From: Kefu Chai Date: Tue, 5 Mar 2019 04:05:31 +0000 (+0800) Subject: crimson: add AuthService X-Git-Tag: v15.0.0~191^2~2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=4ca5138f77cc248bd78b3bb673dbca3fe4b7d830;p=ceph.git crimson: add AuthService AuthService is introduced to allow Dispatchers to access to authorizers, even if it is not chained with a Dispatcher implementing Dispatcher::ms_get_authorizer(). in this case, we need to grant access to Heartbeat class. it has its own messengers dedicated for heartbeat traffic. it's mon::Client which provides the facilities of authorization via Dispatcher interface. we could just cast mon::Client to ceph::common::Dispatch for accessing Dispatcher::ms_get_authorizer(), but i want to make this explicit using AuthService. as the consumers of Dispatch inteface is messenger and ChainedDispatcher not the domain specific classes. in future, we need to either implement Auth{Client,Server} or adapt to this machinery for msgr V2. Signed-off-by: Kefu Chai --- diff --git a/src/crimson/common/auth_service.h b/src/crimson/common/auth_service.h new file mode 100644 index 000000000000..94c256dcba34 --- /dev/null +++ b/src/crimson/common/auth_service.h @@ -0,0 +1,16 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab + +#pragma once + +#include "crimson/net/Fwd.h" + +class AuthAuthorizer; + +namespace ceph::common { +class AuthService { +public: + virtual AuthAuthorizer* get_authorizer(peer_type_t peer) const = 0; + virtual ~AuthService() = default; +}; +} diff --git a/src/crimson/mon/MonClient.cc b/src/crimson/mon/MonClient.cc index dba89c9f5124..5d4f6c66a002 100644 --- a/src/crimson/mon/MonClient.cc +++ b/src/crimson/mon/MonClient.cc @@ -372,6 +372,10 @@ AuthAuthorizer* Client::ms_get_authorizer(peer_type_t peer) const } } +AuthAuthorizer* Client::get_authorizer(peer_type_t peer) const +{ + return ms_get_authorizer(peer); +} seastar::future<> Client::handle_monmap(ceph::net::ConnectionRef conn, Ref m) diff --git a/src/crimson/mon/MonClient.h b/src/crimson/mon/MonClient.h index ffce5b06d19c..1d9e368a77f2 100644 --- a/src/crimson/mon/MonClient.h +++ b/src/crimson/mon/MonClient.h @@ -11,6 +11,7 @@ #include "auth/KeyRing.h" +#include "crimson/common/auth_service.h" #include "crimson/net/Dispatcher.h" #include "crimson/net/Fwd.h" @@ -36,7 +37,9 @@ namespace ceph::mon { class Connection; -class Client : public ceph::net::Dispatcher { +class Client : public ceph::net::Dispatcher, + public ceph::common::AuthService +{ EntityName entity_name; KeyRing keyring; std::unique_ptr auth_methods; @@ -83,6 +86,8 @@ public: void sub_unwant(const std::string& what); bool sub_want_increment(const std::string& what, version_t start, unsigned flags); seastar::future<> renew_subs(); + // AuthService methods + AuthAuthorizer* get_authorizer(peer_type_t peer) const override; private: void tick(); diff --git a/src/crimson/osd/heartbeat.cc b/src/crimson/osd/heartbeat.cc index 6dfefb3ba691..c1efce85c2e4 100644 --- a/src/crimson/osd/heartbeat.cc +++ b/src/crimson/osd/heartbeat.cc @@ -5,6 +5,7 @@ #include "messages/MOSDPing.h" #include "messages/MOSDFailure.h" +#include "crimson/common/auth_service.h" #include "crimson/common/config_proxy.h" #include "crimson/net/Connection.h" #include "crimson/net/Messenger.h" @@ -308,6 +309,11 @@ seastar::future<> Heartbeat::handle_you_died() return seastar::now(); } +AuthAuthorizer* Heartbeat::ms_get_authorizer(peer_type_t peer) const +{ + return monc.get_authorizer(peer); +} + seastar::future<> Heartbeat::send_heartbeats() { using peers_item_t = typename peers_map_t::value_type; diff --git a/src/crimson/osd/heartbeat.h b/src/crimson/osd/heartbeat.h index b5eb0f7c2d49..f1565cf466e3 100644 --- a/src/crimson/osd/heartbeat.h +++ b/src/crimson/osd/heartbeat.h @@ -44,6 +44,7 @@ public: // Dispatcher methods seastar::future<> ms_dispatch(ceph::net::ConnectionRef conn, MessageRef m) override; + AuthAuthorizer* ms_get_authorizer(peer_type_t peer) const override; private: seastar::future<> handle_osd_ping(ceph::net::ConnectionRef conn,