]>
Commit | Line | Data |
---|---|---|
9f95a23c TL |
1 | // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- |
2 | // vim: ts=8 sw=2 smarttab | |
3 | ||
4 | #pragma once | |
5 | ||
6 | #include <cstdint> | |
7 | #include <string> | |
8 | #include <tuple> | |
9 | #include <vector> | |
10 | #include "include/buffer_fwd.h" | |
11 | #include "crimson/net/Fwd.h" | |
12 | ||
13 | class CryptoKey; | |
14 | ||
15 | namespace crimson::auth { | |
16 | ||
17 | class error : public std::logic_error { | |
18 | public: | |
19 | using std::logic_error::logic_error; | |
20 | }; | |
21 | ||
22 | using method_t = uint32_t; | |
23 | ||
24 | // TODO: revisit interfaces for non-dummy implementations | |
25 | class AuthClient { | |
26 | public: | |
27 | virtual ~AuthClient() {} | |
28 | ||
29 | struct auth_request_t { | |
30 | method_t auth_method; | |
31 | std::vector<uint32_t> preferred_modes; | |
32 | ceph::bufferlist auth_bl; | |
33 | }; | |
34 | /// Build an authentication request to begin the handshake | |
35 | /// | |
36 | /// @throw auth::error if unable to build the request | |
1e59de90 TL |
37 | virtual auth_request_t get_auth_request(crimson::net::Connection &conn, |
38 | AuthConnectionMeta &auth_meta) = 0; | |
9f95a23c TL |
39 | |
40 | /// Handle server's request to continue the handshake | |
41 | /// | |
42 | /// @throw auth::error if unable to build the request | |
43 | virtual ceph::bufferlist handle_auth_reply_more( | |
1e59de90 TL |
44 | crimson::net::Connection &conn, |
45 | AuthConnectionMeta &auth_meta, | |
9f95a23c TL |
46 | const ceph::bufferlist& bl) = 0; |
47 | ||
48 | /// Handle server's indication that authentication succeeded | |
49 | /// | |
50 | /// @return 0 if authenticated, a negative number otherwise | |
51 | virtual int handle_auth_done( | |
1e59de90 TL |
52 | crimson::net::Connection &conn, |
53 | AuthConnectionMeta &auth_meta, | |
9f95a23c TL |
54 | uint64_t global_id, |
55 | uint32_t con_mode, | |
56 | const bufferlist& bl) = 0; | |
57 | ||
58 | /// Handle server's indication that the previous auth attempt failed | |
59 | /// | |
60 | /// @return 0 if will try next auth method, a negative number if we have no | |
61 | /// more options | |
62 | virtual int handle_auth_bad_method( | |
1e59de90 TL |
63 | crimson::net::Connection &conn, |
64 | AuthConnectionMeta &auth_meta, | |
9f95a23c TL |
65 | uint32_t old_auth_method, |
66 | int result, | |
67 | const std::vector<uint32_t>& allowed_methods, | |
68 | const std::vector<uint32_t>& allowed_modes) = 0; | |
69 | }; | |
70 | ||
71 | } // namespace crimson::auth |