From 806f73bd6b3455cb8481ca5d76dadd5ff8878b6d Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Wed, 9 Sep 2009 14:05:09 -0700 Subject: [PATCH] auth: refactor MonClient <-> AuthClientHandler interface --- src/auth/AuthClientHandler.cc | 32 ++++++++++++++++++ src/auth/AuthClientHandler.h | 61 +++++++++++++++++++++++++++-------- src/librados.cc | 3 +- src/mon/MonClient.cc | 36 +++------------------ src/mon/MonClient.h | 9 ++---- src/testcrypto.cc | 3 +- 6 files changed, 89 insertions(+), 55 deletions(-) diff --git a/src/auth/AuthClientHandler.cc b/src/auth/AuthClientHandler.cc index 10ad7da728950..b503398879648 100644 --- a/src/auth/AuthClientHandler.cc +++ b/src/auth/AuthClientHandler.cc @@ -18,6 +18,9 @@ #include "AuthProtocol.h" #include "AuthClientHandler.h" +#include "messages/MAuthReply.h" + +#if 0 int AuthClientHandler::generate_request(bufferlist& bl) { dout(0) << "status=" << status << dendl; @@ -200,3 +203,32 @@ bool AuthClientHandler::request_pending() { dout(0) << "request_pending(): cephx_request_state=" << cephx_request_state << " cephx_response_state=" << cephx_response_state << dendl; return (request_state != response_state) || (cephx_request_state != cephx_response_state); } + +#endif + +// ----------- + +void AuthClientHandler::handle_auth_reply(MAuthReply *m) +{ + Mutex::Locker l(lock); + dout(10) << "handle_auth_reply " << *m << dendl; + +} + +void AuthClientHandler::start_session() +{ + Mutex::Locker l(lock); + dout(10) << "start_session" << dendl; + _reset(); + + // ... +} + +void AuthClientHandler::tick() +{ + Mutex::Locker l(lock); + + // do i need to renew any tickets? + // ... + +} diff --git a/src/auth/AuthClientHandler.h b/src/auth/AuthClientHandler.h index 337e10b80293e..9e3719779beb4 100644 --- a/src/auth/AuthClientHandler.h +++ b/src/auth/AuthClientHandler.h @@ -18,11 +18,19 @@ #include "auth/Auth.h" -#include "config.h" +#include "common/Mutex.h" +#include "common/Cond.h" + +class MAuthReply; class AuthClientHandler { - uint32_t want_keys; - uint32_t have_keys; + Mutex lock; + Cond cond; + + uint32_t want; + uint32_t have; + + // session state int request_state; int response_state; @@ -45,19 +53,46 @@ class AuthClientHandler { int generate_cephx_protocol_request(bufferlist& bl); int handle_cephx_protocol_response(bufferlist::iterator& indata); -public: - AuthClientHandler() : want_keys(0), request_state(0), response_state(0), - status(0), - cephx_request_state(0), cephx_response_state(0) {} - int set_request_keys(uint32_t keys) { - want_keys = keys; - return 0; + + void _reset() { + request_state = 0; + response_state = 0; + status = 0; + cephx_request_state = 0; + cephx_response_state = 0; } - int generate_request(bufferlist& bl); - int handle_response(int ret, bufferlist& bl); - bool request_pending(); +public: + AuthClientHandler() : lock("AuthClientHandler::lock"), + want(0), have(0) { + _reset(); + } + + void set_want_keys(__u32 keys) { + Mutex::Locker l(lock); + want = keys; + } + bool have_keys(__u32 k) { + Mutex::Locker l(lock); + return (k & have) == have; + } + bool have_keys() { + Mutex::Locker l(lock); + return (want & have) == have; + } + bool wait_for_keys(double timeout) { + Mutex::Locker l(lock); + utime_t t; + t += timeout; + while ((want & have) != have) + cond.WaitInterval(lock, t); + return (want & have) == have; + } + + void start_session(); + void handle_auth_reply(MAuthReply *m); + void tick(); }; diff --git a/src/librados.cc b/src/librados.cc index 33dbd4ca52b42..ea7e814c6ab28 100644 --- a/src/librados.cc +++ b/src/librados.cc @@ -306,8 +306,7 @@ bool RadosClient::init() monclient.mount(g_conf.client_mount_timeout); dout(0) << "librados: before monclient.authorize()" << dendl; - monclient.authorize(CEPHX_PRINCIPAL_MON | CEPHX_PRINCIPAL_OSD, - g_conf.client_mount_timeout); + monclient.auth.set_want_keys(CEPHX_PRINCIPAL_MON | CEPHX_PRINCIPAL_OSD); lock.Lock(); diff --git a/src/mon/MonClient.cc b/src/mon/MonClient.cc index a18d28adbef80..878b470344636 100644 --- a/src/mon/MonClient.cc +++ b/src/mon/MonClient.cc @@ -172,7 +172,7 @@ bool MonClient::ms_dispatch(Message *m) break; case CEPH_MSG_AUTH_REPLY: - //client_auth_handler->handle(m); + auth.handle_auth_reply((MAuthReply*)m); break; case CEPH_MSG_MON_SUBSCRIBE_ACK: @@ -265,36 +265,6 @@ void MonClient::handle_mount_ack(MClientMountAck* m) } - - -// -------------- -// auth - -void MonClient::set_want_tickets(__u32 want_tickets) -{ - Mutex::Locker l(monc_lock); - - auth_client_handler.set_request_keys(want_tickets); - /* - do { - MonClientAuthHandler h(this); - - cur_auth_handler = &h; - - int err = h.do_op(mount_timeout); - if (err < 0) - return err; - - ret = h.get_result(); - dout(0) << "auth ret=" << ret << dendl; - } while (ret == -EAGAIN); - cur_auth_handler = NULL; - return ret; - */ -} - - - // --------- void MonClient::_send_mon_message(Message *m) @@ -320,6 +290,7 @@ void MonClient::ms_handle_reset(const entity_addr_t& peer) if (mounting) _send_mount(); _renew_subs(); + auth.start_session(); } } @@ -334,6 +305,7 @@ void MonClient::tick() if (mounting) _send_mount(); _renew_subs(); + auth.start_session(); } else { // just renew as needed utime_t now = g_clock.now(); @@ -344,6 +316,8 @@ void MonClient::tick() messenger->send_keepalive(monmap.mon_inst[oldmon]); } + auth.tick(); + timer.add_event_after(10.0, new C_Tick(this)); dout(10) << "tick done" << dendl; diff --git a/src/mon/MonClient.h b/src/mon/MonClient.h index faa2af84bc617..df73f4ccf02f0 100644 --- a/src/mon/MonClient.h +++ b/src/mon/MonClient.h @@ -116,20 +116,15 @@ public: // auth tickets -private: - AuthClientHandler auth_client_handler; - __u32 want_tickets; - public: - void set_want_tickets(__u32 want_tickets); + AuthClientHandler auth; public: MonClient() : messenger(NULL), monc_lock("MonClient::monc_lock"), timer(monc_lock), hunting(false), - mounting(0), mount_err(0), - want_keys(0) { } + mounting(0), mount_err(0) { } ~MonClient() { timer.cancel_all_events(); } diff --git a/src/testcrypto.cc b/src/testcrypto.cc index a2408cca980fa..d81a8a485d60e 100644 --- a/src/testcrypto.cc +++ b/src/testcrypto.cc @@ -20,7 +20,6 @@ int main(int argc, char *argv[]) enc_in.append(ptr); enc_in.append(msg, strlen(msg)); - int src_len = enc_in.length(); bufferlist enc_out; if (key.encrypt(enc_in, enc_out) < 0) { derr(0) << "couldn't encode!" << dendl; @@ -28,7 +27,7 @@ int main(int argc, char *argv[]) } const char *enc_buf = enc_out.c_str(); - for (int i=0; i