[ceph.git] / ceph / src / auth / AuthServiceHandler.h

// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- 
// vim: ts=8 sw=2 smarttab
/*
 * Ceph - scalable distributed file system
 *
 * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
 *
 * This is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License version 2.1, as published by the Free Software 
 * Foundation.  See file COPYING.
 * 
 */

#ifndef CEPH_AUTHSERVICEHANDLER_H
#define CEPH_AUTHSERVICEHANDLER_H

#include <stddef.h>              // for NULL
#include <stdint.h>              // for uint64_t
#include "common/entity_name.h"  // for EntityName
#include "include/common_fwd.h"
#include "include/buffer_fwd.h"  // for ceph::buffer::list

class KeyServer;
class CryptoKey;
struct AuthCapsInfo;

enum class global_id_status_t {
  NONE,
  // fresh client (global_id == 0); waiting for CephXAuthenticate
  NEW_PENDING,
  // connected client; new enough to correctly reclaim global_id
  NEW_OK,
  // connected client; unknown whether it can reclaim global_id correctly
  NEW_NOT_EXPOSED,
  // reconnecting client (global_id != 0); waiting for CephXAuthenticate
  RECLAIM_PENDING,
  // reconnected client; correctly reclaimed global_id
  RECLAIM_OK,
  // reconnected client; did not properly prove prior global_id ownership
  RECLAIM_INSECURE
};

std::ostream& operator<<(std::ostream& os,
			 global_id_status_t global_id_status);

struct AuthServiceHandler {
protected:
  CephContext *cct;
  EntityName entity_name;
  uint64_t global_id = 0;
  global_id_status_t global_id_status = global_id_status_t::NONE;

public:
  explicit AuthServiceHandler(CephContext *cct_) : cct(cct_) {}

  virtual ~AuthServiceHandler() { }

  int start_session(const EntityName& entity_name,
		    uint64_t global_id,
		    bool is_new_global_id,
		    ceph::buffer::list *result,
		    AuthCapsInfo *caps);
  virtual int handle_request(ceph::buffer::list::const_iterator& indata,
			     size_t connection_secret_required_length,
			     ceph::buffer::list *result,
			     AuthCapsInfo *caps,
			     CryptoKey *session_key,
			     std::string *connection_secret) = 0;

  const EntityName& get_entity_name() { return entity_name; }
  uint64_t get_global_id() { return global_id; }
  global_id_status_t get_global_id_status() { return global_id_status; }

private:
  virtual int do_start_session(bool is_new_global_id,
			       ceph::buffer::list *result,
			       AuthCapsInfo *caps) = 0;
};

extern AuthServiceHandler *get_auth_service_handler(int type, CephContext *cct, KeyServer *ks);

#endif
Commit	Line	Data
7c673cae FG	1	// -- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t --
	2	// vim: ts=8 sw=2 smarttab
	3	/*
	4	* Ceph - scalable distributed file system
	5	*
	6	* Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
	7	*
	8	* This is free software; you can redistribute it and/or
	9	* modify it under the terms of the GNU Lesser General Public
	10	* License version 2.1, as published by the Free Software
	11	* Foundation. See file COPYING.
	12	*
	13	*/
	14
	15	#ifndef CEPH_AUTHSERVICEHANDLER_H
	16	#define CEPH_AUTHSERVICEHANDLER_H
	17
31f18b77 FG	18	#include <stddef.h> // for NULL
	19	#include <stdint.h> // for uint64_t
	20	#include "common/entity_name.h" // for EntityName
9f95a23c TL	21	#include "include/common_fwd.h"
9f95a23c TL	22	#include "include/buffer_fwd.h" // for ceph::buffer::list
7c673cae	23
7c673cae	24	class KeyServer;
11fdf7f2	25	class CryptoKey;
31f18b77	26	struct AuthCapsInfo;
7c673cae	27
c5c27e9a TL	28	enum class global_id_status_t {
	29	NONE,
	30	// fresh client (global_id == 0); waiting for CephXAuthenticate
	31	NEW_PENDING,
	32	// connected client; new enough to correctly reclaim global_id
	33	NEW_OK,
	34	// connected client; unknown whether it can reclaim global_id correctly
	35	NEW_NOT_EXPOSED,
	36	// reconnecting client (global_id != 0); waiting for CephXAuthenticate
	37	RECLAIM_PENDING,
	38	// reconnected client; correctly reclaimed global_id
	39	RECLAIM_OK,
	40	// reconnected client; did not properly prove prior global_id ownership
	41	RECLAIM_INSECURE
	42	};
	43
	44	std::ostream& operator<<(std::ostream& os,
	45	global_id_status_t global_id_status);
	46
7c673cae FG	47	struct AuthServiceHandler {
	48	protected:
	49	CephContext *cct;
7c673cae	50	EntityName entity_name;
c5c27e9a TL	51	uint64_t global_id = 0;
c5c27e9a TL	52	global_id_status_t global_id_status = global_id_status_t::NONE;
7c673cae	53
c5c27e9a TL	54	public:
c5c27e9a TL	55	explicit AuthServiceHandler(CephContext *cct_) : cct(cct_) {}
7c673cae FG	56
	57	virtual ~AuthServiceHandler() { }
	58
c5c27e9a TL	59	int start_session(const EntityName& entity_name,
	60	uint64_t global_id,
	61	bool is_new_global_id,
	62	ceph::buffer::list *result,
	63	AuthCapsInfo *caps);
9f95a23c	64	virtual int handle_request(ceph::buffer::list::const_iterator& indata,
11fdf7f2	65	size_t connection_secret_required_length,
9f95a23c	66	ceph::buffer::list *result,
11fdf7f2 TL	67	AuthCapsInfo *caps,
	68	CryptoKey *session_key,
	69	std::string *connection_secret) = 0;
7c673cae	70
c5c27e9a TL	71	const EntityName& get_entity_name() { return entity_name; }
	72	uint64_t get_global_id() { return global_id; }
	73	global_id_status_t get_global_id_status() { return global_id_status; }
	74
	75	private:
	76	virtual int do_start_session(bool is_new_global_id,
	77	ceph::buffer::list *result,
	78	AuthCapsInfo *caps) = 0;
7c673cae FG	79	};
	80
	81	extern AuthServiceHandler get_auth_service_handler(int type, CephContext cct, KeyServer *ks);
	82
	83	#endif