From 4c12ed7705c2c1463e9d1b45ea2b114525941cc5 Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Fri, 23 Oct 2009 14:53:21 -0700 Subject: [PATCH] auth: move one more type --- src/auth/Auth.h | 8 -------- src/auth/cephx/CephxKeyServer.cc | 6 +++--- src/auth/cephx/CephxKeyServer.h | 6 +++--- src/auth/cephx/CephxProtocol.cc | 8 ++++---- src/auth/cephx/CephxProtocol.h | 15 ++++++++++++--- src/auth/cephx/CephxServiceHandler.cc | 8 ++++---- src/mon/Monitor.cc | 2 +- 7 files changed, 27 insertions(+), 26 deletions(-) diff --git a/src/auth/Auth.h b/src/auth/Auth.h index 8c6ea6b1f3325..9b4dff852e0c4 100644 --- a/src/auth/Auth.h +++ b/src/auth/Auth.h @@ -175,14 +175,6 @@ struct AuthBlob { }; WRITE_CLASS_ENCODER(AuthBlob); -struct SessionAuthInfo { - uint32_t service_id; - uint64_t secret_id; - AuthTicket ticket; - CryptoKey session_key; - CryptoKey service_secret; -}; - /* * abstract authorizer class diff --git a/src/auth/cephx/CephxKeyServer.cc b/src/auth/cephx/CephxKeyServer.cc index a30feac46f030..436768497c96c 100644 --- a/src/auth/cephx/CephxKeyServer.cc +++ b/src/auth/cephx/CephxKeyServer.cc @@ -314,7 +314,7 @@ bool KeyServer::get_rotating_encrypted(EntityName& name, bufferlist& enc_bl) return true; } -int KeyServer::_build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, SessionAuthInfo& info) +int KeyServer::_build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info) { info.ticket.name = auth_ticket_info.ticket.name; info.ticket.init_timestamps(g_clock.now(), g_conf.auth_service_ticket_ttl); @@ -332,7 +332,7 @@ int KeyServer::_build_session_auth_info(uint32_t service_id, CephXServiceTicketI return 0; } -int KeyServer::build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, SessionAuthInfo& info) +int KeyServer::build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info) { if (get_service_secret(service_id, info.service_secret, info.secret_id) < 0) { return -EPERM; @@ -343,7 +343,7 @@ int KeyServer::build_session_auth_info(uint32_t service_id, CephXServiceTicketIn return _build_session_auth_info(service_id, auth_ticket_info, info); } -int KeyServer::build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, SessionAuthInfo& info, +int KeyServer::build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info, CryptoKey& service_secret, uint64_t secret_id) { info.service_secret = service_secret; diff --git a/src/auth/cephx/CephxKeyServer.h b/src/auth/cephx/CephxKeyServer.h index 49ab904ef48e0..b217b6d7f7cde 100644 --- a/src/auth/cephx/CephxKeyServer.h +++ b/src/auth/cephx/CephxKeyServer.h @@ -160,7 +160,7 @@ class KeyServer : public KeyStore { void _rotate_secret(uint32_t service_id, int factor); void _generate_all_rotating_secrets(bool init); bool _check_rotate(); - int _build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, SessionAuthInfo& info); + int _build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info); public: KeyServer(); @@ -172,8 +172,8 @@ public: int start_server(bool init); void rotate_timeout(double timeout); - int build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, SessionAuthInfo& info); - int build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, SessionAuthInfo& info, + int build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info); + int build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info, CryptoKey& service_secret, uint64_t secret_id); /* get current secret for specific service type */ diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc index 610621cb5f2c5..25ba61e5d24a0 100644 --- a/src/auth/cephx/CephxProtocol.cc +++ b/src/auth/cephx/CephxProtocol.cc @@ -11,7 +11,7 @@ * Authentication */ -bool cephx_build_service_ticket(SessionAuthInfo& info, bufferlist& reply) +bool cephx_build_service_ticket(CephXSessionAuthInfo& info, bufferlist& reply) { CephXServiceTicketInfo ticket_info; ticket_info.session_key = info.session_key; @@ -37,17 +37,17 @@ bool cephx_build_service_ticket(SessionAuthInfo& info, bufferlist& reply) */ bool cephx_build_service_ticket_reply( CryptoKey& principal_secret, - vector ticket_info_vec, + vector ticket_info_vec, bufferlist& reply) { - vector::iterator ticket_iter = ticket_info_vec.begin(); + vector::iterator ticket_iter = ticket_info_vec.begin(); uint32_t num = ticket_info_vec.size(); ::encode(num, reply); dout(0) << "encoding " << num << " tickets with secret " << principal_secret << dendl; while (ticket_iter != ticket_info_vec.end()) { - SessionAuthInfo& info = *ticket_iter; + CephXSessionAuthInfo& info = *ticket_iter; ::encode(info.service_id, reply); diff --git a/src/auth/cephx/CephxProtocol.h b/src/auth/cephx/CephxProtocol.h index 1597dccb8f025..5361cd47d4546 100644 --- a/src/auth/cephx/CephxProtocol.h +++ b/src/auth/cephx/CephxProtocol.h @@ -157,14 +157,23 @@ WRITE_CLASS_ENCODER(CephXAuthenticate) /* * getting service tickets */ -extern bool cephx_build_service_ticket(SessionAuthInfo& ticket_info, bufferlist& reply); +struct CephXSessionAuthInfo { + uint32_t service_id; + uint64_t secret_id; + AuthTicket ticket; + CryptoKey session_key; + CryptoKey service_secret; +}; + + +extern bool cephx_build_service_ticket(CephXSessionAuthInfo& ticket_info, bufferlist& reply); extern void cephx_build_service_ticket_request(uint32_t keys, bufferlist& request); extern bool cephx_build_service_ticket_reply(CryptoKey& principal_secret, - vector ticket_info, - bufferlist& reply); + vector ticket_info, + bufferlist& reply); struct CephXServiceTicketRequest { uint32_t keys; diff --git a/src/auth/cephx/CephxServiceHandler.cc b/src/auth/cephx/CephxServiceHandler.cc index 92877b0deb101..47adee1e68633 100644 --- a/src/auth/cephx/CephxServiceHandler.cc +++ b/src/auth/cephx/CephxServiceHandler.cc @@ -88,7 +88,7 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist dout(0) << "CEPHX_GET_AUTH_SESSION_KEY" << dendl; CryptoKey session_key; - SessionAuthInfo info; + CephXSessionAuthInfo info; CryptoKey principal_secret; if (key_server->get_secret(req.name, principal_secret) < 0) { @@ -109,7 +109,7 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist break; } - vector info_vec; + vector info_vec; info_vec.push_back(info); build_cephx_response_header(cephx_header.request_type, 0, result_bl); @@ -135,11 +135,11 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist dout(0) << " ticket_req.keys = " << ticket_req.keys << dendl; ret = 0; - vector info_vec; + vector info_vec; for (uint32_t service_id = 1; service_id <= ticket_req.keys; service_id <<= 1) { if (ticket_req.keys & service_id) { dout(0) << " adding key for service " << service_id << dendl; - SessionAuthInfo info; + CephXSessionAuthInfo info; int r = key_server->build_session_auth_info(service_id, auth_ticket_info, info); if (r < 0) { ret = r; diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc index d362c42813610..d6756d954683c 100644 --- a/src/mon/Monitor.cc +++ b/src/mon/Monitor.cc @@ -855,7 +855,7 @@ bool Monitor::ms_get_authorizer(int dest_type, AuthAuthorizer **authorizer, bool { CephXServiceTicketInfo auth_ticket_info; - SessionAuthInfo info; + CephXSessionAuthInfo info; int ret; uint32_t service_id = dest_type; -- 2.39.5