From: Sage Weil Date: Tue, 11 Sep 2018 19:07:16 +0000 (-0500) Subject: osd: move session setup into ms_handle_authentication X-Git-Tag: v14.0.1~26^2~25 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=67d2f3b901482f4bec14178d97fcc8f9126985a4;p=ceph.git osd: move session setup into ms_handle_authentication Signed-off-by: Sage Weil --- diff --git a/src/osd/OSD.cc b/src/osd/OSD.cc index 891431fbbda8f..3c299699cceb8 100644 --- a/src/osd/OSD.cc +++ b/src/osd/OSD.cc @@ -6907,15 +6907,15 @@ bool OSD::ms_verify_authorizer( return true; } - AuthCapsInfo caps_info; - EntityName name; - uint64_t global_id; - auto keys = monc->rotating_secrets.get(); if (keys) { isvalid = authorize_handler->verify_authorizer( cct, keys, - authorizer_data, authorizer_reply, name, global_id, caps_info, session_key, + authorizer_data, authorizer_reply, + con->peer_name, + con->peer_global_id, + con->peer_caps_info, + session_key, challenge); } else { dout(10) << __func__ << " no rotating_keys (yet), denied" << dendl; @@ -6923,40 +6923,59 @@ bool OSD::ms_verify_authorizer( } if (isvalid) { - auto priv = con->get_priv(); - auto s = static_cast(priv.get()); - if (!s) { - s = new Session{cct, con}; - con->set_priv(RefCountedPtr{s, false}); - dout(10) << " new session " << s << " con=" << s->con - << " addr=" << con->get_peer_addr() << dendl; - } + ms_handle_authentication(con); + } + return true; +} - s->entity_name = name; - if (caps_info.allow_all) - s->caps.set_allow_all(); +int OSD::ms_handle_authentication(Connection *con) +{ + int ret = 0; + auto priv = con->get_priv(); + Session *s = static_cast(priv.get()); + if (!s) { + s = new Session(cct, con); + con->set_priv(RefCountedPtr{s, false}); + s->entity_name = con->get_peer_entity_name(); + dout(10) << __func__ << " new session " << s << " con " << s->con + << " entity " << s->entity_name + << " addr " << con->get_peer_addrs() << dendl; + } else { + dout(10) << __func__ << " existing session " << s << " con " << s->con + << " entity " << s->entity_name + << " addr " << con->get_peer_addrs() << dendl; + } - if (caps_info.caps.length() > 0) { - auto p = caps_info.caps.cbegin(); - string str; - try { - decode(str, p); - } - catch (buffer::error& e) { - isvalid = false; - } - stringstream ss; - bool success = s->caps.parse(str, &ss); - if (success) - dout(10) << " session " << s << " " << s->entity_name << " has caps " << s->caps << " '" << str << "'" << dendl; - else { - dout(10) << " session " << s << " " << s->entity_name << " failed to parse caps '" << str << "'" << dendl; - dout(20) << "parser returned " << ss.str() << dendl; - isvalid = false; + AuthCapsInfo &caps_info = con->get_peer_caps_info(); + if (caps_info.allow_all) + s->caps.set_allow_all(); + + if (caps_info.caps.length() > 0) { + bufferlist::const_iterator p = caps_info.caps.cbegin(); + string str; + try { + decode(str, p); + } + catch (buffer::error& e) { + dout(10) << __func__ << " session " << s << " " << s->entity_name + << " failed to decode caps string" << dendl; + ret = -EPERM; + } + if (!ret) { + bool success = s->caps.parse(str); + if (success) { + dout(10) << __func__ << " session " << s + << " " << s->entity_name + << " has caps " << s->caps << " '" << str << "'" << dendl; + ret = 1; + } else { + dout(10) << __func__ << " session " << s << " " << s->entity_name + << " failed to parse caps '" << str << "'" << dendl; + ret = -EPERM; } } } - return true; + return ret; } void OSD::do_waiters() diff --git a/src/osd/OSD.h b/src/osd/OSD.h index 9dfa3411c5b51..81d0ea758c2df 100644 --- a/src/osd/OSD.h +++ b/src/osd/OSD.h @@ -1657,6 +1657,9 @@ public: isvalid = true; return true; } + int ms_handle_authentication(Connection *con) override { + return true; + } } heartbeat_dispatcher; private: @@ -2190,6 +2193,7 @@ private: void ms_handle_connect(Connection *con) override; void ms_handle_fast_connect(Connection *con) override; void ms_handle_fast_accept(Connection *con) override; + int ms_handle_authentication(Connection *con) override; bool ms_handle_reset(Connection *con) override; void ms_handle_remote_reset(Connection *con) override {} bool ms_handle_refused(Connection *con) override;