AuthServer(CephContext *cct) : auth_registry(cct) {}
virtual ~AuthServer() {}
- /// Get authentication methods and connection modes for the given peer type
+ /// Get authentication methods for the given peer type
virtual void get_supported_auth_methods(
int peer_type,
- std::vector<uint32_t> *methods,
- std::vector<uint32_t> *modes = nullptr) {
- auth_registry.get_supported_methods(peer_type, methods, modes);
+ std::vector<uint32_t> *methods) {
+ auth_registry.get_supported_methods(peer_type, methods, nullptr);
}
- /// Get support connection modes for the given peer type and auth method
+ /// Get supported connection modes for the given peer type and auth method
+ virtual void get_supported_con_modes(
+ int peer_type,
+ uint32_t auth_method,
+ std::vector<uint32_t> *modes) {
+ auth_registry.get_supported_modes(peer_type, auth_method, modes);
+ }
+
+ /// Choose a connection mode for the given peer type and auth method
virtual uint32_t pick_con_mode(
int peer_type,
uint32_t auth_method,
public:
virtual ~AuthServer() {}
- // Get authentication methods and connection modes for the given peer type
- virtual std::pair<std::vector<uint32_t>, std::vector<uint32_t>>
+ // Get authentication methods for the given peer type
+ virtual std::vector<uint32_t>
get_supported_auth_methods(int peer_type) = 0;
- // Get support connection modes for the given peer type and auth method
+ // Get supported connection modes for the given peer type and auth method
+ virtual std::vector<uint32_t>
+ get_supported_con_modes(
+ int peer_type,
+ uint32_t auth_method) = 0;
+ // Choose a connection mode for the given peer type and auth method
virtual uint32_t pick_con_mode(
int peer_type,
uint32_t auth_method,
DummyAuthClientServer() {}
// client
- std::pair<std::vector<uint32_t>, std::vector<uint32_t>>
+ std::vector<uint32_t>
get_supported_auth_methods(int peer_type) final {
- return {{CEPH_AUTH_NONE}, {CEPH_AUTH_NONE}};
+ return {CEPH_AUTH_NONE};
+ }
+
+ std::vector<uint32_t>
+ get_supported_con_modes(int peer_type,
+ uint32_t auth_method) final {
+ return {CEPH_CON_MODE_CRC};
}
uint32_t pick_con_mode(int peer_type,
});
}
-std::pair<std::vector<uint32_t>, std::vector<uint32_t>>
+std::vector<uint32_t>
Client::get_supported_auth_methods(int peer_type)
{
std::vector<uint32_t> methods;
+ auth_registry.get_supported_methods(peer_type, &methods, nullptr);
+ return methods;
+}
+
+std::vector<uint32_t>
+Client::get_supported_con_modes(int peer_type,
+ uint32_t auth_method)
+{
std::vector<uint32_t> modes;
- auth_registry.get_supported_methods(peer_type, &methods, &modes);
- return {methods, modes};
+ auth_registry.get_supported_modes(peer_type, auth_method, &modes);
+ return modes;
}
uint32_t Client::pick_con_mode(int peer_type,
void print(std::ostream&) const;
private:
// AuthServer methods
- std::pair<std::vector<uint32_t>, std::vector<uint32_t>>
- get_supported_auth_methods(int peer_type) final;
+ std::vector<uint32_t> get_supported_auth_methods(int peer_type) final;
+ std::vector<uint32_t> get_supported_con_modes(int peer_type,
+ uint32_t auth_method) final;
uint32_t pick_con_mode(int peer_type,
uint32_t auth_method,
const std::vector<uint32_t>& preferred_modes) final;
{
// _auth_bad_method() logic
ceph_assert(r < 0);
- auto [allowed_methods, allowed_modes] =
+ auto allowed_methods =
messenger.get_auth_server()->get_supported_auth_methods(conn.get_peer_type());
+ auto allowed_modes =
+ messenger.get_auth_server()->get_supported_con_modes(conn.get_peer_type(),
+ auth_meta->auth_method);
auto bad_method = AuthBadMethodFrame::Encode(
auth_meta->auth_method, r, allowed_methods, allowed_modes);
logger().warn("{} WRITE AuthBadMethodFrame: method={}, result={}, "
std::vector<uint32_t> allowed_methods;
std::vector<uint32_t> allowed_modes;
messenger->auth_server->get_supported_auth_methods(
- connection->get_peer_type(), &allowed_methods, &allowed_modes);
+ connection->get_peer_type(), &allowed_methods);
+ messenger->auth_server->get_supported_con_modes(
+ connection->get_peer_type(), auth_meta->auth_method, &allowed_modes);
ldout(cct, 1) << __func__ << " auth_method " << auth_meta->auth_method
<< " r " << cpp_strerror(r)
<< ", allowed_methods " << allowed_methods