From: Sage Weil <sage@inktank.com>
Date: Wed, 6 Jun 2012 22:26:28 +0000 (-0700)
Subject: mon: share mon keyring with KeyServer
X-Git-Tag: v0.48argonaut~100^2~2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=ca433f28da4d5bac44babea3016d1ebe5bc11dec;p=ceph.git

mon: share mon keyring with KeyServer

This will let us authenticate against items in the mon keyring, like the
mon. key itself.

Signed-off-by: Sage Weil <sage@inktank.com>
---

diff --git a/src/auth/cephx/CephxKeyServer.cc b/src/auth/cephx/CephxKeyServer.cc
index a1944b3bb297..ffa579fd4fe4 100644
--- a/src/auth/cephx/CephxKeyServer.cc
+++ b/src/auth/cephx/CephxKeyServer.cc
@@ -130,8 +130,10 @@ bool KeyServerData::get_caps(CephContext *cct, const EntityName& name,
 #define dout_prefix *_dout << "cephx keyserver: "
 
 
-KeyServer::KeyServer(CephContext *cct_)
-  : cct(cct_), lock("KeyServer::lock")
+KeyServer::KeyServer(CephContext *cct_, KeyRing *extra_secrets)
+  : cct(cct_),
+    data(extra_secrets),
+    lock("KeyServer::lock")
 {
 }
 
diff --git a/src/auth/cephx/CephxKeyServer.h b/src/auth/cephx/CephxKeyServer.h
index 2fc316d9f096..60b424b0bd56 100644
--- a/src/auth/cephx/CephxKeyServer.h
+++ b/src/auth/cephx/CephxKeyServer.h
@@ -29,12 +29,16 @@ struct KeyServerData {
 
   /* for each entity */
   map<EntityName, EntityAuth> secrets;
+  KeyRing *extra_secrets;
 
   /* for each service type */
   version_t rotating_ver;
   map<uint32_t, RotatingSecrets> rotating_secrets;
 
-  KeyServerData() : version(0), rotating_ver(0) {}
+  KeyServerData(KeyRing *extra)
+    : version(0),
+      extra_secrets(extra),
+      rotating_ver(0) {}
 
   void encode(bufferlist& bl) const {
      __u8 struct_v = 1;
@@ -195,7 +199,7 @@ class KeyServer : public KeyStore {
   bool _get_service_caps(const EntityName& name, uint32_t service_id,
 	AuthCapsInfo& caps) const;
 public:
-  KeyServer(CephContext *cct_);
+  KeyServer(CephContext *cct_, KeyRing *extra_secrets);
   bool generate_secret(CryptoKey& secret);
 
   bool get_secret(const EntityName& name, CryptoKey& secret) const;
@@ -284,7 +288,4 @@ public:
 WRITE_CLASS_ENCODER(KeyServer);
 
 
-
-
-
 #endif
diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc
index 3f2f287e08af..c491031482cb 100644
--- a/src/mon/Monitor.cc
+++ b/src/mon/Monitor.cc
@@ -98,7 +98,7 @@ Monitor::Monitor(CephContext* cct_, string nm, MonitorStore *s, Messenger *m, Mo
   logger(NULL), cluster_logger(NULL), cluster_logger_registered(false),
   monmap(map),
   clog(cct_, messenger, monmap, LogClient::FLAG_MON),
-  key_server(cct),
+  key_server(cct, &keyring),
   auth_supported(cct),
   store(s),
   
diff --git a/src/testkeys.cc b/src/testkeys.cc
index c120921a3cf2..27c38124ade1 100644
--- a/src/testkeys.cc
+++ b/src/testkeys.cc
@@ -13,8 +13,8 @@ int main(int argc, const char **argv)
 
   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
   common_init_finish(g_ceph_context);
-
-  KeyServer server(g_ceph_context);
+  KeyRing extra;
+  KeyServer server(g_ceph_context, &extra);
 
   generic_dout(0) << "server created" << dendl;