[ceph.git] / ceph / src / auth / cephx / CephxClientHandler.h

// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- 
// vim: ts=8 sw=2 smarttab
/*
 * Ceph - scalable distributed file system
 *
 * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
 *
 * This is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License version 2.1, as published by the Free Software 
 * Foundation.  See file COPYING.
 * 
 */

#ifndef CEPH_CEPHXCLIENTHANDLER_H
#define CEPH_CEPHXCLIENTHANDLER_H

#include "auth/AuthClientHandler.h"
#include "CephxProtocol.h"
#include "auth/RotatingKeyRing.h"
#include "include/common_fwd.h"

class KeyRing;

class CephxClientHandler : public AuthClientHandler {
  bool starting;

  /* envelope protocol parameters */
  uint64_t server_challenge;

  CephXTicketManager tickets;
  CephXTicketHandler* ticket_handler;

  RotatingKeyRing* rotating_secrets;
  KeyRing *keyring;

public:
  CephxClientHandler(CephContext *cct_,
		     RotatingKeyRing *rsecrets)
    : AuthClientHandler(cct_),
      starting(false),
      server_challenge(0),
      tickets(cct_),
      ticket_handler(NULL),
      rotating_secrets(rsecrets),
      keyring(rsecrets->get_keyring())
  {
    reset();
  }

  void reset() override;
  void prepare_build_request() override;
  int build_request(bufferlist& bl) const override;
  int handle_response(int ret, bufferlist::const_iterator& iter,
		      CryptoKey *session_key,
		      std::string *connection_secret) override;
  bool build_rotating_request(bufferlist& bl) const override;

  int get_protocol() const override { return CEPH_AUTH_CEPHX; }

  AuthAuthorizer *build_authorizer(uint32_t service_id) const override;

  bool need_tickets() override;

  void set_global_id(uint64_t id) override {
    global_id = id;
    tickets.global_id = id;
  }
private:
  void validate_tickets() override;
  bool _need_tickets() const;
};

#endif
Commit	Line	Data
7c673cae FG	1	// -- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t --
	2	// vim: ts=8 sw=2 smarttab
	3	/*
	4	* Ceph - scalable distributed file system
	5	*
	6	* Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
	7	*
	8	* This is free software; you can redistribute it and/or
	9	* modify it under the terms of the GNU Lesser General Public
	10	* License version 2.1, as published by the Free Software
	11	* Foundation. See file COPYING.
	12	*
	13	*/
	14
	15	#ifndef CEPH_CEPHXCLIENTHANDLER_H
	16	#define CEPH_CEPHXCLIENTHANDLER_H
	17
	18	#include "auth/AuthClientHandler.h"
	19	#include "CephxProtocol.h"
	20	#include "auth/RotatingKeyRing.h"
9f95a23c	21	#include "include/common_fwd.h"
7c673cae	22
7c673cae FG	23	class KeyRing;
	24
	25	class CephxClientHandler : public AuthClientHandler {
	26	bool starting;
	27
	28	/* envelope protocol parameters */
	29	uint64_t server_challenge;
	30
	31	CephXTicketManager tickets;
	32	CephXTicketHandler* ticket_handler;
	33
11fdf7f2	34	RotatingKeyRing* rotating_secrets;
7c673cae FG	35	KeyRing *keyring;
	36
	37	public:
11fdf7f2 TL	38	CephxClientHandler(CephContext *cct_,
11fdf7f2 TL	39	RotatingKeyRing *rsecrets)
7c673cae FG	40	: AuthClientHandler(cct_),
	41	starting(false),
	42	server_challenge(0),
	43	tickets(cct_),
	44	ticket_handler(NULL),
	45	rotating_secrets(rsecrets),
	46	keyring(rsecrets->get_keyring())
	47	{
	48	reset();
	49	}
	50
11fdf7f2	51	void reset() override;
7c673cae FG	52	void prepare_build_request() override;
7c673cae FG	53	int build_request(bufferlist& bl) const override;
11fdf7f2 TL	54	int handle_response(int ret, bufferlist::const_iterator& iter,
	55	CryptoKey *session_key,
	56	std::string *connection_secret) override;
7c673cae FG	57	bool build_rotating_request(bufferlist& bl) const override;
	58
	59	int get_protocol() const override { return CEPH_AUTH_CEPHX; }
	60
	61	AuthAuthorizer *build_authorizer(uint32_t service_id) const override;
	62
	63	bool need_tickets() override;
	64
	65	void set_global_id(uint64_t id) override {
7c673cae FG	66	global_id = id;
	67	tickets.global_id = id;
	68	}
	69	private:
	70	void validate_tickets() override;
	71	bool _need_tickets() const;
	72	};
	73
	74	#endif