From 6943b4becb7080961588b4688f45a461911a8a8e Mon Sep 17 00:00:00 2001
From: Yehuda Sadeh <yehuda@hq.newdream.net>
Date: Fri, 23 Oct 2009 15:47:05 -0700
Subject: [PATCH] auth: pass mon caps to the session

---
 src/auth/AuthServiceHandler.h         |  2 +-
 src/auth/cephx/CephxKeyServer.cc      | 14 ++++++++++++++
 src/auth/cephx/CephxKeyServer.h       |  2 ++
 src/auth/cephx/CephxServiceHandler.cc |  6 +++++-
 src/auth/cephx/CephxServiceHandler.h  |  2 +-
 src/mon/AuthMonitor.cc                | 14 ++++++++++----
 src/mon/Session.h                     |  7 +++++++
 7 files changed, 40 insertions(+), 7 deletions(-)

diff --git a/src/auth/AuthServiceHandler.h b/src/auth/AuthServiceHandler.h
index 1cc0f3d117ad6..88702236f4590 100644
--- a/src/auth/AuthServiceHandler.h
+++ b/src/auth/AuthServiceHandler.h
@@ -24,7 +24,7 @@ struct AuthServiceHandler {
   virtual ~AuthServiceHandler() { }
 
   virtual int start_session(bufferlist& result) = 0;
-  virtual int handle_request(bufferlist::iterator& indata, bufferlist& result) = 0;
+  virtual int handle_request(bufferlist::iterator& indata, bufferlist& result, bufferlist& caps) = 0;
 };
 
 extern AuthServiceHandler *get_auth_service_handler(KeyServer *ks, set<__u32>& supported);
diff --git a/src/auth/cephx/CephxKeyServer.cc b/src/auth/cephx/CephxKeyServer.cc
index 436768497c96c..30d490fc12ba1 100644
--- a/src/auth/cephx/CephxKeyServer.cc
+++ b/src/auth/cephx/CephxKeyServer.cc
@@ -314,6 +314,20 @@ bool KeyServer::get_rotating_encrypted(EntityName& name, bufferlist& enc_bl)
   return true;
 }
 
+bool KeyServer::_get_service_caps(EntityName& name, uint32_t service_id, bufferlist& caps)
+{
+  string s = ceph_entity_type_name(service_id);
+
+  return data.get_caps(name, s, caps);
+}
+
+bool KeyServer::get_service_caps(EntityName& name, uint32_t service_id, bufferlist& caps)
+{
+  Mutex::Locker l(lock);
+  return _get_service_caps(name, service_id, caps);
+}
+
+
 int KeyServer::_build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info)
 {
   info.ticket.name = auth_ticket_info.ticket.name;
diff --git a/src/auth/cephx/CephxKeyServer.h b/src/auth/cephx/CephxKeyServer.h
index b217b6d7f7cde..e9d92831310fe 100644
--- a/src/auth/cephx/CephxKeyServer.h
+++ b/src/auth/cephx/CephxKeyServer.h
@@ -161,6 +161,7 @@ class KeyServer : public KeyStore {
   void _generate_all_rotating_secrets(bool init);
   bool _check_rotate();
   int _build_session_auth_info(uint32_t service_id, CephXServiceTicketInfo& auth_ticket_info, CephXSessionAuthInfo& info);
+  bool _get_service_caps(EntityName& name, uint32_t service_id, bufferlist& caps);
 public:
   KeyServer();
 
@@ -229,6 +230,7 @@ public:
   bool get_rotating_encrypted(EntityName& name, bufferlist& enc_bl);
 
   Mutex& get_lock() { return lock; }
+  bool get_service_caps(EntityName& name, uint32_t service_id, bufferlist& caps);
 };
 WRITE_CLASS_ENCODER(KeyServer);
 
diff --git a/src/auth/cephx/CephxServiceHandler.cc b/src/auth/cephx/CephxServiceHandler.cc
index 47adee1e68633..dd19c6c42c848 100644
--- a/src/auth/cephx/CephxServiceHandler.cc
+++ b/src/auth/cephx/CephxServiceHandler.cc
@@ -36,7 +36,7 @@ int CephxServiceHandler::start_session(bufferlist& result_bl)
   return CEPH_AUTH_CEPHX;
 }
 
-int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist& result_bl)
+int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist& result_bl, bufferlist& caps)
 {
   int ret = 0;
 
@@ -117,6 +117,10 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
         ret = -EIO;
         break;
       }
+
+      if (!key_server->get_service_caps(entity_name, CEPH_ENTITY_TYPE_MON, caps)) {
+        dout(0) << "could not get mon caps for " << entity_name << dendl;
+      }
     }
     break;
 
diff --git a/src/auth/cephx/CephxServiceHandler.h b/src/auth/cephx/CephxServiceHandler.h
index 336786e134dac..5abbab28e43f6 100644
--- a/src/auth/cephx/CephxServiceHandler.h
+++ b/src/auth/cephx/CephxServiceHandler.h
@@ -31,7 +31,7 @@ public:
   ~CephxServiceHandler() {}
   
   int start_session(bufferlist& result_bl);
-  int handle_request(bufferlist::iterator& indata, bufferlist& result_bl);
+  int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, bufferlist& caps);
   void build_cephx_response_header(int request_type, int status, bufferlist& bl);
 };
 
diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc
index d6666005fdaab..5cc4b3b4a9637 100644
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -258,9 +258,10 @@ bool AuthMonitor::preprocess_auth(MAuth *m)
 {
   dout(0) << "preprocess_auth() blob_size=" << m->get_auth_payload().length() << dendl;
   int ret = 0;
+  bufferlist caps;
+  MAuthReply *reply;
 
   Session *s = (Session *)m->get_connection()->get_priv();
-  s->put();
 
   bufferlist response_bl;
   bufferlist::iterator indata = m->auth_payload.begin();
@@ -293,20 +294,25 @@ bool AuthMonitor::preprocess_auth(MAuth *m)
   } else if (s->auth_handler) {
     // handle the request
     try {
-      ret = s->auth_handler->handle_request(indata, response_bl);
+      ret = s->auth_handler->handle_request(indata, response_bl, caps);
+      if (caps.length()) {
+        s->caps.parse(caps);
+      }
     } catch (buffer::error *err) {
       ret = -EINVAL;
       dout(0) << "caught error when trying to handle auth request, probably malformed request" << dendl;
     }
     if (ret == -EIO) {
       paxos->wait_for_active(new C_RetryMessage(this, m));
-      return true;
+      goto done;
     }
   } else {
     ret = -EINVAL;  // no protocol selected?
   }
-  MAuthReply *reply = new MAuthReply(proto, &response_bl, ret);
+  reply = new MAuthReply(proto, &response_bl, ret);
   mon->messenger->send_message(reply, m->get_orig_source_inst());
+done:
+  s->put();
   return true;
 }
 
diff --git a/src/mon/Session.h b/src/mon/Session.h
index d2b7b8cae070d..8da590ae452c0 100644
--- a/src/mon/Session.h
+++ b/src/mon/Session.h
@@ -32,6 +32,12 @@ struct Subscription {
   Subscription(Session *s, const nstring& t) : session(s), type(t), type_item(this) {};
 };
 
+class MonCaps {
+  bool get_next_token(string s, size_t& pos, string& token);
+public:
+  MonCaps() {}
+  bool parse(bufferlist& bl) { return true; }
+};
 
 struct Session : public RefCountedObject {
   entity_inst_t inst;
@@ -39,6 +45,7 @@ struct Session : public RefCountedObject {
   bool closed;
   xlist<Session*>::item item;
   set<__u64> routed_request_tids;
+  MonCaps caps;
 
   map<nstring, Subscription*> sub_map;
 
-- 
2.39.5