From: Sage Weil <sage@newdream.net>
Date: Fri, 7 Oct 2011 23:45:22 +0000 (-0700)
Subject: auth: move AuthAuthorizeHandler registry into class
X-Git-Tag: v0.37~38^2~3
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=dc40b37403298a60cb5823c030fa94518b0c6e35;p=ceph.git

auth: move AuthAuthorizeHandler registry into class

Static classes with constructors and destructors are dangerous.  Explicitly
manage these as part of the server components (OSD, MDS).

Fixes: #1608
Signed-off-by: Sage Weil <sage@newdream.net>
---

diff --git a/src/auth/AuthAuthorizeHandler.cc b/src/auth/AuthAuthorizeHandler.cc
index 03f301a86107..be364d706228 100644
--- a/src/auth/AuthAuthorizeHandler.cc
+++ b/src/auth/AuthAuthorizeHandler.cc
@@ -19,30 +19,33 @@
 #include "AuthSupported.h"
 #include "common/Mutex.h"
 
-static bool _initialized = false;
-static Mutex _lock("auth_service_handler_init");
-static map<int, AuthAuthorizeHandler *> authorizers;
-
-static void _init_authorizers(CephContext *cct)
+AuthAuthorizeHandler *AuthAuthorizeHandlerRegistry::get_handler(int protocol)
 {
-  if (is_supported_auth(CEPH_AUTH_NONE, cct)) {
-    authorizers[CEPH_AUTH_NONE] = new AuthNoneAuthorizeHandler(); 
+  if (!is_supported_auth(protocol, cct)) {
+    return NULL;
   }
-  if (is_supported_auth(CEPH_AUTH_CEPHX, cct)) {
-    authorizers[CEPH_AUTH_CEPHX] = new CephxAuthorizeHandler(); 
+  
+  Mutex::Locker l(m_lock);
+  map<int,AuthAuthorizeHandler*>::iterator iter = m_authorizers.find(protocol);
+  if (iter != m_authorizers.end())
+    return iter->second;
+
+  switch (protocol) {
+  case CEPH_AUTH_NONE:
+    m_authorizers[protocol] = new AuthNoneAuthorizeHandler();
+    return m_authorizers[protocol];
+    
+  case CEPH_AUTH_CEPHX:
+    m_authorizers[protocol] = new CephxAuthorizeHandler();
+    return m_authorizers[protocol];
   }
-  _initialized = true;
+  return NULL;
 }
 
-AuthAuthorizeHandler *get_authorize_handler(int protocol, CephContext *cct)
+AuthAuthorizeHandlerRegistry::~AuthAuthorizeHandlerRegistry()
 {
-  Mutex::Locker l(_lock);
-  if (!_initialized) {
-   _init_authorizers(cct);
-  }
-
-  map<int, AuthAuthorizeHandler *>::iterator iter = authorizers.find(protocol);
-  if (iter != authorizers.end())
-    return iter->second;
-  return NULL;
+  for (map<int,AuthAuthorizeHandler*>::iterator iter = m_authorizers.begin();
+       iter != m_authorizers.end();
+       ++iter)
+    delete iter->second;
 }
diff --git a/src/auth/AuthAuthorizeHandler.h b/src/auth/AuthAuthorizeHandler.h
index 7837d0ca2ab5..fb5d823bff0f 100644
--- a/src/auth/AuthAuthorizeHandler.h
+++ b/src/auth/AuthAuthorizeHandler.h
@@ -30,6 +30,18 @@ struct AuthAuthorizeHandler {
 				 AuthCapsInfo& caps_info, uint64_t *auid = NULL) = 0;
 };
 
-extern AuthAuthorizeHandler *get_authorize_handler(int protocol, CephContext *cct);
+class AuthAuthorizeHandlerRegistry {
+  Mutex m_lock;
+  map<int,AuthAuthorizeHandler*> m_authorizers;
+  CephContext *cct;
+
+public:
+  AuthAuthorizeHandlerRegistry(CephContext *cct_)
+    : m_lock("AuthAuthorizeHandlerRegistry::m_lock"), cct(cct_)
+  {}
+  ~AuthAuthorizeHandlerRegistry();
+  
+  AuthAuthorizeHandler *get_handler(int protocol);
+};
 
 #endif
diff --git a/src/mds/MDS.cc b/src/mds/MDS.cc
index 0d93f061f67a..7a8b34a64bd4 100644
--- a/src/mds/MDS.cc
+++ b/src/mds/MDS.cc
@@ -94,6 +94,7 @@ MDS::MDS(const std::string &n, Messenger *m, MonClient *mc) :
   Dispatcher(m->cct),
   mds_lock("MDS::mds_lock"),
   timer(m->cct, mds_lock),
+  authorize_handler_registry(new AuthAuthorizeHandlerRegistry(m->cct)),
   name(n),
   whoami(-1), incarnation(0),
   standby_for_rank(MDSMap::MDS_NO_STANDBY_PREF),
@@ -155,6 +156,8 @@ MDS::MDS(const std::string &n, Messenger *m, MonClient *mc) :
 MDS::~MDS() {
   Mutex::Locker lock(mds_lock);
 
+  delete authorize_handler_registry;
+
   if (mdcache) { delete mdcache; mdcache = NULL; }
   if (mdlog) { delete mdlog; mdlog = NULL; }
   if (balancer) { delete balancer; balancer = NULL; }
@@ -2027,7 +2030,7 @@ bool MDS::ms_verify_authorizer(Connection *con, int peer_type,
   Mutex::Locker l(mds_lock);
 
   AuthAuthorizeHandler *authorize_handler =
-      get_authorize_handler(protocol, g_ceph_context);
+    authorize_handler_registry->get_handler(protocol);
   if (!authorize_handler) {
     dout(0) << "No AuthAuthorizeHandler found for protocol " << protocol << dendl;
     is_valid = false;
diff --git a/src/mds/MDS.h b/src/mds/MDS.h
index 9b324b007375..4ea26dec20d8 100644
--- a/src/mds/MDS.h
+++ b/src/mds/MDS.h
@@ -137,11 +137,15 @@ class AnchorClient;
 class MDSTableServer;
 class MDSTableClient;
 
+class AuthAuthorizeHandlerRegistry;
+
 class MDS : public Dispatcher {
  public:
   Mutex        mds_lock;
   SafeTimer    timer;
 
+  AuthAuthorizeHandlerRegistry *authorize_handler_registry;
+
   string name;
   int whoami;
   int incarnation;
diff --git a/src/osd/OSD.cc b/src/osd/OSD.cc
index d86153b1cc50..4d37a6b027bd 100644
--- a/src/osd/OSD.cc
+++ b/src/osd/OSD.cc
@@ -514,6 +514,7 @@ OSD::OSD(int id, Messenger *internal_messenger, Messenger *external_messenger,
   Dispatcher(external_messenger->cct),
   osd_lock("OSD::osd_lock"),
   timer(external_messenger->cct, osd_lock),
+  authorize_handler_registry(new AuthAuthorizeHandlerRegistry(external_messenger->cct)),
   cluster_messenger(internal_messenger),
   client_messenger(external_messenger),
   monc(mc),
@@ -575,6 +576,7 @@ OSD::OSD(int id, Messenger *internal_messenger, Messenger *external_messenger,
 
 OSD::~OSD()
 {
+  delete authorize_handler_registry;
   delete map_in_progress_cond;
   delete class_handler;
   g_ceph_context->GetPerfCountersCollection()->logger_remove(logger);
@@ -2596,8 +2598,7 @@ bool OSD::ms_verify_authorizer(Connection *con, int peer_type,
 			       int protocol, bufferlist& authorizer_data, bufferlist& authorizer_reply,
 			       bool& isvalid)
 {
-  AuthAuthorizeHandler *authorize_handler =
-      get_authorize_handler(protocol, g_ceph_context);
+  AuthAuthorizeHandler *authorize_handler = authorize_handler_registry->get_handler(protocol);
   if (!authorize_handler) {
     dout(0) << "No AuthAuthorizeHandler found for protocol " << protocol << dendl;
     isvalid = false;
diff --git a/src/osd/OSD.h b/src/osd/OSD.h
index 046e8976b306..3a6437d0ac31 100644
--- a/src/osd/OSD.h
+++ b/src/osd/OSD.h
@@ -114,6 +114,8 @@ class Watch;
 class Notification;
 class ReplicatedPG;
 
+class AuthAuthorizeHandlerRegistry;
+
 extern const coll_t meta_coll;
 
 class OSD : public Dispatcher {
@@ -122,6 +124,8 @@ protected:
   Mutex osd_lock;			// global lock
   SafeTimer timer;    // safe timer (osd_lock)
 
+  AuthAuthorizeHandlerRegistry *authorize_handler_registry;
+
   Messenger   *cluster_messenger;
   Messenger   *client_messenger;
   MonClient   *monc;