From 6139bb4d8618e596e1171d941455df985c6ad138 Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Fri, 22 Oct 2021 11:38:20 -0500 Subject: [PATCH] auth: add PendingKey to EntityAuth Signed-off-by: Radoslaw Zarzynski --- src/auth/Auth.h | 17 +++++++++++++--- src/auth/KeyRing.cc | 48 ++++++++++++++++++++------------------------- 2 files changed, 35 insertions(+), 30 deletions(-) diff --git a/src/auth/Auth.h b/src/auth/Auth.h index 845f56c9bd6..5521c8d3fcf 100644 --- a/src/auth/Auth.h +++ b/src/auth/Auth.h @@ -34,14 +34,16 @@ enum { struct EntityAuth { CryptoKey key; std::map caps; + CryptoKey pending_key; ///< new but uncommitted key void encode(ceph::buffer::list& bl) const { - __u8 struct_v = 2; + __u8 struct_v = 3; using ceph::encode; encode(struct_v, bl); encode((uint64_t)CEPH_AUTH_UID_DEFAULT, bl); encode(key, bl); encode(caps, bl); + encode(pending_key, bl); } void decode(ceph::buffer::list::const_iterator& bl) { using ceph::decode; @@ -53,12 +55,21 @@ struct EntityAuth { } decode(key, bl); decode(caps, bl); + if (struct_v >= 3) { + decode(pending_key, bl); + } } }; WRITE_CLASS_ENCODER(EntityAuth) -inline std::ostream& operator<<(std::ostream& out, const EntityAuth& a) { - return out << "auth(key=" << a.key << ")"; +inline std::ostream& operator<<(std::ostream& out, const EntityAuth& a) +{ + out << "auth(key=" << a.key; + if (!a.pending_key.empty()) { + out << " pending_key=" << a.pending_key; + } + out << ")"; + return out; } struct AuthCapsInfo { diff --git a/src/auth/KeyRing.cc b/src/auth/KeyRing.cc index 0b28ff61063..eca429d0bd0 100644 --- a/src/auth/KeyRing.cc +++ b/src/auth/KeyRing.cc @@ -19,6 +19,7 @@ #include #include #include "auth/KeyRing.h" +#include "include/stringify.h" #include "common/ceph_context.h" #include "common/config.h" #include "common/debug.h" @@ -136,24 +137,19 @@ void KeyRing::encode_plaintext(bufferlist& bl) void KeyRing::encode_formatted(string label, Formatter *f, bufferlist& bl) { f->open_array_section(label.c_str()); - for (map::iterator p = keys.begin(); - p != keys.end(); - ++p) { - + for (const auto &[ename, eauth] : keys) { f->open_object_section("auth_entities"); - f->dump_string("entity", p->first.to_str().c_str()); - std::ostringstream keyss; - keyss << p->second.key; - f->dump_string("key", keyss.str()); + f->dump_string("entity", ename.to_str().c_str()); + f->dump_string("key", stringify(eauth.key)); + if (!eauth.pending_key.empty()) { + f->dump_string("pending_key", stringify(eauth.pending_key)); + } f->open_object_section("caps"); - for (map::iterator q = p->second.caps.begin(); - q != p->second.caps.end(); - ++q) { - auto dataiter = q->second.cbegin(); + for (auto& [sys, capsbl] : eauth.caps) { + auto dataiter = capsbl.cbegin(); string caps; - using ceph::decode; - decode(caps, dataiter); - f->dump_string(q->first.c_str(), caps); + ceph::decode(caps, dataiter); + f->dump_string(sys.c_str(), caps); } f->close_section(); /* caps */ f->close_section(); /* auth_entities */ @@ -229,21 +225,19 @@ int KeyRing::load(CephContext *cct, const std::string &filename) void KeyRing::print(ostream& out) { - for (map::iterator p = keys.begin(); - p != keys.end(); - ++p) { - out << "[" << p->first << "]" << std::endl; - out << "\tkey = " << p->second.key << std::endl; + for (auto& [ename, eauth] : keys) { + out << "[" << ename << "]" << std::endl; + out << "\tkey = " << eauth.key << std::endl; + if (!eauth.pending_key.empty()) { + out << "\tpending key = " << eauth.pending_key << std::endl; + } - for (map::iterator q = p->second.caps.begin(); - q != p->second.caps.end(); - ++q) { - auto dataiter = q->second.cbegin(); + for (auto& [sys, capbl] : eauth.caps) { + auto dataiter = capbl.cbegin(); string caps; - using ceph::decode; - decode(caps, dataiter); + ceph::decode(caps, dataiter); boost::replace_all(caps, "\"", "\\\""); - out << "\tcaps " << q->first << " = \"" << caps << '"' << std::endl; + out << "\tcaps " << sys << " = \"" << caps << '"' << std::endl; } } } -- 2.39.5