summaryrefslogtreecommitdiffstats
path: root/src/auth/unknown
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 18:24:20 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 18:24:20 +0000
commit483eb2f56657e8e7f419ab1a4fab8dce9ade8609 (patch)
treee5d88d25d870d5dedacb6bbdbe2a966086a0a5cf /src/auth/unknown
parentInitial commit. (diff)
downloadceph-upstream.tar.xz
ceph-upstream.zip
Adding upstream version 14.2.21.upstream/14.2.21upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--src/auth/unknown/AuthUnknownAuthorizeHandler.cc40
-rw-r--r--src/auth/unknown/AuthUnknownAuthorizeHandler.h40
-rw-r--r--src/auth/unknown/AuthUnknownClientHandler.h58
-rw-r--r--src/auth/unknown/AuthUnknownProtocol.h32
-rw-r--r--src/auth/unknown/AuthUnknownServiceHandler.h53
-rw-r--r--src/auth/unknown/AuthUnknownSessionHandler.h19
6 files changed, 242 insertions, 0 deletions
diff --git a/src/auth/unknown/AuthUnknownAuthorizeHandler.cc b/src/auth/unknown/AuthUnknownAuthorizeHandler.cc
new file mode 100644
index 00000000..73b393db
--- /dev/null
+++ b/src/auth/unknown/AuthUnknownAuthorizeHandler.cc
@@ -0,0 +1,40 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2009-2011 New Dream Network
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+#include "AuthUnknownAuthorizeHandler.h"
+
+bool AuthUnknownAuthorizeHandler::verify_authorizer(
+ CephContext *cct,
+ KeyStore *keys,
+ const bufferlist& authorizer_data,
+ size_t connection_secret_required_len,
+ bufferlist * authorizer_reply,
+ EntityName *entity_name,
+ uint64_t *global_id,
+ AuthCapsInfo *caps_info,
+ CryptoKey *session_key,
+ std::string *connection_secret,
+ std::unique_ptr<AuthAuthorizerChallenge> *challenge)
+{
+ // For unknown authorizers, there's nothing to verify. They're "OK" by definition. PLR
+
+ return true;
+}
+
+// Return type of crypto used for this session's data; for unknown, no crypt used
+
+int AuthUnknownAuthorizeHandler::authorizer_session_crypto()
+{
+ return SESSION_CRYPTO_NONE;
+}
diff --git a/src/auth/unknown/AuthUnknownAuthorizeHandler.h b/src/auth/unknown/AuthUnknownAuthorizeHandler.h
new file mode 100644
index 00000000..464d47f2
--- /dev/null
+++ b/src/auth/unknown/AuthUnknownAuthorizeHandler.h
@@ -0,0 +1,40 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+#ifndef CEPH_AUTHUNKNOWNAUTHORIZEHANDLER_H
+#define CEPH_AUTHUNKNOWNAUTHORIZEHANDLER_H
+
+#include "auth/AuthAuthorizeHandler.h"
+
+class CephContext;
+
+struct AuthUnknownAuthorizeHandler : public AuthAuthorizeHandler {
+ bool verify_authorizer(
+ CephContext *cct,
+ KeyStore *keys,
+ const bufferlist& authorizer_data,
+ size_t connection_secret_required_len,
+ bufferlist *authorizer_reply,
+ EntityName *entity_name,
+ uint64_t *global_id,
+ AuthCapsInfo *caps_info,
+ CryptoKey *session_key,
+ std::string *connection_secret,
+ std::unique_ptr<AuthAuthorizerChallenge> *challenge) override;
+ int authorizer_session_crypto() override;
+};
+
+
+
+#endif
diff --git a/src/auth/unknown/AuthUnknownClientHandler.h b/src/auth/unknown/AuthUnknownClientHandler.h
new file mode 100644
index 00000000..79441581
--- /dev/null
+++ b/src/auth/unknown/AuthUnknownClientHandler.h
@@ -0,0 +1,58 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+#ifndef CEPH_AUTHUNKNOWNCLIENTHANDLER_H
+#define CEPH_AUTHUNKNOWNCLIENTHANDLER_H
+
+#include "auth/AuthClientHandler.h"
+#include "AuthUnknownProtocol.h"
+
+class CephContext;
+
+class AuthUnknownClientHandler : public AuthClientHandler {
+public:
+ AuthUnknownClientHandler(CephContext *cct_, RotatingKeyRing *rkeys)
+ : AuthClientHandler(cct_) {}
+
+ void reset() { }
+
+ void prepare_build_request() {}
+ int build_request(bufferlist& bl) const { return 0; }
+ int handle_response(int ret, bufferlist::iterator& iter,
+ CryptoKey *session_key,
+ std::string *connection_secret) { return 0; }
+ bool build_rotating_request(bufferlist& bl) const { return false; }
+
+ int get_protocol() const { return CEPH_AUTH_UNKNOWN; }
+
+ AuthAuthorizer *build_authorizer(uint32_t service_id) const {
+ RWLock::RLocker l(lock);
+ AuthUnknownAuthorizer *auth = new AuthUnknownAuthorizer();
+ if (auth) {
+ auth->build_authorizer(cct->_conf->name, global_id);
+ }
+ return auth;
+ }
+
+ bool need_tickets() { return false; }
+
+ void set_global_id(uint64_t id) {
+ RWLock::WLocker l(lock);
+ global_id = id;
+ }
+private:
+ void validate_tickets() { }
+};
+
+#endif
diff --git a/src/auth/unknown/AuthUnknownProtocol.h b/src/auth/unknown/AuthUnknownProtocol.h
new file mode 100644
index 00000000..d3e171ea
--- /dev/null
+++ b/src/auth/unknown/AuthUnknownProtocol.h
@@ -0,0 +1,32 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+#ifndef CEPH_AUTHUNKNOWNPROTOCOL_H
+#define CEPH_AUTHUNKNOWNPROTOCOL_H
+
+#include "auth/Auth.h"
+
+struct AuthUnknownAuthorizer : public AuthAuthorizer {
+ AuthUnknownAuthorizer() : AuthAuthorizer(CEPH_AUTH_UNKNOWN) { }
+ bool build_authorizer(const EntityName &ename, uint64_t global_id) {
+ __u8 struct_v = 1; // see AUTH_MODE_* in Auth.h
+ encode(struct_v, bl);
+ encode(ename, bl);
+ encode(global_id, bl);
+ return 0;
+ }
+ bool verify_reply(bufferlist::iterator& reply) { return true; }
+};
+
+#endif
diff --git a/src/auth/unknown/AuthUnknownServiceHandler.h b/src/auth/unknown/AuthUnknownServiceHandler.h
new file mode 100644
index 00000000..7b4019f4
--- /dev/null
+++ b/src/auth/unknown/AuthUnknownServiceHandler.h
@@ -0,0 +1,53 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+#ifndef CEPH_AUTHUNKNOWNSERVICEHANDLER_H
+#define CEPH_AUTHUNKNOWNSERVICEHANDLER_H
+
+#include "auth/AuthServiceHandler.h"
+#include "auth/Auth.h"
+
+class CephContext;
+
+class AuthUnknownServiceHandler : public AuthServiceHandler {
+public:
+ AuthUnknownServiceHandler(CephContext *cct_)
+ : AuthServiceHandler(cct_) {}
+ ~AuthUnknownServiceHandler() {}
+
+ int start_session(const EntityName& name,
+ size_t connection_secret_required_length,
+ bufferlist *result_bl,
+ AuthCapsInfo *caps,
+ CryptoKey *session_key,
+ std::string *connection_secret) {
+ return 1;
+ }
+ int handle_request(bufferlist::iterator& indata,
+ size_t connection_secret_required_length,
+ bufferlist *result_bl,
+ uint64_t *global_id,
+ AuthCapsInfo *caps,
+ CryptoKey *session_key,
+ std::string *connection_secret) {
+ ceph_abort(); // shouldn't get called
+ return 0;
+ }
+
+ void build_cephx_response_header(int request_type, int status,
+ bufferlist& bl) {
+ }
+};
+
+#endif
diff --git a/src/auth/unknown/AuthUnknownSessionHandler.h b/src/auth/unknown/AuthUnknownSessionHandler.h
new file mode 100644
index 00000000..7230663d
--- /dev/null
+++ b/src/auth/unknown/AuthUnknownSessionHandler.h
@@ -0,0 +1,19 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+#include "auth/AuthSessionHandler.h"
+
+struct AuthUnknownSessionHandler : DummyAuthSessionHandler {
+};
+