From 9df4eabfe919f4eaf3e159a57915bbc865abae21 Mon Sep 17 00:00:00 2001 From: Rishabh Dave Date: Wed, 9 Jun 2021 13:21:45 +0530 Subject: [PATCH] AuthMonitor: add a method for encoding keyring Instead of repeating same lines of code to encode entity's auth keyring (or just key) before printing, add a method for this and use it instead. This commit is nothing more than refactoring to avoid duplication and improve readability; it shouldn't make any functional changes. Signed-off-by: Rishabh Dave --- src/mon/AuthMonitor.cc | 98 +++++++++++++++++++++++------------------- src/mon/AuthMonitor.h | 10 +++++ 2 files changed, 63 insertions(+), 45 deletions(-) diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc index ac32a57b9b88b..878262058cd75 100644 --- a/src/mon/AuthMonitor.cc +++ b/src/mon/AuthMonitor.cc @@ -907,12 +907,7 @@ bool AuthMonitor::preprocess_command(MonOpRequestRef op) if (!entity_name.empty()) { EntityAuth eauth; if (keyring.get_auth(entity, eauth)) { - KeyRing kr; - kr.add(entity, eauth); - if (f) - kr.encode_formatted("auth", f.get(), rdata); - else - kr.encode_plaintext(rdata); + _encode_auth(entity, eauth, rdata, f.get()); r = 0; } else { ss << "no key for " << eauth; @@ -926,17 +921,12 @@ bool AuthMonitor::preprocess_command(MonOpRequestRef op) r = 0; } } else if (prefix == "auth get" && !entity_name.empty()) { - KeyRing keyring; EntityAuth entity_auth; if (!mon.key_server.get_auth(entity, entity_auth)) { ss << "failed to find " << entity_name << " in keyring"; r = -ENOENT; } else { - keyring.add(entity, entity_auth); - if (f) - keyring.encode_formatted("auth", f.get(), rdata); - else - keyring.encode_plaintext(rdata); + _encode_auth(entity, entity_auth, rdata, f.get()); r = 0; } } else if (prefix == "auth print-key" || @@ -1390,7 +1380,7 @@ bool AuthMonitor::prepare_command(MonOpRequestRef op) { auto m = op->get_req(); stringstream ss, ds; - bufferlist rdata; + bufferlist rdata; // holds data that'll be printed on client's stdout string rs; int err = -EINVAL; @@ -1682,14 +1672,8 @@ bool AuthMonitor::prepare_command(MonOpRequestRef op) ds << entity_auth.key; } } else { - KeyRing kr; - kr.add(entity, entity_auth.key, entity_auth.pending_key); - if (f) { - kr.set_caps(entity, entity_auth.caps); - kr.encode_formatted("auth", f.get(), rdata); - } else { - kr.encode_plaintext(rdata); - } + _encode_key(entity, entity_auth, rdata, f.get(), true, + &entity_auth.caps); } err = 0; goto done; @@ -1728,14 +1712,8 @@ bool AuthMonitor::prepare_command(MonOpRequestRef op) ds << auth_inc.auth.key; } } else { - KeyRing kr; - kr.add(entity, auth_inc.auth.key); - if (f) { - kr.set_caps(entity, wanted_caps); - kr.encode_formatted("auth", f.get(), rdata); - } else { - kr.encode_plaintext(rdata); - } + _encode_key(entity, auth_inc.auth, rdata, f.get(), false, + &wanted_caps); } rdata.append(ds); @@ -1850,14 +1828,7 @@ bool AuthMonitor::prepare_command(MonOpRequestRef op) } } - KeyRing kr; - kr.add(entity, entity_auth.key); - if (f) { - kr.set_caps(entity, entity_auth.caps); - kr.encode_formatted("auth", f.get(), rdata); - } else { - kr.encode_plaintext(rdata); - } + _encode_key(entity, entity_auth, rdata, f.get(), false, &wanted_caps); err = 0; goto done; } @@ -1869,15 +1840,9 @@ bool AuthMonitor::prepare_command(MonOpRequestRef op) auth_inc.auth.caps = wanted_caps; push_cephx_inc(auth_inc); - KeyRing kr; - kr.add(entity, auth_inc.auth.key); - if (f) { - kr.set_caps(entity, wanted_caps); - kr.encode_formatted("auth", f.get(), rdata); - } else { - kr.encode_plaintext(rdata); - } + _encode_key(entity, auth_inc.auth, rdata, f.get(), false, + &wanted_caps); rdata.append(ds); getline(ss, rs); wait_for_finished_proposal(op, new Monitor::C_Command(mon, op, 0, rs, rdata, @@ -1933,6 +1898,49 @@ done: return false; } +void AuthMonitor::_encode_keyring(KeyRing& kr, const EntityName& entity, + bufferlist& rdata, Formatter* fmtr, map* caps) +{ + if (not fmtr) { + kr.encode_plaintext(rdata); + } else { + if (caps != nullptr) { + kr.set_caps(entity, *caps); + } + kr.encode_formatted("auth", fmtr, rdata); + } +} + +void AuthMonitor::_encode_auth(const EntityName& entity, + const EntityAuth& eauth, bufferlist& rdata, Formatter* fmtr, + bool pending_key, map* caps) +{ + KeyRing kr; + + if (not pending_key) { + kr.add(entity, eauth); + } else { + kr.add(entity, eauth.key, eauth.pending_key); + } + + _encode_keyring(kr, entity, rdata, fmtr, caps); +} + +void AuthMonitor::_encode_key(const EntityName& entity, + const EntityAuth& eauth, bufferlist& rdata, Formatter* fmtr, + bool pending_key, map* caps) +{ + KeyRing kr; + + if (not pending_key) { + kr.add(entity, eauth.key); + } else { + kr.add(entity, eauth.key, eauth.pending_key); + } + + _encode_keyring(kr, entity, rdata, fmtr, caps); +} + bool AuthMonitor::prepare_global_id(MonOpRequestRef op) { dout(10) << "AuthMonitor::prepare_global_id" << dendl; diff --git a/src/mon/AuthMonitor.h b/src/mon/AuthMonitor.h index 993b18a02b242..8007d0fd1b117 100644 --- a/src/mon/AuthMonitor.h +++ b/src/mon/AuthMonitor.h @@ -166,6 +166,16 @@ private: bool preprocess_command(MonOpRequestRef op); bool prepare_command(MonOpRequestRef op); + void _encode_keyring(KeyRing& kr, const EntityName& entity, + bufferlist& rdata, Formatter* fmtr, + std::map* wanted_caps=nullptr); + void _encode_auth(const EntityName& entity, const EntityAuth& eauth, + bufferlist& rdata, Formatter* fmtr, bool pending_key=false, + std::map* caps=nullptr); + void _encode_key(const EntityName& entity, const EntityAuth& eauth, + bufferlist& rdata, Formatter* fmtr, bool pending_key=false, + std::map* caps=nullptr); + bool check_rotate(); void process_used_pending_keys(const std::map& keys); -- 2.39.5