]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | #include "CephxProtocol.h" |
2 | #include "CephxAuthorizeHandler.h" | |
3 | #include "common/dout.h" | |
4 | ||
5 | #define dout_subsys ceph_subsys_auth | |
6 | ||
7 | ||
8 | ||
28e407b8 AA |
9 | bool CephxAuthorizeHandler::verify_authorizer( |
10 | CephContext *cct, KeyStore *keys, | |
11 | bufferlist& authorizer_data, bufferlist& authorizer_reply, | |
12 | EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info, | |
13 | CryptoKey& session_key, uint64_t *auid, | |
14 | std::unique_ptr<AuthAuthorizerChallenge> *challenge) | |
7c673cae FG |
15 | { |
16 | bufferlist::iterator iter = authorizer_data.begin(); | |
17 | ||
18 | if (!authorizer_data.length()) { | |
19 | ldout(cct, 1) << "verify authorizer, authorizer_data.length()=0" << dendl; | |
20 | return false; | |
21 | } | |
22 | ||
23 | CephXServiceTicketInfo auth_ticket_info; | |
24 | ||
28e407b8 AA |
25 | bool isvalid = cephx_verify_authorizer(cct, keys, iter, auth_ticket_info, challenge, |
26 | authorizer_reply); | |
7c673cae FG |
27 | |
28 | if (isvalid) { | |
29 | caps_info = auth_ticket_info.ticket.caps; | |
30 | entity_name = auth_ticket_info.ticket.name; | |
31 | global_id = auth_ticket_info.ticket.global_id; | |
32 | session_key = auth_ticket_info.session_key; | |
33 | if (auid) *auid = auth_ticket_info.ticket.auid; | |
34 | } | |
35 | ||
36 | return isvalid; | |
37 | } | |
38 | ||
39 | // Return type of crypto used for this session's data; for cephx, symmetric authentication | |
40 | ||
41 | int CephxAuthorizeHandler::authorizer_session_crypto() | |
42 | { | |
43 | return SESSION_SYMMETRIC_AUTHENTICATE; | |
44 | } |