ceph/src/auth/cephx/CephxAuthorizeHandler.cc

   1 #include "CephxProtocol.h"
   2 #include "CephxAuthorizeHandler.h"
   3 #include "common/dout.h"
   4
   5 #define dout_subsys ceph_subsys_auth
   6
   7
   8
   9 bool CephxAuthorizeHandler::verify_authorizer(
  10   CephContext *cct, KeyStore *keys,
  11   bufferlist& authorizer_data, bufferlist& authorizer_reply,
  12   EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info,
  13   CryptoKey& session_key, uint64_t *auid,
  14   std::unique_ptr<AuthAuthorizerChallenge> *challenge)
  15 {
  16   bufferlist::iterator iter = authorizer_data.begin();
  17
  18   if (!authorizer_data.length()) {
  19     ldout(cct, 1) << "verify authorizer, authorizer_data.length()=0" << dendl;
  20     return false;
  21   }
  22
  23   CephXServiceTicketInfo auth_ticket_info;
  24
  25   bool isvalid = cephx_verify_authorizer(cct, keys, iter, auth_ticket_info, challenge,
  26                                          authorizer_reply);
  27
  28   if (isvalid) {
  29     caps_info = auth_ticket_info.ticket.caps;
  30     entity_name = auth_ticket_info.ticket.name;
  31     global_id = auth_ticket_info.ticket.global_id;
  32     session_key = auth_ticket_info.session_key;
  33     if (auid) *auid = auth_ticket_info.ticket.auid;
  34   }
  35
  36   return isvalid;
  37 }
  38
  39 // Return type of crypto used for this session's data;  for cephx, symmetric authentication
  40
  41 int CephxAuthorizeHandler::authorizer_session_crypto()
  42 {
  43   return SESSION_SYMMETRIC_AUTHENTICATE;
  44 }