From 286553c43473544f3eb1b090159617ef3315326b Mon Sep 17 00:00:00 2001 From: Yehuda Sadeh Date: Mon, 9 Nov 2009 16:31:00 -0800 Subject: [PATCH] auth: pass global_id to the osd, mds verify-authorizers --- src/auth/AuthAuthorizeHandler.h | 2 +- src/auth/cephx/CephxAuthorizeHandler.cc | 3 ++- src/auth/cephx/CephxAuthorizeHandler.h | 2 +- src/auth/none/AuthNoneAuthorizeHandler.cc | 3 ++- src/auth/none/AuthNoneAuthorizeHandler.h | 2 +- src/auth/none/AuthNoneProtocol.h | 3 +++ src/mds/MDS.cc | 3 ++- src/osd/OSD.cc | 3 ++- 8 files changed, 14 insertions(+), 7 deletions(-) diff --git a/src/auth/AuthAuthorizeHandler.h b/src/auth/AuthAuthorizeHandler.h index 111b526dfbddc..30ba18315ce9e 100644 --- a/src/auth/AuthAuthorizeHandler.h +++ b/src/auth/AuthAuthorizeHandler.h @@ -21,7 +21,7 @@ struct AuthAuthorizeHandler { virtual bool verify_authorizer(bufferlist& authorizer_data, bufferlist& authorizer_reply, - EntityName& entity_name, AuthCapsInfo& caps_info) = 0; + EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info) = 0; }; extern AuthAuthorizeHandler *get_authorize_handler(int protocol); diff --git a/src/auth/cephx/CephxAuthorizeHandler.cc b/src/auth/cephx/CephxAuthorizeHandler.cc index 4962f1ee55501..ab4da210993d4 100644 --- a/src/auth/cephx/CephxAuthorizeHandler.cc +++ b/src/auth/cephx/CephxAuthorizeHandler.cc @@ -6,7 +6,7 @@ bool CephxAuthorizeHandler::verify_authorizer(bufferlist& authorizer_data, bufferlist& authorizer_reply, - EntityName& entity_name, AuthCapsInfo& caps_info) + EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info) { bufferlist::iterator iter = authorizer_data.begin(); @@ -23,6 +23,7 @@ bool CephxAuthorizeHandler::verify_authorizer(bufferlist& authorizer_data, buffe if (isvalid) { caps_info = auth_ticket_info.ticket.caps; entity_name = auth_ticket_info.ticket.name; + global_id = auth_ticket_info.ticket.global_id; } return isvalid; diff --git a/src/auth/cephx/CephxAuthorizeHandler.h b/src/auth/cephx/CephxAuthorizeHandler.h index ce54aad5d3c67..0cb755b5586ae 100644 --- a/src/auth/cephx/CephxAuthorizeHandler.h +++ b/src/auth/cephx/CephxAuthorizeHandler.h @@ -19,7 +19,7 @@ struct CephxAuthorizeHandler : public AuthAuthorizeHandler { bool verify_authorizer(bufferlist& authorizer_data, bufferlist& authorizer_reply, - EntityName& entity_name, AuthCapsInfo& caps_info); + EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info); }; diff --git a/src/auth/none/AuthNoneAuthorizeHandler.cc b/src/auth/none/AuthNoneAuthorizeHandler.cc index f197536adc424..0fde1ea40f8e7 100644 --- a/src/auth/none/AuthNoneAuthorizeHandler.cc +++ b/src/auth/none/AuthNoneAuthorizeHandler.cc @@ -4,12 +4,13 @@ bool AuthNoneAuthorizeHandler::verify_authorizer(bufferlist& authorizer_data, bufferlist& authorizer_reply, - EntityName& entity_name, AuthCapsInfo& caps_info) + EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info) { bufferlist::iterator iter = authorizer_data.begin(); try { ::decode(entity_name, iter); + ::decode(global_id, iter); } catch (buffer::error *err) { return false; } diff --git a/src/auth/none/AuthNoneAuthorizeHandler.h b/src/auth/none/AuthNoneAuthorizeHandler.h index e0247081334f7..719000522ac24 100644 --- a/src/auth/none/AuthNoneAuthorizeHandler.h +++ b/src/auth/none/AuthNoneAuthorizeHandler.h @@ -19,7 +19,7 @@ struct AuthNoneAuthorizeHandler : public AuthAuthorizeHandler { bool verify_authorizer(bufferlist& authorizer_data, bufferlist& authorizer_reply, - EntityName& entity_name, AuthCapsInfo& caps_info); + EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info); }; diff --git a/src/auth/none/AuthNoneProtocol.h b/src/auth/none/AuthNoneProtocol.h index 131a954f96151..9ec4fc7044e98 100644 --- a/src/auth/none/AuthNoneProtocol.h +++ b/src/auth/none/AuthNoneProtocol.h @@ -18,9 +18,12 @@ #include "../Auth.h" struct AuthNoneAuthorizer : public AuthAuthorizer { + uint64_t global_id; + AuthNoneAuthorizer() : AuthAuthorizer(CEPH_AUTH_NONE) { } bool build_authorizer() { ::encode(*g_conf.entity_name, bl); + ::encode(global_id, bl); return 0; } bool verify_reply(bufferlist::iterator& reply) { return true; } diff --git a/src/mds/MDS.cc b/src/mds/MDS.cc index b7ab456fef6f3..f6fcd02078e35 100644 --- a/src/mds/MDS.cc +++ b/src/mds/MDS.cc @@ -1473,8 +1473,9 @@ bool MDS::ms_verify_authorizer(Connection *con, int peer_type, AuthCapsInfo caps_info; EntityName name; + uint64_t global_id; - is_valid = authorize_handler->verify_authorizer(authorizer_data, authorizer_reply, name, caps_info); + is_valid = authorize_handler->verify_authorizer(authorizer_data, authorizer_reply, name, global_id, caps_info); #if 0 if (isvalid) { diff --git a/src/osd/OSD.cc b/src/osd/OSD.cc index b3863a5ffa255..63de4d4772395 100644 --- a/src/osd/OSD.cc +++ b/src/osd/OSD.cc @@ -1542,8 +1542,9 @@ bool OSD::ms_verify_authorizer(Connection *con, int peer_type, AuthCapsInfo caps_info; EntityName name; + uint64_t global_id; - isvalid = authorize_handler->verify_authorizer(authorizer_data, authorizer_reply, name, caps_info); + isvalid = authorize_handler->verify_authorizer(authorizer_data, authorizer_reply, name, global_id, caps_info); dout(10) << "OSD::ms_verify_authorizer name=" << name << dendl; -- 2.39.5