diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 18:24:20 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 18:24:20 +0000 |
commit | 483eb2f56657e8e7f419ab1a4fab8dce9ade8609 (patch) | |
tree | e5d88d25d870d5dedacb6bbdbe2a966086a0a5cf /src/auth/unknown | |
parent | Initial commit. (diff) | |
download | ceph-upstream.tar.xz ceph-upstream.zip |
Adding upstream version 14.2.21.upstream/14.2.21upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/auth/unknown')
-rw-r--r-- | src/auth/unknown/AuthUnknownAuthorizeHandler.cc | 40 | ||||
-rw-r--r-- | src/auth/unknown/AuthUnknownAuthorizeHandler.h | 40 | ||||
-rw-r--r-- | src/auth/unknown/AuthUnknownClientHandler.h | 58 | ||||
-rw-r--r-- | src/auth/unknown/AuthUnknownProtocol.h | 32 | ||||
-rw-r--r-- | src/auth/unknown/AuthUnknownServiceHandler.h | 53 | ||||
-rw-r--r-- | src/auth/unknown/AuthUnknownSessionHandler.h | 19 |
6 files changed, 242 insertions, 0 deletions
diff --git a/src/auth/unknown/AuthUnknownAuthorizeHandler.cc b/src/auth/unknown/AuthUnknownAuthorizeHandler.cc new file mode 100644 index 00000000..73b393db --- /dev/null +++ b/src/auth/unknown/AuthUnknownAuthorizeHandler.cc @@ -0,0 +1,40 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2009-2011 New Dream Network + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#include "AuthUnknownAuthorizeHandler.h" + +bool AuthUnknownAuthorizeHandler::verify_authorizer( + CephContext *cct, + KeyStore *keys, + const bufferlist& authorizer_data, + size_t connection_secret_required_len, + bufferlist * authorizer_reply, + EntityName *entity_name, + uint64_t *global_id, + AuthCapsInfo *caps_info, + CryptoKey *session_key, + std::string *connection_secret, + std::unique_ptr<AuthAuthorizerChallenge> *challenge) +{ + // For unknown authorizers, there's nothing to verify. They're "OK" by definition. PLR + + return true; +} + +// Return type of crypto used for this session's data; for unknown, no crypt used + +int AuthUnknownAuthorizeHandler::authorizer_session_crypto() +{ + return SESSION_CRYPTO_NONE; +} diff --git a/src/auth/unknown/AuthUnknownAuthorizeHandler.h b/src/auth/unknown/AuthUnknownAuthorizeHandler.h new file mode 100644 index 00000000..464d47f2 --- /dev/null +++ b/src/auth/unknown/AuthUnknownAuthorizeHandler.h @@ -0,0 +1,40 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net> + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#ifndef CEPH_AUTHUNKNOWNAUTHORIZEHANDLER_H +#define CEPH_AUTHUNKNOWNAUTHORIZEHANDLER_H + +#include "auth/AuthAuthorizeHandler.h" + +class CephContext; + +struct AuthUnknownAuthorizeHandler : public AuthAuthorizeHandler { + bool verify_authorizer( + CephContext *cct, + KeyStore *keys, + const bufferlist& authorizer_data, + size_t connection_secret_required_len, + bufferlist *authorizer_reply, + EntityName *entity_name, + uint64_t *global_id, + AuthCapsInfo *caps_info, + CryptoKey *session_key, + std::string *connection_secret, + std::unique_ptr<AuthAuthorizerChallenge> *challenge) override; + int authorizer_session_crypto() override; +}; + + + +#endif diff --git a/src/auth/unknown/AuthUnknownClientHandler.h b/src/auth/unknown/AuthUnknownClientHandler.h new file mode 100644 index 00000000..79441581 --- /dev/null +++ b/src/auth/unknown/AuthUnknownClientHandler.h @@ -0,0 +1,58 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net> + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#ifndef CEPH_AUTHUNKNOWNCLIENTHANDLER_H +#define CEPH_AUTHUNKNOWNCLIENTHANDLER_H + +#include "auth/AuthClientHandler.h" +#include "AuthUnknownProtocol.h" + +class CephContext; + +class AuthUnknownClientHandler : public AuthClientHandler { +public: + AuthUnknownClientHandler(CephContext *cct_, RotatingKeyRing *rkeys) + : AuthClientHandler(cct_) {} + + void reset() { } + + void prepare_build_request() {} + int build_request(bufferlist& bl) const { return 0; } + int handle_response(int ret, bufferlist::iterator& iter, + CryptoKey *session_key, + std::string *connection_secret) { return 0; } + bool build_rotating_request(bufferlist& bl) const { return false; } + + int get_protocol() const { return CEPH_AUTH_UNKNOWN; } + + AuthAuthorizer *build_authorizer(uint32_t service_id) const { + RWLock::RLocker l(lock); + AuthUnknownAuthorizer *auth = new AuthUnknownAuthorizer(); + if (auth) { + auth->build_authorizer(cct->_conf->name, global_id); + } + return auth; + } + + bool need_tickets() { return false; } + + void set_global_id(uint64_t id) { + RWLock::WLocker l(lock); + global_id = id; + } +private: + void validate_tickets() { } +}; + +#endif diff --git a/src/auth/unknown/AuthUnknownProtocol.h b/src/auth/unknown/AuthUnknownProtocol.h new file mode 100644 index 00000000..d3e171ea --- /dev/null +++ b/src/auth/unknown/AuthUnknownProtocol.h @@ -0,0 +1,32 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net> + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#ifndef CEPH_AUTHUNKNOWNPROTOCOL_H +#define CEPH_AUTHUNKNOWNPROTOCOL_H + +#include "auth/Auth.h" + +struct AuthUnknownAuthorizer : public AuthAuthorizer { + AuthUnknownAuthorizer() : AuthAuthorizer(CEPH_AUTH_UNKNOWN) { } + bool build_authorizer(const EntityName &ename, uint64_t global_id) { + __u8 struct_v = 1; // see AUTH_MODE_* in Auth.h + encode(struct_v, bl); + encode(ename, bl); + encode(global_id, bl); + return 0; + } + bool verify_reply(bufferlist::iterator& reply) { return true; } +}; + +#endif diff --git a/src/auth/unknown/AuthUnknownServiceHandler.h b/src/auth/unknown/AuthUnknownServiceHandler.h new file mode 100644 index 00000000..7b4019f4 --- /dev/null +++ b/src/auth/unknown/AuthUnknownServiceHandler.h @@ -0,0 +1,53 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net> + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#ifndef CEPH_AUTHUNKNOWNSERVICEHANDLER_H +#define CEPH_AUTHUNKNOWNSERVICEHANDLER_H + +#include "auth/AuthServiceHandler.h" +#include "auth/Auth.h" + +class CephContext; + +class AuthUnknownServiceHandler : public AuthServiceHandler { +public: + AuthUnknownServiceHandler(CephContext *cct_) + : AuthServiceHandler(cct_) {} + ~AuthUnknownServiceHandler() {} + + int start_session(const EntityName& name, + size_t connection_secret_required_length, + bufferlist *result_bl, + AuthCapsInfo *caps, + CryptoKey *session_key, + std::string *connection_secret) { + return 1; + } + int handle_request(bufferlist::iterator& indata, + size_t connection_secret_required_length, + bufferlist *result_bl, + uint64_t *global_id, + AuthCapsInfo *caps, + CryptoKey *session_key, + std::string *connection_secret) { + ceph_abort(); // shouldn't get called + return 0; + } + + void build_cephx_response_header(int request_type, int status, + bufferlist& bl) { + } +}; + +#endif diff --git a/src/auth/unknown/AuthUnknownSessionHandler.h b/src/auth/unknown/AuthUnknownSessionHandler.h new file mode 100644 index 00000000..7230663d --- /dev/null +++ b/src/auth/unknown/AuthUnknownSessionHandler.h @@ -0,0 +1,19 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net> + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#include "auth/AuthSessionHandler.h" + +struct AuthUnknownSessionHandler : DummyAuthSessionHandler { +}; + |