RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2025-01-11 13:41:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

crimson/net: dummy auth for protocol v2

Browse Source 
Signed-off-by: Yingxin Cheng <yingxincheng@gmail.com>
This commit is contained in:
Yingxin Cheng 2019-03-11 16:19:24 +08:00 committed by Kefu Chai
parent a12875300a
commit 7bc2abfd3b
6 changed files with 218 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
src/crimson/auth/AuthClient.h Normal file
View File

@ -0,0 +1,53 @@
// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab
#pragma once
#include <vector>
#include "crimson/net/Fwd.h"
class CryptoKey;
namespace ceph::auth {
// TODO: revisit interfaces for non-dummy implementations
class AuthClient {
public:
virtual ~AuthClient() {}
// Build an authentication request to begin the handshake
virtual int get_auth_request(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
uint32_t *method,
std::vector<uint32_t> *preferred_modes,
bufferlist *out) = 0;
// Handle server's request to continue the handshake
virtual int handle_auth_reply_more(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
const bufferlist& bl,
bufferlist *reply) = 0;
// Handle server's indication that authentication succeeded
virtual int handle_auth_done(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
uint64_t global_id,
uint32_t con_mode,
const bufferlist& bl,
CryptoKey *session_key,
std::string *connection_secret) = 0;
// Handle server's indication that the previous auth attempt failed
virtual int handle_auth_bad_method(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
uint32_t old_auth_method,
int result,
const std::vector<uint32_t>& allowed_methods,
const std::vector<uint32_t>& allowed_modes) = 0;
};
} // namespace ceph::auth

72
src/crimson/auth/AuthServer.h Normal file
View File

@ -0,0 +1,72 @@
// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab
#pragma once
#include <vector>
#include "auth/AuthAuthorizeHandler.h"
#include "crimson/net/Fwd.h"
namespace ceph::auth {
// TODO: revisit interfaces for non-dummy implementations
class AuthServer {
public:
// TODO:
// AuthRegistry auth_registry;
AuthServer() {}
virtual ~AuthServer() {}
// Get authentication methods and connection modes for the given peer type
virtual void get_supported_auth_methods(
int peer_type,
std::vector<uint32_t> *methods,
std::vector<uint32_t> *modes = nullptr) {
// auth_registry.get_supported_methods(peer_type, methods, modes);
*methods = { CEPH_AUTH_NONE };
if (modes != nullptr) {
*modes = { CEPH_CON_MODE_CRC };
}
}
// Get support connection modes for the given peer type and auth method
virtual void get_supported_con_modes(
int peer_type,
uint32_t auth_method,
std::vector<uint32_t> *modes) {
// auth_registry.get_supported_modes(peer_type, auth_method, modes);
*modes = { CEPH_CON_MODE_CRC };
}
// Get support connection modes for the given peer type and auth method
virtual uint32_t pick_con_mode(
int peer_type,
uint32_t auth_method,
const std::vector<uint32_t>& preferred_modes) {
// return auth_registry.pick_mode(peer_type, auth_method, preferred_modes);
ceph_assert(auth_method == CEPH_AUTH_NONE);
ceph_assert(preferred_modes.size() &&
preferred_modes[0] == CEPH_CON_MODE_CRC);
return CEPH_CON_MODE_CRC;
}
// return an AuthAuthorizeHandler for the given peer type and auth method
AuthAuthorizeHandler *get_auth_authorize_handler(
int peer_type,
int auth_method) {
// return auth_registry.get_handler(peer_type, auth_method);
return nullptr;
}
// Handle an authentication request on an incoming connection
virtual int handle_auth_request(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
bool more, //< true if this is not the first part of the handshake
uint32_t auth_method,
const bufferlist& bl,
bufferlist *reply) = 0;
};
} // namespace ceph::auth

67
src/crimson/auth/DummyAuth.h Normal file
View File

@ -0,0 +1,67 @@
// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab
#include "AuthClient.h"
#include "AuthServer.h"
namespace ceph::auth {
class DummyAuthClientServer : public AuthClient,
public AuthServer {
public:
DummyAuthClientServer() {}
// client
int get_auth_request(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
uint32_t *method,
std::vector<uint32_t> *preferred_modes,
bufferlist *out) override {
*method = CEPH_AUTH_NONE;
*preferred_modes = { CEPH_CON_MODE_CRC };
return 0;
}
int handle_auth_reply_more(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
const bufferlist& bl,
bufferlist *reply) override {
ceph_abort();
}
int handle_auth_done(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
uint64_t global_id,
uint32_t con_mode,
const bufferlist& bl,
CryptoKey *session_key,
std::string *connection_secret) {
return 0;
}
int handle_auth_bad_method(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
uint32_t old_auth_method,
int result,
const std::vector<uint32_t>& allowed_methods,
const std::vector<uint32_t>& allowed_modes) override {
ceph_abort();
}
// server
int handle_auth_request(
ceph::net::ConnectionRef conn,
AuthConnectionMetaRef auth_meta,
bool more,
uint32_t auth_method,
const bufferlist& bl,
bufferlist *reply) override {
return 1;
}
};
} // namespace ceph::auth

16
src/crimson/net/Messenger.h
View File

@ -22,6 +22,11 @@
class AuthAuthorizer;
namespace ceph::auth {
class AuthClient;
class AuthServer;
}
namespace ceph::net {
using Throttle = ceph::thread::Throttle;
@ -33,6 +38,10 @@ class Messenger {
uint32_t global_seq = 0;
uint32_t crc_flags = 0;
public:
ceph::auth::AuthClient *auth_client = 0;
ceph::auth::AuthServer *auth_server = 0;
public:
Messenger(const entity_name_t& name)
: my_name(name)
@ -88,6 +97,13 @@ class Messenger {
crc_flags |= MSG_CRC_HEADER;
}
void set_auth_client(ceph::auth::AuthClient *ac) {
auth_client = ac;
}
void set_auth_server(ceph::auth::AuthServer *as) {
auth_server = as;
}
// get the local messenger shard if it is accessed by another core
virtual Messenger* get_local_shard() {
return this;

3
src/crimson/net/ProtocolV2.cc
View File

@ -5,6 +5,9 @@
#include "include/msgr.h"
#include "crimson/auth/AuthClient.h"
#include "crimson/auth/AuthServer.h"
#include "Dispatcher.h"
#include "Errors.h"
#include "Socket.h"

7
src/test/crimson/test_alien_echo.cc
View File

@ -2,6 +2,7 @@
#include "auth/Auth.h"
#include "messages/MPing.h"
#include "crimson/auth/DummyAuth.h"
#include "crimson/net/Connection.h"
#include "crimson/net/Dispatcher.h"
#include "crimson/net/Messenger.h"
@ -37,6 +38,7 @@ struct DummyAuthAuthorizer : public AuthAuthorizer {
struct Server {
ceph::thread::Throttle byte_throttler;
ceph::net::Messenger& msgr;
ceph::auth::DummyAuthClientServer dummy_auth;
struct ServerDispatcher : ceph::net::Dispatcher {
unsigned count = 0;
seastar::condition_variable on_reply;
@ -73,6 +75,7 @@ struct Server {
struct Client {
ceph::thread::Throttle byte_throttler;
ceph::net::Messenger& msgr;
ceph::auth::DummyAuthClientServer dummy_auth;
struct ClientDispatcher : ceph::net::Dispatcher {
unsigned count = 0;
seastar::condition_variable on_reply;
@ -161,6 +164,8 @@ seastar_echo(const entity_addr_t addr, echo_role role, unsigned count)
// bind the server
server.msgr.set_policy_throttler(entity_name_t::TYPE_OSD,
&server.byte_throttler);
server.msgr.set_auth_client(&server.dummy_auth);
server.msgr.set_auth_server(&server.dummy_auth);
return server.msgr.bind(entity_addrvec_t{addr})
.then([&server] {
return server.msgr.start(&server.dispatcher);
@ -183,6 +188,8 @@ seastar_echo(const entity_addr_t addr, echo_role role, unsigned count)
std::cout << "client sending to " << addr << std::endl;
client.msgr.set_policy_throttler(entity_name_t::TYPE_OSD,
&client.byte_throttler);
client.msgr.set_auth_client(&client.dummy_auth);
client.msgr.set_auth_server(&client.dummy_auth);
return client.msgr.start(&client.dispatcher)
.then([addr, &client] {
return client.msgr.connect(addr, entity_name_t::TYPE_OSD);