From f972864da9c0a693eb2bb262272c744dd477523b Mon Sep 17 00:00:00 2001 From: Patrick Donnelly Date: Mon, 7 Jul 2025 14:55:57 -0400 Subject: [PATCH] auth: improve programmability of key dumps Notably: - improve names (avoid repeated "keys") - output type_str Signed-off-by: Patrick Donnelly --- src/auth/Auth.h | 19 +++++++++++++++++-- src/auth/Crypto.cc | 22 ++++++++++++++-------- src/auth/cephx/CephxKeyServer.h | 19 +++++++++++++++++-- 3 files changed, 48 insertions(+), 12 deletions(-) diff --git a/src/auth/Auth.h b/src/auth/Auth.h index 9cbb746c174..2ccc6a73287 100644 --- a/src/auth/Auth.h +++ b/src/auth/Auth.h @@ -80,8 +80,15 @@ struct EntityAuth { } void dump(ceph::Formatter *f) const { f->dump_object("key", key); - encode_json("caps", caps, f); f->dump_object("pending_key", pending_key); + f->open_array_section("caps"); + for (auto const& [entity, cap] : caps) { + f->open_object_section("cap"); + f->dump_string("service_name", entity); + f->dump_string("access_spec", cap.to_str()); + f->close_section(); + } + f->close_section(); } static std::list generate_test_instances() { std::list ls; @@ -361,7 +368,15 @@ struct RotatingSecrets { void dump(); void dump(ceph::Formatter *f) const { - encode_json("secrets", secrets, f); + f->dump_int("max_ver", max_ver); + f->open_array_section("keys"); + for (const auto& [id, key] : secrets) { + f->open_object_section("secret"); + f->dump_int("id", id); + f->dump_object("expiring_key", key); + f->close_section(); + } + f->close_section(); } static std::list generate_test_instances() { std::list ls; diff --git a/src/auth/Crypto.cc b/src/auth/Crypto.cc index 5441a796f5e..ec01d15d913 100644 --- a/src/auth/Crypto.cc +++ b/src/auth/Crypto.cc @@ -11,21 +11,19 @@ * */ -#include -#include -#include -#include - -#include -#include #include "Crypto.h" #include "include/ceph_assert.h" +#include "include/ceph_fs.h" +#include "include/compat.h" + #include "common/Clock.h" +#include "common/Formatter.h" #include "common/armor.h" #include "common/ceph_context.h" #include "common/ceph_crypto.h" +#include "common/debug.h" #include "common/hex.h" #include "common/safe_io.h" #include "include/ceph_fs.h" @@ -36,6 +34,14 @@ #include #include +#include +#include + +#include +#include +#include +#include +#include #define dout_subsys ceph_subsys_auth @@ -995,8 +1001,8 @@ void CryptoKey::decode(bufferlist::const_iterator& bl) void CryptoKey::dump(Formatter *f) const { f->dump_int("type", type); + f->dump_string("type_str", CryptoManager::get_key_type_name(type)); f->dump_stream("created") << created; - f->dump_int("secret.length", secret.length()); } std::list CryptoKey::generate_test_instances() diff --git a/src/auth/cephx/CephxKeyServer.h b/src/auth/cephx/CephxKeyServer.h index 9d7d0679fca..cc48d778165 100644 --- a/src/auth/cephx/CephxKeyServer.h +++ b/src/auth/cephx/CephxKeyServer.h @@ -83,8 +83,23 @@ struct KeyServerData { void dump(ceph::Formatter *f) const { f->dump_unsigned("version", version); f->dump_unsigned("rotating_version", rotating_ver); - encode_json("secrets", secrets, f); - encode_json("rotating_secrets", rotating_secrets, f); + f->open_array_section("secrets"); + for (auto const& [name, auth] : secrets) { + f->open_object_section("secret"); + f->dump_object("entity", name); + f->dump_object("auth", auth); + f->close_section(); + } + f->close_section(); + f->open_array_section("rotating_secrets"); + for (auto const& [entity_type, secrets] : rotating_secrets) { + f->open_object_section("rotating_secret"); + auto name = EntityName(entity_type); + f->dump_object("entity", name); + f->dump_object("secrets", secrets); + f->close_section(); + } + f->close_section(); } static std::list generate_test_instances() { std::list ls; -- 2.39.5