aboutsummaryrefslogtreecommitdiffstats
path: root/fs/ceph/mon_client.c
diff options
context:
space:
mode:
authorSage Weil <sage@newdream.net>2010-02-02 19:21:06 -0500
committerSage Weil <sage@newdream.net>2010-02-10 18:04:47 -0500
commit9bd2e6f8ba71facf1cadb7154a7e0e4d345a6aba (patch)
tree1c1bb4d2f769eca05443b98334fe0fbdb3b977c2 /fs/ceph/mon_client.c
parent8b6e4f2d8b21c25225b1ce8d53a2e03b92cc8522 (diff)
ceph: allow renewal of auth credentials
Add infrastructure to allow the mon_client to periodically renew its auth credentials. Also add a messenger callback that will force such a renewal if a peer rejects our authenticator. Signed-off-by: Yehuda Sadeh <yehuda@hq.newdream.net> Signed-off-by: Sage Weil <sage@newdream.net>
Diffstat (limited to 'fs/ceph/mon_client.c')
-rw-r--r--fs/ceph/mon_client.c55
1 files changed, 48 insertions, 7 deletions
diff --git a/fs/ceph/mon_client.c b/fs/ceph/mon_client.c
index 3f7ae7f73c50..fec41a0eff86 100644
--- a/fs/ceph/mon_client.c
+++ b/fs/ceph/mon_client.c
@@ -29,6 +29,8 @@
29 29
30const static struct ceph_connection_operations mon_con_ops; 30const static struct ceph_connection_operations mon_con_ops;
31 31
32static int __validate_auth(struct ceph_mon_client *monc);
33
32/* 34/*
33 * Decode a monmap blob (e.g., during mount). 35 * Decode a monmap blob (e.g., during mount).
34 */ 36 */
@@ -103,6 +105,7 @@ static void __close_session(struct ceph_mon_client *monc)
103 ceph_con_revoke(monc->con, monc->m_auth); 105 ceph_con_revoke(monc->con, monc->m_auth);
104 ceph_con_close(monc->con); 106 ceph_con_close(monc->con);
105 monc->cur_mon = -1; 107 monc->cur_mon = -1;
108 monc->pending_auth = 0;
106 ceph_auth_reset(monc->auth); 109 ceph_auth_reset(monc->auth);
107 } 110 }
108} 111}
@@ -334,7 +337,7 @@ static void ceph_monc_handle_map(struct ceph_mon_client *monc,
334 337
335out: 338out:
336 mutex_unlock(&monc->mutex); 339 mutex_unlock(&monc->mutex);
337 wake_up(&client->mount_wq); 340 wake_up(&client->auth_wq);
338} 341}
339 342
340/* 343/*
@@ -477,6 +480,11 @@ static void delayed_work(struct work_struct *work)
477 __open_session(monc); /* continue hunting */ 480 __open_session(monc); /* continue hunting */
478 } else { 481 } else {
479 ceph_con_keepalive(monc->con); 482 ceph_con_keepalive(monc->con);
483 mutex_unlock(&monc->mutex);
484
485 __validate_auth(monc);
486
487 mutex_lock(&monc->mutex);
480 if (monc->auth->ops->is_authenticated(monc->auth)) 488 if (monc->auth->ops->is_authenticated(monc->auth))
481 __send_subscribe(monc); 489 __send_subscribe(monc);
482 } 490 }
@@ -557,6 +565,7 @@ int ceph_monc_init(struct ceph_mon_client *monc, struct ceph_client *cl)
557 goto out_pool2; 565 goto out_pool2;
558 566
559 monc->m_auth = ceph_msg_new(CEPH_MSG_AUTH, 4096, 0, 0, NULL); 567 monc->m_auth = ceph_msg_new(CEPH_MSG_AUTH, 4096, 0, 0, NULL);
568 monc->pending_auth = 0;
560 if (IS_ERR(monc->m_auth)) { 569 if (IS_ERR(monc->m_auth)) {
561 err = PTR_ERR(monc->m_auth); 570 err = PTR_ERR(monc->m_auth);
562 monc->m_auth = NULL; 571 monc->m_auth = NULL;
@@ -614,6 +623,15 @@ void ceph_monc_stop(struct ceph_mon_client *monc)
614 kfree(monc->monmap); 623 kfree(monc->monmap);
615} 624}
616 625
626static void __send_prepared_auth_request(struct ceph_mon_client *monc, int len)
627{
628 monc->pending_auth = 1;
629 monc->m_auth->front.iov_len = len;
630 monc->m_auth->hdr.front_len = cpu_to_le32(len);
631 ceph_msg_get(monc->m_auth); /* keep our ref */
632 ceph_con_send(monc->con, monc->m_auth);
633}
634
617 635
618static void handle_auth_reply(struct ceph_mon_client *monc, 636static void handle_auth_reply(struct ceph_mon_client *monc,
619 struct ceph_msg *msg) 637 struct ceph_msg *msg)
@@ -621,18 +639,16 @@ static void handle_auth_reply(struct ceph_mon_client *monc,
621 int ret; 639 int ret;
622 640
623 mutex_lock(&monc->mutex); 641 mutex_lock(&monc->mutex);
642 monc->pending_auth = 0;
624 ret = ceph_handle_auth_reply(monc->auth, msg->front.iov_base, 643 ret = ceph_handle_auth_reply(monc->auth, msg->front.iov_base,
625 msg->front.iov_len, 644 msg->front.iov_len,
626 monc->m_auth->front.iov_base, 645 monc->m_auth->front.iov_base,
627 monc->m_auth->front_max); 646 monc->m_auth->front_max);
628 if (ret < 0) { 647 if (ret < 0) {
629 monc->client->mount_err = ret; 648 monc->client->auth_err = ret;
630 wake_up(&monc->client->mount_wq); 649 wake_up(&monc->client->auth_wq);
631 } else if (ret > 0) { 650 } else if (ret > 0) {
632 monc->m_auth->front.iov_len = ret; 651 __send_prepared_auth_request(monc, ret);
633 monc->m_auth->hdr.front_len = cpu_to_le32(ret);
634 ceph_msg_get(monc->m_auth); /* keep our ref */
635 ceph_con_send(monc->con, monc->m_auth);
636 } else if (monc->auth->ops->is_authenticated(monc->auth)) { 652 } else if (monc->auth->ops->is_authenticated(monc->auth)) {
637 dout("authenticated, starting session\n"); 653 dout("authenticated, starting session\n");
638 654
@@ -645,6 +661,31 @@ static void handle_auth_reply(struct ceph_mon_client *monc,
645 mutex_unlock(&monc->mutex); 661 mutex_unlock(&monc->mutex);
646} 662}
647 663
664static int __validate_auth(struct ceph_mon_client *monc)
665{
666 int ret;
667
668 if (monc->pending_auth)
669 return 0;
670
671 ret = ceph_build_auth(monc->auth, monc->m_auth->front.iov_base,
672 monc->m_auth->front_max);
673 if (ret <= 0)
674 return ret; /* either an error, or no need to authenticate */
675 __send_prepared_auth_request(monc, ret);
676 return 0;
677}
678
679int ceph_monc_validate_auth(struct ceph_mon_client *monc)
680{
681 int ret;
682
683 mutex_lock(&monc->mutex);
684 ret = __validate_auth(monc);
685 mutex_unlock(&monc->mutex);
686 return ret;
687}
688
648/* 689/*
649 * handle incoming message 690 * handle incoming message
650 */ 691 */
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-26 03:10:53 -0500