Startsida Utforska Hjälp
Registrera dig Logga in
dingyu
/
CooCenter-System-kernel
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Gren: master
Grenar Taggar
CooCenter-Sy...
/
include
/
linux
/
ceph
/
auth.h

auth.h 4.6 KB
Permalänk Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. #ifndef _FS_CEPH_AUTH_H
    2. 

  2. #define _FS_CEPH_AUTH_H
    3. 

  3. 

  4. #include <linux/ceph/types.h>
    5. 

  5. #include <linux/ceph/buffer.h>
    6. 

  6. 

  7. /*
    8. 

  8.  * Abstract interface for communicating with the authenticate module.
    9. 

  9.  * There is some handshake that takes place between us and the monitor
    10. 

  10.  * to acquire the necessary keys.  These are used to generate an
    11. 

  11.  * 'authorizer' that we use when connecting to a service (mds, osd).
    12. 

  12.  */
    13. 

  13. 

  14. struct ceph_auth_client;
    15. 

  15. struct ceph_authorizer;
    16. 

  16. struct ceph_msg;
    17. 

  17. 

  18. struct ceph_auth_handshake {
    19. 

  19. 	struct ceph_authorizer *authorizer;
    20. 

  20. 	void *authorizer_buf;
    21. 

  21. 	size_t authorizer_buf_len;
    22. 

  22. 	void *authorizer_reply_buf;
    23. 

  23. 	size_t authorizer_reply_buf_len;
    24. 

  24. 	int (*sign_message)(struct ceph_auth_handshake *auth,
    25. 

  25. 			    struct ceph_msg *msg);
    26. 

  26. 	int (*check_message_signature)(struct ceph_auth_handshake *auth,
    27. 

  27. 				       struct ceph_msg *msg);
    28. 

  28. };
    29. 

  29. 

  30. struct ceph_auth_client_ops {
    31. 

  31. 	const char *name;
    32. 

  32. 

  33. 	/*
    34. 

  34. 	 * true if we are authenticated and can connect to
    35. 

  35. 	 * services.
    36. 

  36. 	 */
    37. 

  37. 	int (*is_authenticated)(struct ceph_auth_client *ac);
    38. 

  38. 

  39. 	/*
    40. 

  40. 	 * true if we should (re)authenticate, e.g., when our tickets
    41. 

  41. 	 * are getting old and crusty.
    42. 

  42. 	 */
    43. 

  43. 	int (*should_authenticate)(struct ceph_auth_client *ac);
    44. 

  44. 

  45. 	/*
    46. 

  46. 	 * build requests and process replies during monitor
    47. 

  47. 	 * handshake.  if handle_reply returns -EAGAIN, we build
    48. 

  48. 	 * another request.
    49. 

  49. 	 */
    50. 

  50. 	int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end);
    51. 

  51. 	int (*handle_reply)(struct ceph_auth_client *ac, int result,
    52. 

  52. 			    void *buf, void *end);
    53. 

  53. 

  54. 	/*
    55. 

  55. 	 * Create authorizer for connecting to a service, and verify
    56. 

  56. 	 * the response to authenticate the service.
    57. 

  57. 	 */
    58. 

  58. 	int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
    59. 

  59. 				 struct ceph_auth_handshake *auth);
    60. 

  60. 	/* ensure that an existing authorizer is up to date */
    61. 

  61. 	int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
    62. 

  62. 				 struct ceph_auth_handshake *auth);
    63. 

  63. 	int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
    64. 

  64. 				       struct ceph_authorizer *a, size_t len);
    65. 

  65. 	void (*destroy_authorizer)(struct ceph_auth_client *ac,
    66. 

  66. 				   struct ceph_authorizer *a);
    67. 

  67. 	void (*invalidate_authorizer)(struct ceph_auth_client *ac,
    68. 

  68. 				      int peer_type);
    69. 

  69. 

  70. 	/* reset when we (re)connect to a monitor */
    71. 

  71. 	void (*reset)(struct ceph_auth_client *ac);
    72. 

  72. 

  73. 	void (*destroy)(struct ceph_auth_client *ac);
    74. 

  74. 

  75. 	int (*sign_message)(struct ceph_auth_handshake *auth,
    76. 

  76. 			    struct ceph_msg *msg);
    77. 

  77. 	int (*check_message_signature)(struct ceph_auth_handshake *auth,
    78. 

  78. 				       struct ceph_msg *msg);
    79. 

  79. };
    80. 

  80. 

  81. struct ceph_auth_client {
    82. 

  82. 	u32 protocol;           /* CEPH_AUTH_* */
    83. 

  83. 	void *private;          /* for use by protocol implementation */
    84. 

  84. 	const struct ceph_auth_client_ops *ops;  /* null iff protocol==0 */
    85. 

  85. 

  86. 	bool negotiating;       /* true if negotiating protocol */
    87. 

  87. 	const char *name;       /* entity name */
    88. 

  88. 	u64 global_id;          /* our unique id in system */
    89. 

  89. 	const struct ceph_crypto_key *key;     /* our secret key */
    90. 

  90. 	unsigned want_keys;     /* which services we want */
    91. 

  91. 

  92. 	struct mutex mutex;
    93. 

  93. };
    94. 

  94. 

  95. extern struct ceph_auth_client *ceph_auth_init(const char *name,
    96. 

  96. 					       const struct ceph_crypto_key *key);
    97. 

  97. extern void ceph_auth_destroy(struct ceph_auth_client *ac);
    98. 

  98. 

  99. extern void ceph_auth_reset(struct ceph_auth_client *ac);
    100. 

  100. 

  101. extern int ceph_auth_build_hello(struct ceph_auth_client *ac,
    102. 

  102. 				 void *buf, size_t len);
    103. 

  103. extern int ceph_handle_auth_reply(struct ceph_auth_client *ac,
    104. 

  104. 				  void *buf, size_t len,
    105. 

  105. 				  void *reply_buf, size_t reply_len);
    106. 

  106. extern int ceph_entity_name_encode(const char *name, void **p, void *end);
    107. 

  107. 

  108. extern int ceph_build_auth(struct ceph_auth_client *ac,
    109. 

  109. 		    void *msg_buf, size_t msg_len);
    110. 

  110. 

  111. extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac);
    112. 

  112. extern int ceph_auth_create_authorizer(struct ceph_auth_client *ac,
    113. 

  113. 				       int peer_type,
    114. 

  114. 				       struct ceph_auth_handshake *auth);
    115. 

  115. extern void ceph_auth_destroy_authorizer(struct ceph_auth_client *ac,
    116. 

  116. 					 struct ceph_authorizer *a);
    117. 

  117. extern int ceph_auth_update_authorizer(struct ceph_auth_client *ac,
    118. 

  118. 				       int peer_type,
    119. 

  119. 				       struct ceph_auth_handshake *a);
    120. 

  120. extern int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac,
    121. 

  121. 					     struct ceph_authorizer *a,
    122. 

  122. 					     size_t len);
    123. 

  123. extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac,
    124. 

  124. 					    int peer_type);
    125. 

  125. 

  126. static inline int ceph_auth_sign_message(struct ceph_auth_handshake *auth,
    127. 

  127. 					 struct ceph_msg *msg)
    128. 

  128. {
    129. 

  129. 	if (auth->sign_message)
    130. 

  130. 		return auth->sign_message(auth, msg);
    131. 

  131. 	return 0;
    132. 

  132. }
    133. 

  133. 

  134. static inline
    135. 

  135. int ceph_auth_check_message_signature(struct ceph_auth_handshake *auth,
    136. 

  136. 				      struct ceph_msg *msg)
    137. 

  137. {
    138. 

  138. 	if (auth->check_message_signature)
    139. 

  139. 		return auth->check_message_signature(auth, msg);
    140. 

  140. 	return 0;
    141. 

  141. }
    142. 

  142. #endif
    143.