mirror of
https://github.com/ceph/ceph
synced 2025-03-29 15:03:39 +00:00
common/auth: add override in headers
Signed-off-by: liuchang0812 <liuchang0812@gmail.com>
This commit is contained in:
liuchang0812
parent
da06227c7f
commit
4975d6d3d1
@ -81,7 +81,7 @@ public:
|
||||
class CryptoNone : public CryptoHandler {
|
||||
public:
|
||||
CryptoNone() { }
|
||||
~CryptoNone() {}
|
||||
~CryptoNone() override {}
|
||||
int get_type() const override {
|
||||
return CEPH_CRYPTO_NONE;
|
||||
}
|
||||
@ -103,7 +103,7 @@ public:
|
||||
class CryptoAES : public CryptoHandler {
|
||||
public:
|
||||
CryptoAES() { }
|
||||
~CryptoAES() {}
|
||||
~CryptoAES() override {}
|
||||
int get_type() const override {
|
||||
return CEPH_CRYPTO_AES;
|
||||
}
|
||||
@ -267,7 +267,7 @@ public:
|
||||
slot(NULL),
|
||||
key(NULL),
|
||||
param(NULL) {}
|
||||
~CryptoAESKeyHandler() {
|
||||
~CryptoAESKeyHandler() override {
|
||||
SECITEM_FreeItem(param, PR_TRUE);
|
||||
if (key)
|
||||
PK11_FreeSymKey(key);
|
||||
|
||||
@ -45,7 +45,7 @@ public:
|
||||
a = k->second;
|
||||
return true;
|
||||
}
|
||||
bool get_secret(const EntityName& name, CryptoKey& secret) const {
|
||||
bool get_secret(const EntityName& name, CryptoKey& secret) const override {
|
||||
map<EntityName, EntityAuth>::const_iterator k = keys.find(name);
|
||||
if (k == keys.end())
|
||||
return false;
|
||||
@ -53,7 +53,7 @@ public:
|
||||
return true;
|
||||
}
|
||||
bool get_service_secret(uint32_t service_id, uint64_t secret_id,
|
||||
CryptoKey& secret) const {
|
||||
CryptoKey& secret) const override {
|
||||
return false;
|
||||
}
|
||||
bool get_caps(const EntityName& name,
|
||||
|
||||
@ -43,9 +43,9 @@ public:
|
||||
bool need_new_secrets(utime_t now) const;
|
||||
void set_secrets(RotatingSecrets& s);
|
||||
void dump_rotating() const;
|
||||
bool get_secret(const EntityName& name, CryptoKey& secret) const;
|
||||
bool get_secret(const EntityName& name, CryptoKey& secret) const override;
|
||||
bool get_service_secret(uint32_t service_id, uint64_t secret_id,
|
||||
CryptoKey& secret) const;
|
||||
CryptoKey& secret) const override;
|
||||
KeyRing *get_keyring();
|
||||
};
|
||||
|
||||
|
||||
@ -23,8 +23,8 @@ struct CephxAuthorizeHandler : public AuthAuthorizeHandler {
|
||||
bool verify_authorizer(CephContext *cct, KeyStore *keys,
|
||||
bufferlist& authorizer_data, bufferlist& authorizer_reply,
|
||||
EntityName& entity_name, uint64_t& global_id,
|
||||
AuthCapsInfo& caps_info, CryptoKey& session_key, uint64_t *auid = NULL);
|
||||
int authorizer_session_crypto();
|
||||
AuthCapsInfo& caps_info, CryptoKey& session_key, uint64_t *auid = NULL) override;
|
||||
int authorizer_session_crypto() override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -47,29 +47,29 @@ public:
|
||||
reset();
|
||||
}
|
||||
|
||||
void reset() {
|
||||
void reset() override {
|
||||
RWLock::WLocker l(lock);
|
||||
starting = true;
|
||||
server_challenge = 0;
|
||||
}
|
||||
void prepare_build_request();
|
||||
int build_request(bufferlist& bl) const;
|
||||
int handle_response(int ret, bufferlist::iterator& iter);
|
||||
bool build_rotating_request(bufferlist& bl) const;
|
||||
void prepare_build_request() override;
|
||||
int build_request(bufferlist& bl) const override;
|
||||
int handle_response(int ret, bufferlist::iterator& iter) override;
|
||||
bool build_rotating_request(bufferlist& bl) const override;
|
||||
|
||||
int get_protocol() const { return CEPH_AUTH_CEPHX; }
|
||||
int get_protocol() const override { return CEPH_AUTH_CEPHX; }
|
||||
|
||||
AuthAuthorizer *build_authorizer(uint32_t service_id) const;
|
||||
AuthAuthorizer *build_authorizer(uint32_t service_id) const override;
|
||||
|
||||
bool need_tickets();
|
||||
bool need_tickets() override;
|
||||
|
||||
void set_global_id(uint64_t id) {
|
||||
void set_global_id(uint64_t id) override {
|
||||
RWLock::WLocker l(lock);
|
||||
global_id = id;
|
||||
tickets.global_id = id;
|
||||
}
|
||||
private:
|
||||
void validate_tickets();
|
||||
void validate_tickets() override;
|
||||
bool _need_tickets() const;
|
||||
};
|
||||
|
||||
|
||||
@ -200,7 +200,7 @@ public:
|
||||
KeyServer(CephContext *cct_, KeyRing *extra_secrets);
|
||||
bool generate_secret(CryptoKey& secret);
|
||||
|
||||
bool get_secret(const EntityName& name, CryptoKey& secret) const;
|
||||
bool get_secret(const EntityName& name, CryptoKey& secret) const override;
|
||||
bool get_auth(const EntityName& name, EntityAuth& auth) const;
|
||||
bool get_caps(const EntityName& name, const string& type, AuthCapsInfo& caps) const;
|
||||
bool get_active_rotating_secret(const EntityName& name, CryptoKey& secret) const;
|
||||
@ -217,7 +217,7 @@ public:
|
||||
bool get_service_secret(uint32_t service_id, CryptoKey& service_key,
|
||||
uint64_t& secret_id) const;
|
||||
bool get_service_secret(uint32_t service_id, uint64_t secret_id,
|
||||
CryptoKey& secret) const;
|
||||
CryptoKey& secret) const override;
|
||||
|
||||
bool generate_secret(EntityName& name, CryptoKey& secret);
|
||||
|
||||
|
||||
@ -278,7 +278,7 @@ public:
|
||||
: AuthAuthorizer(CEPH_AUTH_CEPHX), cct(cct_), nonce(0) {}
|
||||
|
||||
bool build_authorizer();
|
||||
bool verify_reply(bufferlist::iterator& reply);
|
||||
bool verify_reply(bufferlist::iterator& reply) override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -27,10 +27,10 @@ class CephxServiceHandler : public AuthServiceHandler {
|
||||
public:
|
||||
CephxServiceHandler(CephContext *cct_, KeyServer *ks)
|
||||
: AuthServiceHandler(cct_), key_server(ks), server_challenge(0) {}
|
||||
~CephxServiceHandler() {}
|
||||
~CephxServiceHandler() override {}
|
||||
|
||||
int start_session(EntityName& name, bufferlist::iterator& indata, bufferlist& result_bl, AuthCapsInfo& caps);
|
||||
int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps, uint64_t *auid = NULL);
|
||||
int start_session(EntityName& name, bufferlist::iterator& indata, bufferlist& result_bl, AuthCapsInfo& caps) override;
|
||||
int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps, uint64_t *auid = NULL) override;
|
||||
void build_cephx_response_header(int request_type, int status, bufferlist& bl);
|
||||
};
|
||||
|
||||
|
||||
@ -26,24 +26,24 @@ public:
|
||||
CephxSessionHandler(CephContext *cct_, CryptoKey session_key, uint64_t features)
|
||||
: AuthSessionHandler(cct_, CEPH_AUTH_CEPHX, session_key),
|
||||
features(features) {}
|
||||
~CephxSessionHandler() {}
|
||||
~CephxSessionHandler() override {}
|
||||
|
||||
bool no_security() {
|
||||
bool no_security() override {
|
||||
return false;
|
||||
}
|
||||
|
||||
int _calc_signature(Message *m, uint64_t *psig);
|
||||
|
||||
int sign_message(Message *m);
|
||||
int check_message_signature(Message *m) ;
|
||||
int sign_message(Message *m) override;
|
||||
int check_message_signature(Message *m) override ;
|
||||
|
||||
// Cephx does not currently encrypt messages, so just return 0 if called. PLR
|
||||
|
||||
int encrypt_message(Message *m) {
|
||||
int encrypt_message(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int decrypt_message(Message *m) {
|
||||
int decrypt_message(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -23,8 +23,8 @@ struct AuthNoneAuthorizeHandler : public AuthAuthorizeHandler {
|
||||
bool verify_authorizer(CephContext *cct, KeyStore *keys,
|
||||
bufferlist& authorizer_data, bufferlist& authorizer_reply,
|
||||
EntityName& entity_name, uint64_t& global_id,
|
||||
AuthCapsInfo& caps_info, CryptoKey& session_key, uint64_t *auid=NULL);
|
||||
int authorizer_session_crypto();
|
||||
AuthCapsInfo& caps_info, CryptoKey& session_key, uint64_t *auid=NULL) override;
|
||||
int authorizer_session_crypto() override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -25,16 +25,16 @@ public:
|
||||
AuthNoneClientHandler(CephContext *cct_, RotatingKeyRing *rkeys)
|
||||
: AuthClientHandler(cct_) {}
|
||||
|
||||
void reset() { }
|
||||
void reset() override { }
|
||||
|
||||
void prepare_build_request() {}
|
||||
int build_request(bufferlist& bl) const { return 0; }
|
||||
int handle_response(int ret, bufferlist::iterator& iter) { return 0; }
|
||||
bool build_rotating_request(bufferlist& bl) const { return false; }
|
||||
void prepare_build_request() override {}
|
||||
int build_request(bufferlist& bl) const override { return 0; }
|
||||
int handle_response(int ret, bufferlist::iterator& iter) override { return 0; }
|
||||
bool build_rotating_request(bufferlist& bl) const override { return false; }
|
||||
|
||||
int get_protocol() const { return CEPH_AUTH_NONE; }
|
||||
int get_protocol() const override { return CEPH_AUTH_NONE; }
|
||||
|
||||
AuthAuthorizer *build_authorizer(uint32_t service_id) const {
|
||||
AuthAuthorizer *build_authorizer(uint32_t service_id) const override {
|
||||
RWLock::RLocker l(lock);
|
||||
AuthNoneAuthorizer *auth = new AuthNoneAuthorizer();
|
||||
if (auth) {
|
||||
@ -43,14 +43,14 @@ public:
|
||||
return auth;
|
||||
}
|
||||
|
||||
bool need_tickets() { return false; }
|
||||
bool need_tickets() override { return false; }
|
||||
|
||||
void set_global_id(uint64_t id) {
|
||||
void set_global_id(uint64_t id) override {
|
||||
RWLock::WLocker l(lock);
|
||||
global_id = id;
|
||||
}
|
||||
private:
|
||||
void validate_tickets() {}
|
||||
void validate_tickets() override {}
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
@ -26,7 +26,7 @@ struct AuthNoneAuthorizer : public AuthAuthorizer {
|
||||
::encode(global_id, bl);
|
||||
return 0;
|
||||
}
|
||||
bool verify_reply(bufferlist::iterator& reply) { return true; }
|
||||
bool verify_reply(bufferlist::iterator& reply) override { return true; }
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
@ -24,14 +24,14 @@ class AuthNoneServiceHandler : public AuthServiceHandler {
|
||||
public:
|
||||
explicit AuthNoneServiceHandler(CephContext *cct_)
|
||||
: AuthServiceHandler(cct_) {}
|
||||
~AuthNoneServiceHandler() {}
|
||||
~AuthNoneServiceHandler() override {}
|
||||
|
||||
int start_session(EntityName& name, bufferlist::iterator& indata, bufferlist& result_bl, AuthCapsInfo& caps) {
|
||||
int start_session(EntityName& name, bufferlist::iterator& indata, bufferlist& result_bl, AuthCapsInfo& caps) override {
|
||||
entity_name = name;
|
||||
caps.allow_all = true;
|
||||
return CEPH_AUTH_NONE;
|
||||
}
|
||||
int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps, uint64_t *auid = NULL) {
|
||||
int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps, uint64_t *auid = NULL) override {
|
||||
return 0;
|
||||
}
|
||||
void build_cephx_response_header(int request_type, int status, bufferlist& bl) { }
|
||||
|
||||
@ -21,28 +21,28 @@ class AuthNoneSessionHandler : public AuthSessionHandler {
|
||||
public:
|
||||
AuthNoneSessionHandler(CephContext *cct_, CryptoKey session_key)
|
||||
: AuthSessionHandler(cct_, CEPH_AUTH_NONE, session_key) {}
|
||||
~AuthNoneSessionHandler() {}
|
||||
~AuthNoneSessionHandler() override {}
|
||||
|
||||
bool no_security() {
|
||||
bool no_security() override {
|
||||
return true;
|
||||
}
|
||||
|
||||
// The None suite neither signs nor encrypts messages, so these functions just return success.
|
||||
// Since nothing was signed or encrypted, don't increment the stats. PLR
|
||||
|
||||
int sign_message(Message *m) {
|
||||
int sign_message(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int check_message_signature(Message *m) {
|
||||
int check_message_signature(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int encrypt_message(Message *m) {
|
||||
int encrypt_message(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int decrypt_message(Message *m) {
|
||||
int decrypt_message(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -23,8 +23,8 @@ struct AuthUnknownAuthorizeHandler : public AuthAuthorizeHandler {
|
||||
bool verify_authorizer(CephContext *cct, KeyStore *keys,
|
||||
bufferlist& authorizer_data, bufferlist& authorizer_reply,
|
||||
EntityName& entity_name, uint64_t& global_id,
|
||||
AuthCapsInfo& caps_info, CryptoKey& session_key, uint64_t *auid=NULL);
|
||||
int authorizer_session_crypto();
|
||||
AuthCapsInfo& caps_info, CryptoKey& session_key, uint64_t *auid=NULL) override;
|
||||
int authorizer_session_crypto() override;
|
||||
};
|
||||
|
||||
|
||||
|
||||
@ -23,28 +23,28 @@ class AuthUnknownSessionHandler : public AuthSessionHandler {
|
||||
public:
|
||||
AuthUnknownSessionHandler(CephContext *cct_, CryptoKey session_key)
|
||||
: AuthSessionHandler(cct_, CEPH_AUTH_UNKNOWN, session_key) {}
|
||||
~AuthUnknownSessionHandler() {}
|
||||
~AuthUnknownSessionHandler() override {}
|
||||
|
||||
bool no_security() {
|
||||
bool no_security() override {
|
||||
return true;
|
||||
}
|
||||
|
||||
// The Unknown suite neither signs nor encrypts messages, so these functions just return success.
|
||||
// Since nothing was signed or encrypted, don't increment the stats. PLR
|
||||
|
||||
int sign_message(Message *m) {
|
||||
int sign_message(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int check_message_signature(Message *m) {
|
||||
int check_message_signature(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int encrypt_message(Message *m) {
|
||||
int encrypt_message(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
int decrypt_message(Message *m) {
|
||||
int decrypt_message(Message *m) override {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user