]>
git.proxmox.com Git - ceph.git/blob - ceph/src/auth/RotatingKeyRing.cc
e48127aa64b85b059e5210c7720e45764e95a1af
3 #include "common/debug.h"
4 #include "auth/RotatingKeyRing.h"
5 #include "auth/KeyRing.h"
7 #define dout_subsys ceph_subsys_auth
9 #define dout_prefix *_dout << "auth: "
12 bool RotatingKeyRing::need_new_secrets() const
14 Mutex::Locker
l(lock
);
15 return secrets
.need_new_secrets();
18 bool RotatingKeyRing::need_new_secrets(utime_t now
) const
20 Mutex::Locker
l(lock
);
21 return secrets
.need_new_secrets(now
);
24 void RotatingKeyRing::set_secrets(RotatingSecrets
&& s
)
26 Mutex::Locker
l(lock
);
27 secrets
= std::move(s
);
31 void RotatingKeyRing::dump_rotating() const
33 ldout(cct
, 10) << "dump_rotating:" << dendl
;
34 for (map
<uint64_t, ExpiringCryptoKey
>::const_iterator iter
= secrets
.secrets
.begin();
35 iter
!= secrets
.secrets
.end();
37 ldout(cct
, 10) << " id " << iter
->first
<< " " << iter
->second
<< dendl
;
40 bool RotatingKeyRing::get_secret(const EntityName
& name
, CryptoKey
& secret
) const
42 Mutex::Locker
l(lock
);
43 return keyring
->get_secret(name
, secret
);
46 bool RotatingKeyRing::get_service_secret(uint32_t service_id_
, uint64_t secret_id
,
47 CryptoKey
& secret
) const
49 Mutex::Locker
l(lock
);
51 if (service_id_
!= this->service_id
) {
52 ldout(cct
, 0) << "do not have service " << ceph_entity_type_name(service_id_
)
53 << ", i am " << ceph_entity_type_name(this->service_id
) << dendl
;
57 map
<uint64_t, ExpiringCryptoKey
>::const_iterator iter
=
58 secrets
.secrets
.find(secret_id
);
59 if (iter
== secrets
.secrets
.end()) {
60 ldout(cct
, 0) << "could not find secret_id=" << secret_id
<< dendl
;
65 secret
= iter
->second
.key
;
69 KeyRing
*RotatingKeyRing::