diff options
| author | Sage Weil <sage@newdream.net> | 2010-05-25 18:39:06 -0400 |
|---|---|---|
| committer | Sage Weil <sage@newdream.net> | 2010-05-29 12:12:39 -0400 |
| commit | a41359fa355e7b450c610ed8e913d5d75c3c9c3b (patch) | |
| tree | 6dc6681f4350f0888ddcb55b5a21326069c200b2 /fs | |
| parent | 09c4d6a7d40dd26c1b35674c582382b7ea551368 (diff) | |
ceph: renew auth tickets before they expire
We were only requesting renewal after our tickets expire; do so before
that. Most of the low-level logic for this was already there; just use
it.
Signed-off-by: Sage Weil <sage@newdream.net>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/ceph/auth.c | 2 | ||||
| -rw-r--r-- | fs/ceph/auth.h | 6 | ||||
| -rw-r--r-- | fs/ceph/auth_none.c | 8 | ||||
| -rw-r--r-- | fs/ceph/auth_x.c | 12 |
4 files changed, 27 insertions, 1 deletions
diff --git a/fs/ceph/auth.c b/fs/ceph/auth.c index a28ebdf465d7..89490beaf537 100644 --- a/fs/ceph/auth.c +++ b/fs/ceph/auth.c | |||
| @@ -246,7 +246,7 @@ int ceph_build_auth(struct ceph_auth_client *ac, | |||
| 246 | if (!ac->protocol) | 246 | if (!ac->protocol) |
| 247 | return ceph_auth_build_hello(ac, msg_buf, msg_len); | 247 | return ceph_auth_build_hello(ac, msg_buf, msg_len); |
| 248 | BUG_ON(!ac->ops); | 248 | BUG_ON(!ac->ops); |
| 249 | if (!ac->ops->is_authenticated(ac)) | 249 | if (ac->ops->should_authenticate(ac)) |
| 250 | return ceph_build_auth_request(ac, msg_buf, msg_len); | 250 | return ceph_build_auth_request(ac, msg_buf, msg_len); |
| 251 | return 0; | 251 | return 0; |
| 252 | } | 252 | } |
diff --git a/fs/ceph/auth.h b/fs/ceph/auth.h index 4429a707c021..d38a2fb4a137 100644 --- a/fs/ceph/auth.h +++ b/fs/ceph/auth.h | |||
| @@ -24,6 +24,12 @@ struct ceph_auth_client_ops { | |||
| 24 | int (*is_authenticated)(struct ceph_auth_client *ac); | 24 | int (*is_authenticated)(struct ceph_auth_client *ac); |
| 25 | 25 | ||
| 26 | /* | 26 | /* |
| 27 | * true if we should (re)authenticate, e.g., when our tickets | ||
| 28 | * are getting old and crusty. | ||
| 29 | */ | ||
| 30 | int (*should_authenticate)(struct ceph_auth_client *ac); | ||
| 31 | |||
| 32 | /* | ||
| 27 | * build requests and process replies during monitor | 33 | * build requests and process replies during monitor |
| 28 | * handshake. if handle_reply returns -EAGAIN, we build | 34 | * handshake. if handle_reply returns -EAGAIN, we build |
| 29 | * another request. | 35 | * another request. |
diff --git a/fs/ceph/auth_none.c b/fs/ceph/auth_none.c index 24407c119291..ad1dc21286c7 100644 --- a/fs/ceph/auth_none.c +++ b/fs/ceph/auth_none.c | |||
| @@ -31,6 +31,13 @@ static int is_authenticated(struct ceph_auth_client *ac) | |||
| 31 | return !xi->starting; | 31 | return !xi->starting; |
| 32 | } | 32 | } |
| 33 | 33 | ||
| 34 | static int should_authenticate(struct ceph_auth_client *ac) | ||
| 35 | { | ||
| 36 | struct ceph_auth_none_info *xi = ac->private; | ||
| 37 | |||
| 38 | return xi->starting; | ||
| 39 | } | ||
| 40 | |||
| 34 | /* | 41 | /* |
| 35 | * the generic auth code decode the global_id, and we carry no actual | 42 | * the generic auth code decode the global_id, and we carry no actual |
| 36 | * authenticate state, so nothing happens here. | 43 | * authenticate state, so nothing happens here. |
| @@ -98,6 +105,7 @@ static const struct ceph_auth_client_ops ceph_auth_none_ops = { | |||
| 98 | .reset = reset, | 105 | .reset = reset, |
| 99 | .destroy = destroy, | 106 | .destroy = destroy, |
| 100 | .is_authenticated = is_authenticated, | 107 | .is_authenticated = is_authenticated, |
| 108 | .should_authenticate = should_authenticate, | ||
| 101 | .handle_reply = handle_reply, | 109 | .handle_reply = handle_reply, |
| 102 | .create_authorizer = ceph_auth_none_create_authorizer, | 110 | .create_authorizer = ceph_auth_none_create_authorizer, |
| 103 | .destroy_authorizer = ceph_auth_none_destroy_authorizer, | 111 | .destroy_authorizer = ceph_auth_none_destroy_authorizer, |
diff --git a/fs/ceph/auth_x.c b/fs/ceph/auth_x.c index 7b206231566d..83d4d2785ffe 100644 --- a/fs/ceph/auth_x.c +++ b/fs/ceph/auth_x.c | |||
| @@ -27,6 +27,17 @@ static int ceph_x_is_authenticated(struct ceph_auth_client *ac) | |||
| 27 | return (ac->want_keys & xi->have_keys) == ac->want_keys; | 27 | return (ac->want_keys & xi->have_keys) == ac->want_keys; |
| 28 | } | 28 | } |
| 29 | 29 | ||
| 30 | static int ceph_x_should_authenticate(struct ceph_auth_client *ac) | ||
| 31 | { | ||
| 32 | struct ceph_x_info *xi = ac->private; | ||
| 33 | int need; | ||
| 34 | |||
| 35 | ceph_x_validate_tickets(ac, &need); | ||
| 36 | dout("ceph_x_should_authenticate want=%d need=%d have=%d\n", | ||
| 37 | ac->want_keys, need, xi->have_keys); | ||
| 38 | return need != 0; | ||
| 39 | } | ||
| 40 | |||
| 30 | static int ceph_x_encrypt_buflen(int ilen) | 41 | static int ceph_x_encrypt_buflen(int ilen) |
| 31 | { | 42 | { |
| 32 | return sizeof(struct ceph_x_encrypt_header) + ilen + 16 + | 43 | return sizeof(struct ceph_x_encrypt_header) + ilen + 16 + |
| @@ -620,6 +631,7 @@ static void ceph_x_invalidate_authorizer(struct ceph_auth_client *ac, | |||
| 620 | static const struct ceph_auth_client_ops ceph_x_ops = { | 631 | static const struct ceph_auth_client_ops ceph_x_ops = { |
| 621 | .name = "x", | 632 | .name = "x", |
| 622 | .is_authenticated = ceph_x_is_authenticated, | 633 | .is_authenticated = ceph_x_is_authenticated, |
| 634 | .should_authenticate = ceph_x_should_authenticate, | ||
| 623 | .build_request = ceph_x_build_request, | 635 | .build_request = ceph_x_build_request, |
| 624 | .handle_reply = ceph_x_handle_reply, | 636 | .handle_reply = ceph_x_handle_reply, |
| 625 | .create_authorizer = ceph_x_create_authorizer, | 637 | .create_authorizer = ceph_x_create_authorizer, |