// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- // vim: ts=8 sw=2 smarttab #pragma once #include #include #include #include #include "include/buffer_fwd.h" #include "crimson/net/Fwd.h" class CryptoKey; namespace crimson::auth { class error : public std::logic_error { public: using std::logic_error::logic_error; }; using method_t = uint32_t; // TODO: revisit interfaces for non-dummy implementations class AuthClient { public: virtual ~AuthClient() {} struct auth_request_t { method_t auth_method; std::vector preferred_modes; ceph::bufferlist auth_bl; }; /// Build an authentication request to begin the handshake /// /// @throw auth::error if unable to build the request virtual auth_request_t get_auth_request(crimson::net::Connection &conn, AuthConnectionMeta &auth_meta) = 0; /// Handle server's request to continue the handshake /// /// @throw auth::error if unable to build the request virtual ceph::bufferlist handle_auth_reply_more( crimson::net::Connection &conn, AuthConnectionMeta &auth_meta, const ceph::bufferlist& bl) = 0; /// Handle server's indication that authentication succeeded /// /// @return 0 if authenticated, a negative number otherwise virtual int handle_auth_done( crimson::net::Connection &conn, AuthConnectionMeta &auth_meta, uint64_t global_id, uint32_t con_mode, const bufferlist& bl) = 0; /// Handle server's indication that the previous auth attempt failed /// /// @return 0 if will try next auth method, a negative number if we have no /// more options virtual int handle_auth_bad_method( crimson::net::Connection &conn, AuthConnectionMeta &auth_meta, uint32_t old_auth_method, int result, const std::vector& allowed_methods, const std::vector& allowed_modes) = 0; }; } // namespace crimson::auth