \| history
src/mon/AuthMonitor.cc		patch \| blob \| history