1 #include "CephxProtocol.h"
2 #include "CephxAuthorizeHandler.h"
3 #include "common/dout.h"
5 #define dout_subsys ceph_subsys_auth
9 bool CephxAuthorizeHandler::verify_authorizer(
10 CephContext
*cct
, KeyStore
*keys
,
11 bufferlist
& authorizer_data
, bufferlist
& authorizer_reply
,
12 EntityName
& entity_name
, uint64_t& global_id
, AuthCapsInfo
& caps_info
,
13 CryptoKey
& session_key
, uint64_t *auid
,
14 std::unique_ptr
<AuthAuthorizerChallenge
> *challenge
)
16 bufferlist::iterator iter
= authorizer_data
.begin();
18 if (!authorizer_data
.length()) {
19 ldout(cct
, 1) << "verify authorizer, authorizer_data.length()=0" << dendl
;
23 CephXServiceTicketInfo auth_ticket_info
;
25 bool isvalid
= cephx_verify_authorizer(cct
, keys
, iter
, auth_ticket_info
, challenge
,
29 caps_info
= auth_ticket_info
.ticket
.caps
;
30 entity_name
= auth_ticket_info
.ticket
.name
;
31 global_id
= auth_ticket_info
.ticket
.global_id
;
32 session_key
= auth_ticket_info
.session_key
;
33 if (auid
) *auid
= auth_ticket_info
.ticket
.auid
;
39 // Return type of crypto used for this session's data; for cephx, symmetric authentication
41 int CephxAuthorizeHandler::authorizer_session_crypto()
43 return SESSION_SYMMETRIC_AUTHENTICATE
;