From: Max Kellermann Date: Fri, 25 Oct 2024 09:14:26 +0000 (+0200) Subject: auth/Auth: un-inline methods to reduce header dependencies X-Git-Tag: v21.0.0~58^2~1 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=ba6b0d204812e3aed8480de20dd30c9d9fd56bcf;p=ceph.git auth/Auth: un-inline methods to reduce header dependencies Signed-off-by: Max Kellermann --- diff --git a/src/auth/Auth.cc b/src/auth/Auth.cc new file mode 100644 index 00000000000..b3253a66366 --- /dev/null +++ b/src/auth/Auth.cc @@ -0,0 +1,199 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2009 Sage Weil + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#include "Auth.h" +#include "common/ceph_json.h" +#include "common/Formatter.h" + +void EntityAuth::encode(ceph::buffer::list& bl) const { + __u8 struct_v = 3; + using ceph::encode; + encode(struct_v, bl); + encode((uint64_t)CEPH_AUTH_UID_DEFAULT, bl); + encode(key, bl); + encode(caps, bl); + encode(pending_key, bl); +} + +void EntityAuth::decode(ceph::buffer::list::const_iterator& bl) { + using ceph::decode; + __u8 struct_v; + decode(struct_v, bl); + if (struct_v >= 2) { + uint64_t old_auid; + decode(old_auid, bl); + } + decode(key, bl); + decode(caps, bl); + if (struct_v >= 3) { + decode(pending_key, bl); + } +} + +void EntityAuth::dump(ceph::Formatter *f) const { + f->dump_object("key", key); + encode_json("caps", caps, f); + f->dump_object("pending_key", pending_key); +} + +std::list EntityAuth::generate_test_instances() { + std::list ls; + ls.emplace_back(); + return ls; +} + +std::ostream& operator<<(std::ostream& out, const EntityAuth& a) +{ + out << "auth(key=" << a.key; + if (!a.pending_key.empty()) { + out << " pending_key=" << a.pending_key; + } + out << ")"; + return out; +} + +void AuthCapsInfo::encode(ceph::buffer::list& bl) const { + using ceph::encode; + __u8 struct_v = 1; + encode(struct_v, bl); + __u8 a = (__u8)allow_all; + encode(a, bl); + encode(caps, bl); +} + +void AuthCapsInfo::decode(ceph::buffer::list::const_iterator& bl) { + using ceph::decode; + __u8 struct_v; + decode(struct_v, bl); + __u8 a; + decode(a, bl); + allow_all = (bool)a; + decode(caps, bl); +} + +void AuthCapsInfo::dump(ceph::Formatter *f) const { + f->dump_bool("allow_all", allow_all); + encode_json("caps", caps, f); + f->dump_unsigned("caps_len", caps.length()); +} + +std::list AuthCapsInfo::generate_test_instances() { + std::list ls; + ls.emplace_back(); + ls.emplace_back(); + ls.back().allow_all = true; + ls.emplace_back(); + ls.back().caps.append("foo"); + ls.back().caps.append("bar"); + return ls; +} + +void AuthTicket::encode(ceph::buffer::list& bl) const { + using ceph::encode; + __u8 struct_v = 2; + encode(struct_v, bl); + encode(name, bl); + encode(global_id, bl); + encode((uint64_t)CEPH_AUTH_UID_DEFAULT, bl); + encode(created, bl); + encode(expires, bl); + encode(caps, bl); + encode(flags, bl); +} + +void AuthTicket::decode(ceph::buffer::list::const_iterator& bl) { + using ceph::decode; + __u8 struct_v; + decode(struct_v, bl); + decode(name, bl); + decode(global_id, bl); + if (struct_v >= 2) { + uint64_t old_auid; + decode(old_auid, bl); + } + decode(created, bl); + decode(expires, bl); + decode(caps, bl); + decode(flags, bl); +} + +void AuthTicket::dump(ceph::Formatter *f) const { + f->dump_object("name", name); + f->dump_unsigned("global_id", global_id); + f->dump_stream("created") << created; + f->dump_stream("expires") << expires; + f->dump_object("caps", caps); + f->dump_unsigned("flags", flags); +} + +std::list AuthTicket::generate_test_instances() { + std::list ls; + ls.emplace_back(); + ls.emplace_back(); + ls.back().name.set_id("client.123"); + ls.back().global_id = 123; + ls.back().init_timestamps(utime_t(123, 456), 7); + ls.back().caps.caps.append("foo"); + ls.back().caps.caps.append("bar"); + ls.back().flags = 0x12345678; + return ls; +} + +void ExpiringCryptoKey::dump(ceph::Formatter *f) const { + f->dump_object("key", key); + f->dump_stream("expiration") << expiration; +} + +std::list ExpiringCryptoKey::generate_test_instances() { + std::list ls; + ls.emplace_back(); + ls.emplace_back(); + ls.back().key.set_secret( + CEPH_CRYPTO_AES, bufferptr("1234567890123456", 16), utime_t(123, 456)); + return ls; +} + +std::ostream& operator<<(std::ostream& out, const ExpiringCryptoKey& c) +{ + return out << c.key << " expires " << c.expiration; +} + +void RotatingSecrets::encode(ceph::buffer::list& bl) const { + using ceph::encode; + __u8 struct_v = 1; + encode(struct_v, bl); + encode(secrets, bl); + encode(max_ver, bl); +} + +void RotatingSecrets::decode(ceph::buffer::list::const_iterator& bl) { + using ceph::decode; + __u8 struct_v; + decode(struct_v, bl); + decode(secrets, bl); + decode(max_ver, bl); +} + +void RotatingSecrets::dump(ceph::Formatter *f) const { + encode_json("secrets", secrets, f); +} + +std::list RotatingSecrets::generate_test_instances() { + std::list ls; + ls.emplace_back(); + ls.emplace_back(); + ExpiringCryptoKey eck{}; + ls.back().add(eck); + return ls; +} diff --git a/src/auth/Auth.h b/src/auth/Auth.h index 57be552acfb..de862ef12e7 100644 --- a/src/auth/Auth.h +++ b/src/auth/Auth.h @@ -17,18 +17,18 @@ #define CEPH_AUTHTYPES_H #include "Crypto.h" -#include "common/ceph_json.h" #include "common/entity_name.h" -#include "common/Formatter.h" #include "include/buffer.h" #include "include/ceph_fs.h" // for CEPH_AUTH_UNKNOWN #include -#include +#include #include #include #include +namespace ceph { class Formatter; } + // The _MAX values are a bit wonky here because we are overloading the first // byte of the auth payload to identify both the type of authentication to be // used *and* the encoding version for the authenticator. So, we define a @@ -47,51 +47,14 @@ struct EntityAuth { std::map caps; CryptoKey pending_key; ///< new but uncommitted key - void encode(ceph::buffer::list& bl) const { - __u8 struct_v = 3; - using ceph::encode; - encode(struct_v, bl); - encode((uint64_t)CEPH_AUTH_UID_DEFAULT, bl); - encode(key, bl); - encode(caps, bl); - encode(pending_key, bl); - } - void decode(ceph::buffer::list::const_iterator& bl) { - using ceph::decode; - __u8 struct_v; - decode(struct_v, bl); - if (struct_v >= 2) { - uint64_t old_auid; - decode(old_auid, bl); - } - decode(key, bl); - decode(caps, bl); - if (struct_v >= 3) { - decode(pending_key, bl); - } - } - void dump(ceph::Formatter *f) const { - f->dump_object("key", key); - encode_json("caps", caps, f); - f->dump_object("pending_key", pending_key); - } - static std::list generate_test_instances() { - std::list ls; - ls.emplace_back(); - return ls; - } + void encode(ceph::buffer::list& bl) const; + void decode(ceph::buffer::list::const_iterator& bl); + void dump(ceph::Formatter *f) const; + static std::list generate_test_instances(); }; WRITE_CLASS_ENCODER(EntityAuth) -inline std::ostream& operator<<(std::ostream& out, const EntityAuth& a) -{ - out << "auth(key=" << a.key; - if (!a.pending_key.empty()) { - out << " pending_key=" << a.pending_key; - } - out << ")"; - return out; -} +std::ostream& operator<<(std::ostream& out, const EntityAuth& a); struct AuthCapsInfo { bool allow_all; @@ -99,38 +62,10 @@ struct AuthCapsInfo { AuthCapsInfo() : allow_all(false) {} - void encode(ceph::buffer::list& bl) const { - using ceph::encode; - __u8 struct_v = 1; - encode(struct_v, bl); - __u8 a = (__u8)allow_all; - encode(a, bl); - encode(caps, bl); - } - void decode(ceph::buffer::list::const_iterator& bl) { - using ceph::decode; - __u8 struct_v; - decode(struct_v, bl); - __u8 a; - decode(a, bl); - allow_all = (bool)a; - decode(caps, bl); - } - void dump(ceph::Formatter *f) const { - f->dump_bool("allow_all", allow_all); - encode_json("caps", caps, f); - f->dump_unsigned("caps_len", caps.length()); - } - static std::list generate_test_instances() { - std::list ls; - ls.emplace_back(); - ls.emplace_back(); - ls.back().allow_all = true; - ls.emplace_back(); - ls.back().caps.append("foo"); - ls.back().caps.append("bar"); - return ls; - } + void encode(ceph::buffer::list& bl) const; + void decode(ceph::buffer::list::const_iterator& bl); + void dump(ceph::Formatter *f) const; + static std::list generate_test_instances(); }; WRITE_CLASS_ENCODER(AuthCapsInfo) @@ -154,53 +89,10 @@ struct AuthTicket { expires += ttl; } - void encode(ceph::buffer::list& bl) const { - using ceph::encode; - __u8 struct_v = 2; - encode(struct_v, bl); - encode(name, bl); - encode(global_id, bl); - encode((uint64_t)CEPH_AUTH_UID_DEFAULT, bl); - encode(created, bl); - encode(expires, bl); - encode(caps, bl); - encode(flags, bl); - } - void decode(ceph::buffer::list::const_iterator& bl) { - using ceph::decode; - __u8 struct_v; - decode(struct_v, bl); - decode(name, bl); - decode(global_id, bl); - if (struct_v >= 2) { - uint64_t old_auid; - decode(old_auid, bl); - } - decode(created, bl); - decode(expires, bl); - decode(caps, bl); - decode(flags, bl); - } - void dump(ceph::Formatter *f) const { - f->dump_object("name", name); - f->dump_unsigned("global_id", global_id); - f->dump_stream("created") << created; - f->dump_stream("expires") << expires; - f->dump_object("caps", caps); - f->dump_unsigned("flags", flags); - } - static std::list generate_test_instances() { - std::list ls; - ls.emplace_back(); - ls.emplace_back(); - ls.back().name.set_id("client.123"); - ls.back().global_id = 123; - ls.back().init_timestamps(utime_t(123, 456), 7); - ls.back().caps.caps.append("foo"); - ls.back().caps.caps.append("bar"); - ls.back().flags = 0x12345678; - return ls; - } + void encode(ceph::buffer::list& bl) const; + void decode(ceph::buffer::list::const_iterator& bl); + void dump(ceph::Formatter *f) const; + static std::list generate_test_instances(); }; WRITE_CLASS_ENCODER(AuthTicket) @@ -285,25 +177,12 @@ struct ExpiringCryptoKey { decode(key, bl); decode(expiration, bl); } - void dump(ceph::Formatter *f) const { - f->dump_object("key", key); - f->dump_stream("expiration") << expiration; - } - static std::list generate_test_instances() { - std::list ls; - ls.emplace_back(); - ls.emplace_back(); - ls.back().key.set_secret( - CEPH_CRYPTO_AES, bufferptr("1234567890123456", 16), utime_t(123, 456)); - return ls; - } + void dump(ceph::Formatter *f) const; + static std::list generate_test_instances(); }; WRITE_CLASS_ENCODER(ExpiringCryptoKey) -inline std::ostream& operator<<(std::ostream& out, const ExpiringCryptoKey& c) -{ - return out << c.key << " expires " << c.expiration; -} +std::ostream& operator<<(std::ostream& out, const ExpiringCryptoKey& c); struct RotatingSecrets { std::map secrets; @@ -311,20 +190,8 @@ struct RotatingSecrets { RotatingSecrets() : max_ver(0) {} - void encode(ceph::buffer::list& bl) const { - using ceph::encode; - __u8 struct_v = 1; - encode(struct_v, bl); - encode(secrets, bl); - encode(max_ver, bl); - } - void decode(ceph::buffer::list::const_iterator& bl) { - using ceph::decode; - __u8 struct_v; - decode(struct_v, bl); - decode(secrets, bl); - decode(max_ver, bl); - } + void encode(ceph::buffer::list& bl) const; + void decode(ceph::buffer::list::const_iterator& bl); uint64_t add(ExpiringCryptoKey& key) { secrets[++max_ver] = key; @@ -361,17 +228,8 @@ struct RotatingSecrets { } void dump(); - void dump(ceph::Formatter *f) const { - encode_json("secrets", secrets, f); - } - static std::list generate_test_instances() { - std::list ls; - ls.emplace_back(); - ls.emplace_back(); - ExpiringCryptoKey eck{}; - ls.back().add(eck); - return ls; - } + void dump(ceph::Formatter *f) const; + static std::list generate_test_instances(); }; WRITE_CLASS_ENCODER(RotatingSecrets) diff --git a/src/auth/CMakeLists.txt b/src/auth/CMakeLists.txt index 57c0d65a02a..c948c2eab75 100644 --- a/src/auth/CMakeLists.txt +++ b/src/auth/CMakeLists.txt @@ -1,4 +1,5 @@ set(auth_srcs + Auth.cc AuthClientHandler.cc AuthMethodList.cc AuthRegistry.cc diff --git a/src/crimson/CMakeLists.txt b/src/crimson/CMakeLists.txt index 83f4519ff51..56c5277edee 100644 --- a/src/crimson/CMakeLists.txt +++ b/src/crimson/CMakeLists.txt @@ -26,6 +26,7 @@ include_directories(${CMAKE_SOURCE_DIR}/src/dmclock/support/src) # - the logging is sent to Seastar backend # - and the template parameter of lock_policy is SINGLE add_library(crimson-common STATIC + ${PROJECT_SOURCE_DIR}/src/auth/Auth.cc ${PROJECT_SOURCE_DIR}/src/auth/Crypto.cc ${PROJECT_SOURCE_DIR}/src/common/admin_socket_client.cc ${PROJECT_SOURCE_DIR}/src/common/bit_str.cc