diff options
Diffstat (limited to 'src/auth/krb/KrbServiceHandler.hpp')
-rw-r--r-- | src/auth/krb/KrbServiceHandler.hpp | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/src/auth/krb/KrbServiceHandler.hpp b/src/auth/krb/KrbServiceHandler.hpp new file mode 100644 index 000000000..85cf5a1a6 --- /dev/null +++ b/src/auth/krb/KrbServiceHandler.hpp @@ -0,0 +1,61 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (c) 2018 SUSE LLC. + * Author: Daniel Oliveira <doliveira@suse.com> + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#ifndef KRB_SERVICE_HANDLER_HPP +#define KRB_SERVICE_HANDLER_HPP + +#include "auth/AuthServiceHandler.h" +#include "auth/Auth.h" +#include "auth/cephx/CephxKeyServer.h" + +#include <gssapi.h> +#include <gssapi/gssapi_generic.h> +#include <gssapi/gssapi_krb5.h> +#include <gssapi/gssapi_ext.h> + + +class KrbServiceHandler : public AuthServiceHandler { + + public: + explicit KrbServiceHandler(CephContext* ceph_ctx, KeyServer* kserver) : + AuthServiceHandler(ceph_ctx), + m_gss_buffer_out({0, nullptr}), + m_gss_credentials(GSS_C_NO_CREDENTIAL), + m_gss_sec_ctx(GSS_C_NO_CONTEXT), + m_gss_service_name(GSS_C_NO_NAME), + m_key_server(kserver) { } + ~KrbServiceHandler(); + int handle_request(bufferlist::const_iterator& indata, + size_t connection_secret_required_length, + bufferlist *buff_list, + AuthCapsInfo *caps, + CryptoKey *session_key, + std::string *connection_secret) override; + + private: + int do_start_session(bool is_new_global_id, + ceph::buffer::list *buff_list, + AuthCapsInfo *caps) override; + + gss_buffer_desc m_gss_buffer_out; + gss_cred_id_t m_gss_credentials; + gss_ctx_id_t m_gss_sec_ctx; + gss_name_t m_gss_service_name; + KeyServer* m_key_server; + +}; + +#endif //-- KRB_SERVICE_HANDLER_HPP + |