From eeb488589ab1d425d91cfdfaff50c6206f1d80a0 Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Fri, 23 Oct 2009 15:12:56 -0700 Subject: [PATCH] osd: simplify ms_verify_authorizer --- src/osd/OSD.cc | 71 ++++++++++----------------------------------- src/osd/OSD.h | 38 +++++++++++++++--------- src/osd/osd_types.h | 1 - 3 files changed, 39 insertions(+), 71 deletions(-) diff --git a/src/osd/OSD.cc b/src/osd/OSD.cc index b5a5f9af80e85..0d912d2d2338e 100644 --- a/src/osd/OSD.cc +++ b/src/osd/OSD.cc @@ -41,7 +41,6 @@ #include "messages/MGenericMessage.h" #include "messages/MPing.h" -#include "messages/MAuth.h" #include "messages/MOSDPing.h" #include "messages/MOSDFailure.h" #include "messages/MOSDOp.h" @@ -237,7 +236,6 @@ OSD::OSD(int id, Messenger *m, Messenger *hbm, MonClient *mc, const char *dev, c op_tp("OSD::op_tp", g_conf.osd_maxthreads), recovery_tp("OSD::recovery_tp", 1), disk_tp("OSD::disk_tp", 2), - session_lock("OSD::session_lock"), heartbeat_lock("OSD::heartbeat_lock"), heartbeat_stop(false), heartbeat_epoch(0), heartbeat_messenger(hbm), @@ -1516,11 +1514,7 @@ bool OSD::ms_get_authorizer(int dest_type, AuthAuthorizer **authorizer, bool for return false; } - if (dest_type == CEPH_ENTITY_TYPE_MON) - return false; - *authorizer = monc->auth->build_authorizer(dest_type); - return *authorizer != NULL; } @@ -1542,24 +1536,25 @@ bool OSD::ms_verify_authorizer(Connection *con, int peer_type, int ret = cephx_verify_authorizer(g_keyring, iter, auth_ticket_info, authorizer_reply); dout(0) << "OSD::verify_authorizer returns " << ret << dendl; - - Mutex::Locker l(session_lock); - - Session *s = _get_session(con); - - if (s) { + if (ret) { + isvalid = false; + } else { + isvalid = true; + Session *s = (Session *)con->get_priv(); + if (!s) { + s = new Session; + con->set_priv(s->get()); + dout(10) << " new session " << s << dendl; + } + if (auth_ticket_info.ticket.caps.length() > 0) { bufferlist::iterator iter = auth_ticket_info.ticket.caps.begin(); s->caps.parse(iter); + dout(10) << " session " << s << " has caps " << s->caps << dendl; } - + s->put(); - } else { - derr(0) << "got a NULL session" << dendl; } - - isvalid = (ret >= 0); - return true; }; @@ -4265,42 +4260,6 @@ void OSD::init_op_flags(MOSDOp *op) } } -OSD::Session *OSD::_get_session(Connection *c) -{ - Session *s = (Session *)c->get_priv(); - if (!s) { - s = new Session; - c->set_priv(s->get()); - dout(10) << " new session " << s << dendl; - } - - return s; -} - - - -void OSD::handle_auth(MAuth *m) -{ - dout(10) << "handle_auth " << *m << dendl; - Mutex::Locker l(session_lock); - - Session *s = _get_session(m->get_connection()); - - /* - bufferlist::iterator p = m->auth_payload.begin(); - AuthBlob blob; - ::decode(blob, p); - - AuthTicket ticket; - decode_decrypt(blob.blob, - ::decode( - */ - - - s->put(); - delete m; -} - bool OSD::OSDCaps::get_next_token(string s, size_t& pos, string& token) { int start = s.find_first_not_of(" \t", pos); @@ -4327,7 +4286,7 @@ bool OSD::OSDCaps::get_next_token(string s, size_t& pos, string& token) return true; } -bool OSD::OSDCaps::is_rwx(string& token, int& cap_val) +bool OSD::OSDCaps::is_rwx(string& token, rwx_t& cap_val) { const char *t = token.c_str(); int val = 0; @@ -4373,7 +4332,7 @@ bool OSD::OSDCaps::parse(bufferlist::iterator& iter) bool got_eq = false; list num_list; bool last_is_comma = false; - int cap_val = 0; + rwx_t cap_val = 0; while (pos < s.size()) { if (init) { diff --git a/src/osd/OSD.h b/src/osd/OSD.h index 2e2abb12ac8c4..c675ec6dadc02 100644 --- a/src/osd/OSD.h +++ b/src/osd/OSD.h @@ -93,7 +93,6 @@ class ObjectStore; class OSDMap; class MLog; class MClass; -class MAuth; class OSD : public Dispatcher { @@ -183,35 +182,30 @@ private: // -- sessions -- public: + typedef __u8 rwx_t; struct OSDPoolCap { - int allow; - int deny; + rwx_t allow; + rwx_t deny; OSDPoolCap() : allow(0), deny(0) {} }; - class OSDCaps { + struct OSDCaps { map pools_map; - int default_action; + rwx_t default_action; bool get_next_token(string s, size_t& pos, string& token); - bool is_rwx(string& token, int& cap_val); - public: + bool is_rwx(string& token, rwx_t& cap_val); + OSDCaps() : default_action(0) {} bool parse(bufferlist::iterator& iter); int get_pool_cap(int pool_id); }; + struct Session : public RefCountedObject { AuthTicket ticket; OSDCaps caps; }; private: - Mutex session_lock; - - Session *_get_session(Connection *c); - - void handle_auth(MAuth *m); - - // -- heartbeat -- Mutex heartbeat_lock; Cond heartbeat_cond; @@ -890,4 +884,20 @@ protected: void init_op_flags(MOSDOp *op); }; +static inline ostream& operator<<(ostream& out, OSD::rwx_t p) { + if (p & OSD_POOL_CAP_R) + out << "r"; + if (p & OSD_POOL_CAP_W) + out << "w"; + if (p & OSD_POOL_CAP_X) + out << "x"; + return out; +} +static inline ostream& operator<<(ostream& out, const OSD::OSDPoolCap& pc) { + return out << "(allow " << pc.allow << ", deny " << pc.deny << ")"; +} +static inline ostream& operator<<(ostream& out, const OSD::OSDCaps& c) { + return out << "osdcaps(pools=" << c.pools_map << " default=" << c.default_action << ")"; +} + #endif diff --git a/src/osd/osd_types.h b/src/osd/osd_types.h index 1473f34b39568..ab1f3a14860a6 100644 --- a/src/osd/osd_types.h +++ b/src/osd/osd_types.h @@ -1252,5 +1252,4 @@ inline ostream& operator<<(ostream& out, const OSDOp& op) { return out; } - #endif -- 2.39.5