From: Sage Weil Date: Wed, 30 Jan 2019 23:59:51 +0000 (-0600) Subject: mon/MonClient: make MonClientPinger an AuthCleint X-Git-Tag: v14.1.0~183^2~26 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=d532e1ef1a5b8170af253ecff921500c3d093599;p=ceph.git mon/MonClient: make MonClientPinger an AuthCleint Reuse MonConnection to do the authentication. Note this is a change in behavior: ceph ping mon* now requires authentication. Signed-off-by: Sage Weil --- diff --git a/src/mon/MonClient.cc b/src/mon/MonClient.cc index a51209124de..ac7922c3153 100644 --- a/src/mon/MonClient.cc +++ b/src/mon/MonClient.cc @@ -224,15 +224,29 @@ int MonClient::ping_monitor(const string &mon_id, string *result_reply) return -ENOENT; } - MonClientPinger *pinger = new MonClientPinger(cct, result_reply); + // N.B. monc isn't initialized + + auth_registry.refresh_config(); + + KeyRing keyring; + keyring.from_ceph_context(cct); + RotatingKeyRing rkeyring(cct, cct->get_module_type(), &keyring); + + MonClientPinger *pinger = new MonClientPinger(cct, + &rkeyring, + result_reply); Messenger *smsgr = Messenger::create_client_messenger(cct, "temp_ping_client"); smsgr->add_dispatcher_head(pinger); + smsgr->set_auth_client(pinger); smsgr->start(); ConnectionRef con = smsgr->connect_to_mon(monmap.get_addrs(new_mon_id)); ldout(cct, 10) << __func__ << " ping mon." << new_mon_id << " " << con->get_peer_addr() << dendl; + + pinger->mc.reset(new MonConnection(cct, con, 0, &auth_registry)); + pinger->mc->start(monmap.get_epoch(), entity_name); con->send_message(new MPing); pinger->lock.Lock(); @@ -245,6 +259,7 @@ int MonClient::ping_monitor(const string &mon_id, string *result_reply) pinger->lock.Unlock(); con->mark_down(); + pinger->mc.reset(); smsgr->shutdown(); smsgr->wait(); delete smsgr; diff --git a/src/mon/MonClient.h b/src/mon/MonClient.h index 19b921defc6..5503d46943d 100644 --- a/src/mon/MonClient.h +++ b/src/mon/MonClient.h @@ -43,61 +43,6 @@ class AuthClientHandler; class KeyRing; class RotatingKeyRing; -struct MonClientPinger : public Dispatcher { - - Mutex lock; - Cond ping_recvd_cond; - string *result; - bool done; - - MonClientPinger(CephContext *cct_, string *res_) : - Dispatcher(cct_), - lock("MonClientPinger::lock"), - result(res_), - done(false) - { } - - int wait_for_reply(double timeout = 0.0) { - utime_t until = ceph_clock_now(); - until += (timeout > 0 ? timeout : cct->_conf->client_mount_timeout); - done = false; - - int ret = 0; - while (!done) { - ret = ping_recvd_cond.WaitUntil(lock, until); - if (ret == ETIMEDOUT) - break; - } - return ret; - } - - bool ms_dispatch(Message *m) override { - std::lock_guard l(lock); - if (m->get_type() != CEPH_MSG_PING) - return false; - - bufferlist &payload = m->get_payload(); - if (result && payload.length() > 0) { - auto p = std::cbegin(payload); - decode(*result, p); - } - done = true; - ping_recvd_cond.SignalAll(); - m->put(); - return true; - } - bool ms_handle_reset(Connection *con) override { - std::lock_guard l(lock); - done = true; - ping_recvd_cond.SignalAll(); - return true; - } - void ms_handle_remote_reset(Connection *con) override {} - bool ms_handle_refused(Connection *con) override { - return false; - } -}; - class MonConnection { public: MonConnection(CephContext *cct, @@ -183,6 +128,108 @@ private: AuthRegistry *auth_registry; }; + +struct MonClientPinger : public Dispatcher, + public AuthClient { + + Mutex lock; + Cond ping_recvd_cond; + string *result; + bool done; + RotatingKeyRing *keyring; + std::unique_ptr mc; + + MonClientPinger(CephContext *cct_, + RotatingKeyRing *keyring, + string *res_) : + Dispatcher(cct_), + lock("MonClientPinger::lock"), + result(res_), + done(false), + keyring(keyring) + { } + + int wait_for_reply(double timeout = 0.0) { + utime_t until = ceph_clock_now(); + until += (timeout > 0 ? timeout : cct->_conf->client_mount_timeout); + done = false; + + int ret = 0; + while (!done) { + ret = ping_recvd_cond.WaitUntil(lock, until); + if (ret == ETIMEDOUT) + break; + } + return ret; + } + + bool ms_dispatch(Message *m) override { + std::lock_guard l(lock); + if (m->get_type() != CEPH_MSG_PING) + return false; + + bufferlist &payload = m->get_payload(); + if (result && payload.length() > 0) { + auto p = std::cbegin(payload); + decode(*result, p); + } + done = true; + ping_recvd_cond.SignalAll(); + m->put(); + return true; + } + bool ms_handle_reset(Connection *con) override { + std::lock_guard l(lock); + done = true; + ping_recvd_cond.SignalAll(); + return true; + } + void ms_handle_remote_reset(Connection *con) override {} + bool ms_handle_refused(Connection *con) override { + return false; + } + + // AuthClient + int get_auth_request( + Connection *con, + AuthConnectionMeta *auth_meta, + uint32_t *auth_method, + std::vector *preferred_modes, + bufferlist *bl) override { + return mc->get_auth_request(auth_method, preferred_modes, bl, + cct->_conf->name, 0, keyring); + } + int handle_auth_reply_more( + Connection *con, + AuthConnectionMeta *auth_meta, + const bufferlist& bl, + bufferlist *reply) override { + return mc->handle_auth_reply_more(auth_meta, bl, reply); + } + int handle_auth_done( + Connection *con, + AuthConnectionMeta *auth_meta, + uint64_t global_id, + uint32_t con_mode, + const bufferlist& bl, + CryptoKey *session_key, + std::string *connection_secret) override { + return mc->handle_auth_done(auth_meta, global_id, bl, + session_key, connection_secret); + } + int handle_auth_bad_method( + Connection *con, + AuthConnectionMeta *auth_meta, + uint32_t old_auth_method, + int result, + const std::vector& allowed_methods, + const std::vector& allowed_modes) override { + return mc->handle_auth_bad_method(old_auth_method, result, + allowed_methods, allowed_modes); + } +}; + + class MonClient : public Dispatcher, public AuthClient, public AuthServer /* for mgr, osd, mds */ {