From 1f7b82d47900866f311da219a8663928ae03f536 Mon Sep 17 00:00:00 2001 From: Yehuda Sadeh Date: Wed, 19 Aug 2009 16:24:12 -0700 Subject: [PATCH] auth: don't use bufferptr --- src/auth/CryptoTools.cc | 14 +++----- src/messages/MClientAuth.h | 39 ++++++++++++++++++++++ src/messages/MClientAuthReply.h | 57 +++++++++++++++++++++++++++++++++ 3 files changed, 100 insertions(+), 10 deletions(-) create mode 100644 src/messages/MClientAuth.h create mode 100644 src/messages/MClientAuthReply.h diff --git a/src/auth/CryptoTools.cc b/src/auth/CryptoTools.cc index 51d94a9b4ea52..294407baba80f 100644 --- a/src/auth/CryptoTools.cc +++ b/src/auth/CryptoTools.cc @@ -72,7 +72,7 @@ bool CryptoAES::encrypt(EntitySecret& secret, bufferlist& in, bufferlist& out) const unsigned char *in_buf = (const unsigned char *)in.c_str(); int outlen = (in_len + AES_BLOCK_SIZE) & ~(AES_BLOCK_SIZE -1); int tmplen; - bufferptr outptr(outlen); + unsigned char outbuf[outlen]; if (sec_bl.length() < AES_KEY_LEN) { derr(0) << "key is too short" << dendl; @@ -83,8 +83,6 @@ bool CryptoAES::encrypt(EntitySecret& secret, bufferlist& in, bufferlist& out) EVP_CIPHER_CTX_init(&ctx); EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, aes_iv); - unsigned char *outbuf = (unsigned char *)outptr.c_str(); - if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, in_buf, in.length())) { derr(0) << "EVP_EncryptUpdate error" << dendl; return false; @@ -94,7 +92,7 @@ bool CryptoAES::encrypt(EntitySecret& secret, bufferlist& in, bufferlist& out) return false; } - out.append(outptr); + out.append((const char *)outbuf, outlen); return true; } @@ -108,8 +106,7 @@ bool CryptoAES::decrypt(EntitySecret& secret, bufferlist& in, bufferlist& out) int dec_len = 0; int last_dec_len = 0; - bufferptr outptr(in_len); - unsigned char *dec_data = (unsigned char *)outptr.c_str(); + unsigned char dec_data[in_len]; bool result = false; EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); @@ -119,7 +116,6 @@ bool CryptoAES::decrypt(EntitySecret& secret, bufferlist& in, bufferlist& out) if (res == 1) { res = EVP_DecryptUpdate(ctx, dec_data, &dec_len, (const unsigned char *)in.c_str(), in_len); - dout(0) << "in_len=" << in_len << " dec_len=" << dec_len << dendl; if (res == 1) { EVP_DecryptFinal_ex(ctx, @@ -127,9 +123,7 @@ bool CryptoAES::decrypt(EntitySecret& secret, bufferlist& in, bufferlist& out) &last_dec_len); dec_len += last_dec_len; - outptr.set_length(dec_len); - out.append(outptr); - dout(0) << "decrypted size: " << dec_len << dendl; + out.append((const char *)dec_data, dec_len); result = true; } else { diff --git a/src/messages/MClientAuth.h b/src/messages/MClientAuth.h new file mode 100644 index 0000000000000..32814fbe8061f --- /dev/null +++ b/src/messages/MClientAuth.h @@ -0,0 +1,39 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2006 Sage Weil + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#ifndef __MCLIENTAUTH_H +#define __MCLIENTAUTH_H + +#include "messages/PaxosServiceMessage.h" + +class MClientAuth : public PaxosServiceMessage { + bufferlist auth_payload; +public: + MClientAuth() : PaxosServiceMessage(CEPH_MSG_CLIENT_AUTH, 0) { } + + const char *get_type_name() { return "client_auth"; } + + void decode_payload() { + bufferlist::iterator p = payload.begin(); + paxos_decode(p); + p.copy(payload.length() - p.get_off(), auth_payload); + } + void encode_payload() { + paxos_encode(); + payload.append(auth_payload); + } + bufferlist& get_auth_payload() { return auth_payload; } +}; + +#endif diff --git a/src/messages/MClientAuthReply.h b/src/messages/MClientAuthReply.h new file mode 100644 index 0000000000000..360ae0759c6fd --- /dev/null +++ b/src/messages/MClientAuthReply.h @@ -0,0 +1,57 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2006 Sage Weil + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#ifndef __MCLIENTAUTHREPLY_H +#define __MCLIENTAUTHREPLY_H + +#include "msg/Message.h" + +struct MClientAuthReply : public Message { + __s32 result; + cstring result_msg; + bufferlist result_bl; + + MClientAuthReply(bufferlist *bl = NULL, int r = 0, const char *msg = 0) : + Message(CEPH_MSG_CLIENT_AUTH_REPLY), + result(r), + result_msg(msg) { + if (bl) { + bufferlist::iterator iter = bl->begin(); + iter.copy(bl->length(), result_bl); + } + } + + const char *get_type_name() { return "client_auth_reply"; } + void print(ostream& o) { + o << "client_auth_reply(" << result; + if (result_msg.length()) o << " " << result_msg; + o << ")"; + } + + void decode_payload() { + bufferlist::iterator p = payload.begin(); + ::decode(result, p); + ::decode(result_bl, p); + ::decode(result_msg, p); + } + void encode_payload() { + ::encode(result, payload); + ::encode(result_bl, payload); + ::encode(result_msg, payload); + + dout(0) << "MClientAuthReply size=" << payload.length() << dendl; + } +}; + +#endif -- 2.39.5