]>
Commit | Line | Data |
---|---|---|
4e7a5dcd SW |
1 | #include "ceph_debug.h" |
2 | ||
3 | #include <linux/module.h> | |
4 | #include <linux/err.h> | |
5 | ||
6 | #include "types.h" | |
7 | #include "auth_none.h" | |
8 | #include "decode.h" | |
9 | #include "super.h" | |
10 | ||
11 | #include "messenger.h" | |
12 | ||
13 | /* | |
14 | * get protocol handler | |
15 | */ | |
16 | static u32 supported_protocols[] = { | |
17 | CEPH_AUTH_NONE | |
18 | }; | |
19 | ||
20 | int ceph_auth_init_protocol(struct ceph_auth_client *ac, int protocol) | |
21 | { | |
22 | switch (protocol) { | |
23 | case CEPH_AUTH_NONE: | |
24 | return ceph_auth_none_init(ac); | |
25 | default: | |
26 | return -ENOENT; | |
27 | } | |
28 | } | |
29 | ||
30 | /* | |
31 | * setup, teardown. | |
32 | */ | |
33 | struct ceph_auth_client *ceph_auth_init(const char *name, const char *secret) | |
34 | { | |
35 | struct ceph_auth_client *ac; | |
36 | int ret; | |
37 | ||
38 | dout("auth_init name '%s' secret '%s'\n", name, secret); | |
39 | ||
40 | ret = -ENOMEM; | |
41 | ac = kzalloc(sizeof(*ac), GFP_NOFS); | |
42 | if (!ac) | |
43 | goto out; | |
44 | ||
45 | ac->negotiating = true; | |
46 | if (name) | |
47 | ac->name = name; | |
48 | else | |
49 | ac->name = CEPH_AUTH_NAME_DEFAULT; | |
50 | dout("auth_init name %s secret %s\n", ac->name, secret); | |
51 | ac->secret = secret; | |
52 | return ac; | |
53 | ||
54 | out: | |
55 | return ERR_PTR(ret); | |
56 | } | |
57 | ||
58 | void ceph_auth_destroy(struct ceph_auth_client *ac) | |
59 | { | |
60 | dout("auth_destroy %p\n", ac); | |
61 | if (ac->ops) | |
62 | ac->ops->destroy(ac); | |
63 | kfree(ac); | |
64 | } | |
65 | ||
66 | /* | |
67 | * Reset occurs when reconnecting to the monitor. | |
68 | */ | |
69 | void ceph_auth_reset(struct ceph_auth_client *ac) | |
70 | { | |
71 | dout("auth_reset %p\n", ac); | |
72 | if (ac->ops && !ac->negotiating) | |
73 | ac->ops->reset(ac); | |
74 | ac->negotiating = true; | |
75 | } | |
76 | ||
77 | int ceph_entity_name_encode(const char *name, void **p, void *end) | |
78 | { | |
79 | int len = strlen(name); | |
80 | ||
81 | if (*p + 2*sizeof(u32) + len > end) | |
82 | return -ERANGE; | |
83 | ceph_encode_32(p, CEPH_ENTITY_TYPE_CLIENT); | |
84 | ceph_encode_32(p, len); | |
85 | ceph_encode_copy(p, name, len); | |
86 | return 0; | |
87 | } | |
88 | ||
89 | /* | |
90 | * Initiate protocol negotiation with monitor. Include entity name | |
91 | * and list supported protocols. | |
92 | */ | |
93 | int ceph_auth_build_hello(struct ceph_auth_client *ac, void *buf, size_t len) | |
94 | { | |
95 | struct ceph_mon_request_header *monhdr = buf; | |
96 | void *p = monhdr + 1, *end = buf + len, *lenp; | |
97 | int i, num; | |
98 | int ret; | |
99 | ||
100 | dout("auth_build_hello\n"); | |
101 | monhdr->have_version = 0; | |
102 | monhdr->session_mon = cpu_to_le16(-1); | |
103 | monhdr->session_mon_tid = 0; | |
104 | ||
105 | ceph_encode_32(&p, 0); /* no protocol, yet */ | |
106 | ||
107 | lenp = p; | |
108 | p += sizeof(u32); | |
109 | ||
110 | num = ARRAY_SIZE(supported_protocols); | |
111 | ceph_encode_32(&p, num); | |
112 | for (i = 0; i < num; i++) | |
113 | ceph_encode_32(&p, supported_protocols[i]); | |
114 | ||
115 | ret = ceph_entity_name_encode(ac->name, &p, end); | |
116 | if (ret < 0) | |
117 | return ret; | |
118 | ceph_decode_need(&p, end, sizeof(u64), bad); | |
119 | ceph_encode_64(&p, ac->global_id); | |
120 | ||
121 | ceph_encode_32(&lenp, p - lenp - sizeof(u32)); | |
122 | return p - buf; | |
123 | ||
124 | bad: | |
125 | return -ERANGE; | |
126 | } | |
127 | ||
9bd2e6f8 SW |
128 | int ceph_build_auth_request(struct ceph_auth_client *ac, |
129 | void *msg_buf, size_t msg_len) | |
130 | { | |
131 | struct ceph_mon_request_header *monhdr = msg_buf; | |
132 | void *p = monhdr + 1; | |
133 | void *end = msg_buf + msg_len; | |
134 | int ret; | |
135 | ||
136 | monhdr->have_version = 0; | |
137 | monhdr->session_mon = cpu_to_le16(-1); | |
138 | monhdr->session_mon_tid = 0; | |
139 | ||
140 | ceph_encode_32(&p, ac->protocol); | |
141 | ||
142 | ret = ac->ops->build_request(ac, p + sizeof(u32), end); | |
143 | if (ret < 0) { | |
144 | pr_err("error %d building request\n", ret); | |
145 | return ret; | |
146 | } | |
147 | dout(" built request %d bytes\n", ret); | |
148 | ceph_encode_32(&p, ret); | |
149 | return p + ret - msg_buf; | |
150 | } | |
151 | ||
4e7a5dcd SW |
152 | /* |
153 | * Handle auth message from monitor. | |
154 | */ | |
155 | int ceph_handle_auth_reply(struct ceph_auth_client *ac, | |
156 | void *buf, size_t len, | |
157 | void *reply_buf, size_t reply_len) | |
158 | { | |
159 | void *p = buf; | |
160 | void *end = buf + len; | |
161 | int protocol; | |
162 | s32 result; | |
163 | u64 global_id; | |
164 | void *payload, *payload_end; | |
165 | int payload_len; | |
166 | char *result_msg; | |
167 | int result_msg_len; | |
168 | int ret = -EINVAL; | |
169 | ||
170 | dout("handle_auth_reply %p %p\n", p, end); | |
171 | ceph_decode_need(&p, end, sizeof(u32) * 3 + sizeof(u64), bad); | |
172 | protocol = ceph_decode_32(&p); | |
173 | result = ceph_decode_32(&p); | |
174 | global_id = ceph_decode_64(&p); | |
175 | payload_len = ceph_decode_32(&p); | |
176 | payload = p; | |
177 | p += payload_len; | |
178 | ceph_decode_need(&p, end, sizeof(u32), bad); | |
179 | result_msg_len = ceph_decode_32(&p); | |
180 | result_msg = p; | |
181 | p += result_msg_len; | |
182 | if (p != end) | |
183 | goto bad; | |
184 | ||
185 | dout(" result %d '%.*s' gid %llu len %d\n", result, result_msg_len, | |
186 | result_msg, global_id, payload_len); | |
187 | ||
188 | payload_end = payload + payload_len; | |
189 | ||
190 | if (global_id && ac->global_id != global_id) { | |
191 | dout(" set global_id %lld -> %lld\n", ac->global_id, global_id); | |
192 | ac->global_id = global_id; | |
193 | } | |
194 | ||
195 | if (ac->negotiating) { | |
dc14657c YS |
196 | /* server does not support our protocols? */ |
197 | if (!protocol && result < 0) { | |
198 | ret = result; | |
199 | goto out; | |
200 | } | |
4e7a5dcd SW |
201 | /* set up (new) protocol handler? */ |
202 | if (ac->protocol && ac->protocol != protocol) { | |
203 | ac->ops->destroy(ac); | |
204 | ac->protocol = 0; | |
205 | ac->ops = NULL; | |
206 | } | |
207 | if (ac->protocol != protocol) { | |
208 | ret = ceph_auth_init_protocol(ac, protocol); | |
209 | if (ret) { | |
210 | pr_err("error %d on auth protocol %d init\n", | |
211 | ret, protocol); | |
212 | goto out; | |
213 | } | |
214 | } | |
9bd2e6f8 SW |
215 | |
216 | ac->negotiating = false; | |
4e7a5dcd SW |
217 | } |
218 | ||
219 | ret = ac->ops->handle_reply(ac, result, payload, payload_end); | |
220 | if (ret == -EAGAIN) { | |
9bd2e6f8 | 221 | return ceph_build_auth_request(ac, reply_buf, reply_len); |
4e7a5dcd SW |
222 | } else if (ret) { |
223 | pr_err("authentication error %d\n", ret); | |
224 | return ret; | |
225 | } | |
226 | return 0; | |
227 | ||
228 | bad: | |
229 | pr_err("failed to decode auth msg\n"); | |
230 | out: | |
231 | return ret; | |
232 | } | |
233 | ||
9bd2e6f8 SW |
234 | int ceph_build_auth(struct ceph_auth_client *ac, |
235 | void *msg_buf, size_t msg_len) | |
236 | { | |
237 | if (!ac->protocol) | |
238 | return ceph_auth_build_hello(ac, msg_buf, msg_len); | |
239 | BUG_ON(!ac->ops); | |
240 | if (!ac->ops->is_authenticated(ac)) | |
241 | return ceph_build_auth_request(ac, msg_buf, msg_len); | |
242 | return 0; | |
243 | } | |
4e7a5dcd | 244 | |
9bd2e6f8 SW |
245 | int ceph_auth_is_authenticated(struct ceph_auth_client *ac) |
246 | { | |
247 | if (!ac->ops) | |
248 | return 0; | |
249 | return ac->ops->is_authenticated(ac); | |
250 | } |