1 #include "CephxProtocol.h"
2 #include "CephxAuthorizeHandler.h"
3 #include "common/dout.h"
5 #define dout_subsys ceph_subsys_auth
9 bool CephxAuthorizeHandler::verify_authorizer(CephContext
*cct
, KeyStore
*keys
,
10 bufferlist
& authorizer_data
, bufferlist
& authorizer_reply
,
11 EntityName
& entity_name
, uint64_t& global_id
, AuthCapsInfo
& caps_info
, CryptoKey
& session_key
, uint64_t *auid
)
13 bufferlist::iterator iter
= authorizer_data
.begin();
15 if (!authorizer_data
.length()) {
16 ldout(cct
, 1) << "verify authorizer, authorizer_data.length()=0" << dendl
;
20 CephXServiceTicketInfo auth_ticket_info
;
22 bool isvalid
= cephx_verify_authorizer(cct
, keys
, iter
, auth_ticket_info
, authorizer_reply
);
25 caps_info
= auth_ticket_info
.ticket
.caps
;
26 entity_name
= auth_ticket_info
.ticket
.name
;
27 global_id
= auth_ticket_info
.ticket
.global_id
;
28 session_key
= auth_ticket_info
.session_key
;
29 if (auid
) *auid
= auth_ticket_info
.ticket
.auid
;
35 // Return type of crypto used for this session's data; for cephx, symmetric authentication
37 int CephxAuthorizeHandler::authorizer_session_crypto()
39 return SESSION_SYMMETRIC_AUTHENTICATE
;