aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ceph/auth.c
diff options
context:
space:
mode:
authorSage Weil <sage@newdream.net>2010-02-02 19:21:06 -0500
committerSage Weil <sage@newdream.net>2010-02-10 18:04:47 -0500
commit9bd2e6f8ba71facf1cadb7154a7e0e4d345a6aba (patch)
tree1c1bb4d2f769eca05443b98334fe0fbdb3b977c2 /fs/ceph/auth.c
parent8b6e4f2d8b21c25225b1ce8d53a2e03b92cc8522 (diff)
ceph: allow renewal of auth credentials
Add infrastructure to allow the mon_client to periodically renew its auth credentials. Also add a messenger callback that will force such a renewal if a peer rejects our authenticator. Signed-off-by: Yehuda Sadeh <yehuda@hq.newdream.net> Signed-off-by: Sage Weil <sage@newdream.net>
Diffstat (limited to 'fs/ceph/auth.c')
-rw-r--r--fs/ceph/auth.c61
1 files changed, 43 insertions, 18 deletions
diff --git a/fs/ceph/auth.c b/fs/ceph/auth.c
index 32f2e2a021ab..d5872d4f92bf 100644
--- a/fs/ceph/auth.c
+++ b/fs/ceph/auth.c
@@ -125,6 +125,30 @@ bad:
125 return -ERANGE; 125 return -ERANGE;
126} 126}
127 127
128int ceph_build_auth_request(struct ceph_auth_client *ac,
129 void *msg_buf, size_t msg_len)
130{
131 struct ceph_mon_request_header *monhdr = msg_buf;
132 void *p = monhdr + 1;
133 void *end = msg_buf + msg_len;
134 int ret;
135
136 monhdr->have_version = 0;
137 monhdr->session_mon = cpu_to_le16(-1);
138 monhdr->session_mon_tid = 0;
139
140 ceph_encode_32(&p, ac->protocol);
141
142 ret = ac->ops->build_request(ac, p + sizeof(u32), end);
143 if (ret < 0) {
144 pr_err("error %d building request\n", ret);
145 return ret;
146 }
147 dout(" built request %d bytes\n", ret);
148 ceph_encode_32(&p, ret);
149 return p + ret - msg_buf;
150}
151
128/* 152/*
129 * Handle auth message from monitor. 153 * Handle auth message from monitor.
130 */ 154 */
@@ -188,28 +212,13 @@ int ceph_handle_auth_reply(struct ceph_auth_client *ac,
188 goto out; 212 goto out;
189 } 213 }
190 } 214 }
215
216 ac->negotiating = false;
191 } 217 }
192 218
193 ret = ac->ops->handle_reply(ac, result, payload, payload_end); 219 ret = ac->ops->handle_reply(ac, result, payload, payload_end);
194 if (ret == -EAGAIN) { 220 if (ret == -EAGAIN) {
195 struct ceph_mon_request_header *monhdr = reply_buf; 221 return ceph_build_auth_request(ac, reply_buf, reply_len);
196 void *p = reply_buf + 1;
197 void *end = reply_buf + reply_len;
198
199 monhdr->have_version = 0;
200 monhdr->session_mon = cpu_to_le16(-1);
201 monhdr->session_mon_tid = 0;
202
203 ceph_encode_32(&p, ac->protocol);
204
205 ret = ac->ops->build_request(ac, p + sizeof(u32), end);
206 if (ret < 0) {
207 pr_err("error %d building request\n", ret);
208 goto out;
209 }
210 dout(" built request %d bytes\n", ret);
211 ceph_encode_32(&p, ret);
212 return p + ret - reply_buf;
213 } else if (ret) { 222 } else if (ret) {
214 pr_err("authentication error %d\n", ret); 223 pr_err("authentication error %d\n", ret);
215 return ret; 224 return ret;
@@ -222,4 +231,20 @@ out:
222 return ret; 231 return ret;
223} 232}
224 233
234int ceph_build_auth(struct ceph_auth_client *ac,
235 void *msg_buf, size_t msg_len)
236{
237 if (!ac->protocol)
238 return ceph_auth_build_hello(ac, msg_buf, msg_len);
239 BUG_ON(!ac->ops);
240 if (!ac->ops->is_authenticated(ac))
241 return ceph_build_auth_request(ac, msg_buf, msg_len);
242 return 0;
243}
225 244
245int ceph_auth_is_authenticated(struct ceph_auth_client *ac)
246{
247 if (!ac->ops)
248 return 0;
249 return ac->ops->is_authenticated(ac);
250}