__le32 global_seq; /* count connections initiated by this host */
__le32 connect_seq; /* count connections initiated in this session */
__le32 protocol_version;
+ __le32 authorizer_len;
__u8 flags; /* CEPH_MSG_CONNECT_* */
} __attribute__ ((packed));
__le32 global_seq;
__le32 connect_seq;
__le32 protocol_version;
+ __le32 authorizer_len;
__u8 flags;
} __attribute__ ((packed));
// on deliberate reset of connection by remote
// implies incoming messages dropped; possibly/probably some of our previous outgoing too.
virtual void ms_handle_remote_reset(Connection *con, const entity_addr_t& peer) = 0;
+
+
+ // authorization handshake provides mutual authentication of peers.
+ // connecting side
+ virtual bool ms_get_authorizer(int dest_type, bufferlist& authorizer);
+ // accepting side
+ virtual bool ms_verify_authorizer(Connection *con, bufferlist& authorizer, bufferlist& authorizer_reply);
};
#endif
}
dout(10) << "connect sent my addr " << rank->rank_addr << dendl;
+ bufferlist authorizer;
+ //get_authorizer(peer_type, authorizer);
+
while (1) {
ceph_msg_connect connect;
connect.host_type = rank->my_type;
connect.global_seq = gseq;
connect.connect_seq = cseq;
connect.protocol_version = get_proto_version(rank->my_type, peer_type, true);
+ connect.authorizer_len = authorizer.length();
connect.flags = 0;
if (policy.lossy_tx)
connect.flags |= CEPH_MSG_CONNECT_LOSSY;
msg.msg_iov = msgvec;
msg.msg_iovlen = 1;
msglen = msgvec[0].iov_len;
+ if (authorizer.length()) {
+ msgvec[1].iov_base = authorizer.c_str();
+ msgvec[1].iov_len = authorizer.length();
+ msg.msg_iovlen++;
+ msglen += msgvec[1].iov_len;
+ }
dout(10) << "connect sending gseq=" << gseq << " cseq=" << cseq
<< " proto=" << connect.protocol_version << dendl;
projects / ceph.git / commitdiff