auth: Add an auid parameter to verify_authorizer and handle_request

It defaults to null, in which case it's not assigned to. auth: add optional auid param to handle_request
att · Mar 5, 2010 · 846acac · 846acac
1 parent 4637d18
commit 846acac
Show file tree

Hide file tree

Showing 9 changed files with 16 additions and 9 deletions.
diff --git a/src/auth/AuthAuthorizeHandler.h b/src/auth/AuthAuthorizeHandler.h
@@ -26,7 +26,8 @@ struct AuthAuthorizeHandler {
   virtual ~AuthAuthorizeHandler() {}
   virtual bool verify_authorizer(KeyStore *keys,
 				 bufferlist& authorizer_data, bufferlist& authorizer_reply,
-                                 EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info) = 0;
+                                 EntityName& entity_name, uint64_t& global_id,
+				 AuthCapsInfo& caps_info, __u64 *auid = NULL) = 0;
 };
 
 extern AuthAuthorizeHandler *get_authorize_handler(int protocol);

diff --git a/src/auth/AuthServiceHandler.h b/src/auth/AuthServiceHandler.h
@@ -30,7 +30,7 @@ struct AuthServiceHandler {
   virtual ~AuthServiceHandler() { }
 
   virtual int start_session(EntityName& name, bufferlist::iterator& indata, bufferlist& result, AuthCapsInfo& caps) = 0;
-  virtual int handle_request(bufferlist::iterator& indata, bufferlist& result, uint64_t& global_id, AuthCapsInfo& caps) = 0;
+  virtual int handle_request(bufferlist::iterator& indata, bufferlist& result, uint64_t& global_id, AuthCapsInfo& caps, __u64 *auid = NULL) = 0;
 
   EntityName& get_entity_name() { return entity_name; }
 };

diff --git a/src/auth/cephx/CephxAuthorizeHandler.cc b/src/auth/cephx/CephxAuthorizeHandler.cc
@@ -7,7 +7,7 @@
 
 bool CephxAuthorizeHandler::verify_authorizer(KeyStore *keys,
 					      bufferlist& authorizer_data, bufferlist& authorizer_reply,
-                                              EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info)
+                                              EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info, __u64 *auid)
 {
   bufferlist::iterator iter = authorizer_data.begin();
 
@@ -25,6 +25,7 @@ bool CephxAuthorizeHandler::verify_authorizer(KeyStore *keys,
     caps_info = auth_ticket_info.ticket.caps;
     entity_name = auth_ticket_info.ticket.name;
     global_id = auth_ticket_info.ticket.global_id;
+    if (auid) *auid = auth_ticket_info.ticket.auid;
   }
 
   return isvalid;

diff --git a/src/auth/cephx/CephxAuthorizeHandler.h b/src/auth/cephx/CephxAuthorizeHandler.h
@@ -20,7 +20,8 @@
 struct CephxAuthorizeHandler : public AuthAuthorizeHandler {
   bool verify_authorizer(KeyStore *keys,
 			 bufferlist& authorizer_data, bufferlist& authorizer_reply,
-                         EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info);
+                         EntityName& entity_name, uint64_t& global_id,
+			 AuthCapsInfo& caps_info, __u64 *auid = NULL);
 };
 
 

diff --git a/src/auth/cephx/CephxServiceHandler.cc b/src/auth/cephx/CephxServiceHandler.cc
@@ -44,7 +44,7 @@ int CephxServiceHandler::start_session(EntityName& name, bufferlist::iterator& i
   return CEPH_AUTH_CEPHX;
 }
 
-int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps)
+int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps, __u64 *auid)
 {
   int ret = 0;
 
@@ -107,6 +107,8 @@ int CephxServiceHandler::handle_request(bufferlist::iterator& indata, bufferlist
       info.ticket.auid = eauth.auid;
       info.validity += g_conf.auth_mon_ticket_ttl;
 
+      if (auid) *auid = eauth.auid;
+
       key_server->generate_secret(session_key);
 
       info.session_key = session_key;

diff --git a/src/auth/cephx/CephxServiceHandler.h b/src/auth/cephx/CephxServiceHandler.h
@@ -29,7 +29,7 @@ class CephxServiceHandler  : public AuthServiceHandler {
   ~CephxServiceHandler() {}
 
   int start_session(EntityName& name, bufferlist::iterator& indata, bufferlist& result_bl, AuthCapsInfo& caps);
-  int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps);
+  int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps, __u64 *auid = NULL);
   void build_cephx_response_header(int request_type, int status, bufferlist& bl);
 };
 

diff --git a/src/auth/none/AuthNoneAuthorizeHandler.cc b/src/auth/none/AuthNoneAuthorizeHandler.cc
@@ -5,7 +5,8 @@
 
 bool AuthNoneAuthorizeHandler::verify_authorizer(KeyStore *keys,
 						 bufferlist& authorizer_data, bufferlist& authorizer_reply,
-						 EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info)
+						 EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info,
+__u64 *auid)
 {
   bufferlist::iterator iter = authorizer_data.begin();
 

diff --git a/src/auth/none/AuthNoneAuthorizeHandler.h b/src/auth/none/AuthNoneAuthorizeHandler.h
@@ -20,7 +20,8 @@
 struct AuthNoneAuthorizeHandler : public AuthAuthorizeHandler {
   bool verify_authorizer(KeyStore *keys,
 			 bufferlist& authorizer_data, bufferlist& authorizer_reply,
-                         EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info);
+                         EntityName& entity_name, uint64_t& global_id,
+			 AuthCapsInfo& caps_info, __u64 *auid=NULL);
 };
 
 

diff --git a/src/auth/none/AuthNoneServiceHandler.h b/src/auth/none/AuthNoneServiceHandler.h
@@ -28,7 +28,7 @@ class AuthNoneServiceHandler  : public AuthServiceHandler {
     caps.allow_all = true;
     return CEPH_AUTH_NONE;
   }
-  int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps) {
+  int handle_request(bufferlist::iterator& indata, bufferlist& result_bl, uint64_t& global_id, AuthCapsInfo& caps, __u64 *auid = NULL) {
     assert(0);  // shouldn't get called
     return 0;
   }