]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- |
2 | // vim: ts=8 sw=2 smarttab | |
3 | /* | |
4 | * Ceph - scalable distributed file system | |
5 | * | |
6 | * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net> | |
7 | * | |
8 | * This is free software; you can redistribute it and/or | |
9 | * modify it under the terms of the GNU Lesser General Public | |
10 | * License version 2.1, as published by the Free Software | |
11 | * Foundation. See file COPYING. | |
12 | * | |
13 | */ | |
14 | ||
15 | #ifndef CEPH_KEYRING_H | |
16 | #define CEPH_KEYRING_H | |
17 | ||
18 | #include "auth/Auth.h" | |
9f95a23c | 19 | #include "include/common_fwd.h" |
7c673cae FG |
20 | |
21 | class KeyRing : public KeyStore { | |
9f95a23c | 22 | std::map<EntityName, EntityAuth> keys; |
7c673cae | 23 | |
9f95a23c | 24 | int set_modifier(const char *type, const char *val, EntityName& name, std::map<std::string, ceph::buffer::list>& caps); |
7c673cae | 25 | public: |
9f95a23c | 26 | void decode_plaintext(ceph::buffer::list::const_iterator& bl); |
7c673cae FG |
27 | /* Create a KeyRing from a Ceph context. |
28 | * We will use the configuration stored inside the context. */ | |
29 | int from_ceph_context(CephContext *cct); | |
30 | ||
9f95a23c | 31 | std::map<EntityName, EntityAuth>& get_keys() { return keys; } // yuck |
7c673cae FG |
32 | |
33 | int load(CephContext *cct, const std::string &filename); | |
9f95a23c | 34 | void print(std::ostream& out); |
7c673cae FG |
35 | |
36 | // accessors | |
11fdf7f2 TL |
37 | bool exists(const EntityName& name) const { |
38 | auto p = keys.find(name); | |
39 | return p != keys.end(); | |
40 | } | |
7c673cae | 41 | bool get_auth(const EntityName& name, EntityAuth &a) const { |
9f95a23c | 42 | std::map<EntityName, EntityAuth>::const_iterator k = keys.find(name); |
7c673cae FG |
43 | if (k == keys.end()) |
44 | return false; | |
45 | a = k->second; | |
46 | return true; | |
47 | } | |
48 | bool get_secret(const EntityName& name, CryptoKey& secret) const override { | |
9f95a23c | 49 | std::map<EntityName, EntityAuth>::const_iterator k = keys.find(name); |
7c673cae FG |
50 | if (k == keys.end()) |
51 | return false; | |
52 | secret = k->second.key; | |
53 | return true; | |
54 | } | |
55 | bool get_service_secret(uint32_t service_id, uint64_t secret_id, | |
56 | CryptoKey& secret) const override { | |
57 | return false; | |
58 | } | |
59 | bool get_caps(const EntityName& name, | |
60 | const std::string& type, AuthCapsInfo& caps) const { | |
9f95a23c | 61 | std::map<EntityName, EntityAuth>::const_iterator k = keys.find(name); |
7c673cae FG |
62 | if (k == keys.end()) |
63 | return false; | |
9f95a23c | 64 | std::map<std::string,ceph::buffer::list>::const_iterator i = k->second.caps.find(type); |
7c673cae FG |
65 | if (i != k->second.caps.end()) { |
66 | caps.caps = i->second; | |
67 | } | |
68 | return true; | |
69 | } | |
11fdf7f2 TL |
70 | size_t size() const { |
71 | return keys.size(); | |
72 | } | |
7c673cae FG |
73 | |
74 | // modifiers | |
75 | void add(const EntityName& name, EntityAuth &a) { | |
76 | keys[name] = a; | |
77 | } | |
78 | void add(const EntityName& name, CryptoKey &k) { | |
79 | EntityAuth a; | |
80 | a.key = k; | |
81 | keys[name] = a; | |
82 | } | |
83 | void remove(const EntityName& name) { | |
84 | keys.erase(name); | |
85 | } | |
9f95a23c | 86 | void set_caps(EntityName& name, std::map<std::string, ceph::buffer::list>& caps) { |
7c673cae FG |
87 | keys[name].caps = caps; |
88 | } | |
7c673cae FG |
89 | void set_key(EntityName& ename, CryptoKey& key) { |
90 | keys[ename].key = key; | |
91 | } | |
92 | void import(CephContext *cct, KeyRing& other); | |
93 | ||
20effc67 | 94 | // decode as plaintext |
9f95a23c | 95 | void decode(ceph::buffer::list::const_iterator& bl); |
7c673cae | 96 | |
9f95a23c TL |
97 | void encode_plaintext(ceph::buffer::list& bl); |
98 | void encode_formatted(std::string label, ceph::Formatter *f, ceph::buffer::list& bl); | |
7c673cae FG |
99 | }; |
100 | ||
101 | // don't use WRITE_CLASS_ENCODER macro because we don't have an encode | |
102 | // macro. don't juse encode_plaintext in that case because it is not | |
9f95a23c TL |
103 | // wrappable; it assumes it gets the entire ceph::buffer::list. |
104 | static inline void decode(KeyRing& kr, ceph::buffer::list::const_iterator& p) { | |
7c673cae FG |
105 | kr.decode(p); |
106 | } | |
107 | ||
108 | #endif |