diff options
author | Sage Weil <sage@newdream.net> | 2010-02-02 19:21:06 -0500 |
---|---|---|
committer | Sage Weil <sage@newdream.net> | 2010-02-10 18:04:47 -0500 |
commit | 9bd2e6f8ba71facf1cadb7154a7e0e4d345a6aba (patch) | |
tree | 1c1bb4d2f769eca05443b98334fe0fbdb3b977c2 /fs/ceph/auth.c | |
parent | 8b6e4f2d8b21c25225b1ce8d53a2e03b92cc8522 (diff) |
ceph: allow renewal of auth credentials
Add infrastructure to allow the mon_client to periodically renew its auth
credentials. Also add a messenger callback that will force such a renewal
if a peer rejects our authenticator.
Signed-off-by: Yehuda Sadeh <yehuda@hq.newdream.net>
Signed-off-by: Sage Weil <sage@newdream.net>
Diffstat (limited to 'fs/ceph/auth.c')
-rw-r--r-- | fs/ceph/auth.c | 61 |
1 files changed, 43 insertions, 18 deletions
diff --git a/fs/ceph/auth.c b/fs/ceph/auth.c index 32f2e2a021ab..d5872d4f92bf 100644 --- a/fs/ceph/auth.c +++ b/fs/ceph/auth.c | |||
@@ -125,6 +125,30 @@ bad: | |||
125 | return -ERANGE; | 125 | return -ERANGE; |
126 | } | 126 | } |
127 | 127 | ||
128 | int ceph_build_auth_request(struct ceph_auth_client *ac, | ||
129 | void *msg_buf, size_t msg_len) | ||
130 | { | ||
131 | struct ceph_mon_request_header *monhdr = msg_buf; | ||
132 | void *p = monhdr + 1; | ||
133 | void *end = msg_buf + msg_len; | ||
134 | int ret; | ||
135 | |||
136 | monhdr->have_version = 0; | ||
137 | monhdr->session_mon = cpu_to_le16(-1); | ||
138 | monhdr->session_mon_tid = 0; | ||
139 | |||
140 | ceph_encode_32(&p, ac->protocol); | ||
141 | |||
142 | ret = ac->ops->build_request(ac, p + sizeof(u32), end); | ||
143 | if (ret < 0) { | ||
144 | pr_err("error %d building request\n", ret); | ||
145 | return ret; | ||
146 | } | ||
147 | dout(" built request %d bytes\n", ret); | ||
148 | ceph_encode_32(&p, ret); | ||
149 | return p + ret - msg_buf; | ||
150 | } | ||
151 | |||
128 | /* | 152 | /* |
129 | * Handle auth message from monitor. | 153 | * Handle auth message from monitor. |
130 | */ | 154 | */ |
@@ -188,28 +212,13 @@ int ceph_handle_auth_reply(struct ceph_auth_client *ac, | |||
188 | goto out; | 212 | goto out; |
189 | } | 213 | } |
190 | } | 214 | } |
215 | |||
216 | ac->negotiating = false; | ||
191 | } | 217 | } |
192 | 218 | ||
193 | ret = ac->ops->handle_reply(ac, result, payload, payload_end); | 219 | ret = ac->ops->handle_reply(ac, result, payload, payload_end); |
194 | if (ret == -EAGAIN) { | 220 | if (ret == -EAGAIN) { |
195 | struct ceph_mon_request_header *monhdr = reply_buf; | 221 | return ceph_build_auth_request(ac, reply_buf, reply_len); |
196 | void *p = reply_buf + 1; | ||
197 | void *end = reply_buf + reply_len; | ||
198 | |||
199 | monhdr->have_version = 0; | ||
200 | monhdr->session_mon = cpu_to_le16(-1); | ||
201 | monhdr->session_mon_tid = 0; | ||
202 | |||
203 | ceph_encode_32(&p, ac->protocol); | ||
204 | |||
205 | ret = ac->ops->build_request(ac, p + sizeof(u32), end); | ||
206 | if (ret < 0) { | ||
207 | pr_err("error %d building request\n", ret); | ||
208 | goto out; | ||
209 | } | ||
210 | dout(" built request %d bytes\n", ret); | ||
211 | ceph_encode_32(&p, ret); | ||
212 | return p + ret - reply_buf; | ||
213 | } else if (ret) { | 222 | } else if (ret) { |
214 | pr_err("authentication error %d\n", ret); | 223 | pr_err("authentication error %d\n", ret); |
215 | return ret; | 224 | return ret; |
@@ -222,4 +231,20 @@ out: | |||
222 | return ret; | 231 | return ret; |
223 | } | 232 | } |
224 | 233 | ||
234 | int ceph_build_auth(struct ceph_auth_client *ac, | ||
235 | void *msg_buf, size_t msg_len) | ||
236 | { | ||
237 | if (!ac->protocol) | ||
238 | return ceph_auth_build_hello(ac, msg_buf, msg_len); | ||
239 | BUG_ON(!ac->ops); | ||
240 | if (!ac->ops->is_authenticated(ac)) | ||
241 | return ceph_build_auth_request(ac, msg_buf, msg_len); | ||
242 | return 0; | ||
243 | } | ||
225 | 244 | ||
245 | int ceph_auth_is_authenticated(struct ceph_auth_client *ac) | ||
246 | { | ||
247 | if (!ac->ops) | ||
248 | return 0; | ||
249 | return ac->ops->is_authenticated(ac); | ||
250 | } | ||