Commit | Line | Data |
---|---|---|
4e7a5dcd SW |
1 | #include "ceph_debug.h" |
2 | ||
3 | #include <linux/module.h> | |
4 | #include <linux/err.h> | |
5 | ||
6 | #include "types.h" | |
7 | #include "auth_none.h" | |
ec0994e4 | 8 | #include "auth_x.h" |
4e7a5dcd SW |
9 | #include "decode.h" |
10 | #include "super.h" | |
11 | ||
12 | #include "messenger.h" | |
13 | ||
14 | /* | |
15 | * get protocol handler | |
16 | */ | |
17 | static u32 supported_protocols[] = { | |
ec0994e4 SW |
18 | CEPH_AUTH_NONE, |
19 | CEPH_AUTH_CEPHX | |
4e7a5dcd SW |
20 | }; |
21 | ||
22 | int ceph_auth_init_protocol(struct ceph_auth_client *ac, int protocol) | |
23 | { | |
24 | switch (protocol) { | |
25 | case CEPH_AUTH_NONE: | |
26 | return ceph_auth_none_init(ac); | |
ec0994e4 SW |
27 | case CEPH_AUTH_CEPHX: |
28 | return ceph_x_init(ac); | |
4e7a5dcd SW |
29 | default: |
30 | return -ENOENT; | |
31 | } | |
32 | } | |
33 | ||
34 | /* | |
35 | * setup, teardown. | |
36 | */ | |
37 | struct ceph_auth_client *ceph_auth_init(const char *name, const char *secret) | |
38 | { | |
39 | struct ceph_auth_client *ac; | |
40 | int ret; | |
41 | ||
42 | dout("auth_init name '%s' secret '%s'\n", name, secret); | |
43 | ||
44 | ret = -ENOMEM; | |
45 | ac = kzalloc(sizeof(*ac), GFP_NOFS); | |
46 | if (!ac) | |
47 | goto out; | |
48 | ||
49 | ac->negotiating = true; | |
50 | if (name) | |
51 | ac->name = name; | |
52 | else | |
53 | ac->name = CEPH_AUTH_NAME_DEFAULT; | |
54 | dout("auth_init name %s secret %s\n", ac->name, secret); | |
55 | ac->secret = secret; | |
56 | return ac; | |
57 | ||
58 | out: | |
59 | return ERR_PTR(ret); | |
60 | } | |
61 | ||
62 | void ceph_auth_destroy(struct ceph_auth_client *ac) | |
63 | { | |
64 | dout("auth_destroy %p\n", ac); | |
65 | if (ac->ops) | |
66 | ac->ops->destroy(ac); | |
67 | kfree(ac); | |
68 | } | |
69 | ||
70 | /* | |
71 | * Reset occurs when reconnecting to the monitor. | |
72 | */ | |
73 | void ceph_auth_reset(struct ceph_auth_client *ac) | |
74 | { | |
75 | dout("auth_reset %p\n", ac); | |
76 | if (ac->ops && !ac->negotiating) | |
77 | ac->ops->reset(ac); | |
78 | ac->negotiating = true; | |
79 | } | |
80 | ||
81 | int ceph_entity_name_encode(const char *name, void **p, void *end) | |
82 | { | |
83 | int len = strlen(name); | |
84 | ||
85 | if (*p + 2*sizeof(u32) + len > end) | |
86 | return -ERANGE; | |
87 | ceph_encode_32(p, CEPH_ENTITY_TYPE_CLIENT); | |
88 | ceph_encode_32(p, len); | |
89 | ceph_encode_copy(p, name, len); | |
90 | return 0; | |
91 | } | |
92 | ||
93 | /* | |
94 | * Initiate protocol negotiation with monitor. Include entity name | |
95 | * and list supported protocols. | |
96 | */ | |
97 | int ceph_auth_build_hello(struct ceph_auth_client *ac, void *buf, size_t len) | |
98 | { | |
99 | struct ceph_mon_request_header *monhdr = buf; | |
100 | void *p = monhdr + 1, *end = buf + len, *lenp; | |
101 | int i, num; | |
102 | int ret; | |
103 | ||
104 | dout("auth_build_hello\n"); | |
105 | monhdr->have_version = 0; | |
106 | monhdr->session_mon = cpu_to_le16(-1); | |
107 | monhdr->session_mon_tid = 0; | |
108 | ||
109 | ceph_encode_32(&p, 0); /* no protocol, yet */ | |
110 | ||
111 | lenp = p; | |
112 | p += sizeof(u32); | |
113 | ||
07c8739c SW |
114 | ceph_decode_need(&p, end, 1 + sizeof(u32), bad); |
115 | ceph_encode_8(&p, 1); | |
4e7a5dcd SW |
116 | num = ARRAY_SIZE(supported_protocols); |
117 | ceph_encode_32(&p, num); | |
07c8739c | 118 | ceph_decode_need(&p, end, num * sizeof(u32), bad); |
4e7a5dcd SW |
119 | for (i = 0; i < num; i++) |
120 | ceph_encode_32(&p, supported_protocols[i]); | |
121 | ||
122 | ret = ceph_entity_name_encode(ac->name, &p, end); | |
123 | if (ret < 0) | |
124 | return ret; | |
125 | ceph_decode_need(&p, end, sizeof(u64), bad); | |
126 | ceph_encode_64(&p, ac->global_id); | |
127 | ||
128 | ceph_encode_32(&lenp, p - lenp - sizeof(u32)); | |
129 | return p - buf; | |
130 | ||
131 | bad: | |
132 | return -ERANGE; | |
133 | } | |
134 | ||
9bd2e6f8 SW |
135 | int ceph_build_auth_request(struct ceph_auth_client *ac, |
136 | void *msg_buf, size_t msg_len) | |
137 | { | |
138 | struct ceph_mon_request_header *monhdr = msg_buf; | |
139 | void *p = monhdr + 1; | |
140 | void *end = msg_buf + msg_len; | |
141 | int ret; | |
142 | ||
143 | monhdr->have_version = 0; | |
144 | monhdr->session_mon = cpu_to_le16(-1); | |
145 | monhdr->session_mon_tid = 0; | |
146 | ||
147 | ceph_encode_32(&p, ac->protocol); | |
148 | ||
149 | ret = ac->ops->build_request(ac, p + sizeof(u32), end); | |
150 | if (ret < 0) { | |
151 | pr_err("error %d building request\n", ret); | |
152 | return ret; | |
153 | } | |
154 | dout(" built request %d bytes\n", ret); | |
155 | ceph_encode_32(&p, ret); | |
156 | return p + ret - msg_buf; | |
157 | } | |
158 | ||
4e7a5dcd SW |
159 | /* |
160 | * Handle auth message from monitor. | |
161 | */ | |
162 | int ceph_handle_auth_reply(struct ceph_auth_client *ac, | |
163 | void *buf, size_t len, | |
164 | void *reply_buf, size_t reply_len) | |
165 | { | |
166 | void *p = buf; | |
167 | void *end = buf + len; | |
168 | int protocol; | |
169 | s32 result; | |
170 | u64 global_id; | |
171 | void *payload, *payload_end; | |
172 | int payload_len; | |
173 | char *result_msg; | |
174 | int result_msg_len; | |
175 | int ret = -EINVAL; | |
176 | ||
177 | dout("handle_auth_reply %p %p\n", p, end); | |
178 | ceph_decode_need(&p, end, sizeof(u32) * 3 + sizeof(u64), bad); | |
179 | protocol = ceph_decode_32(&p); | |
180 | result = ceph_decode_32(&p); | |
181 | global_id = ceph_decode_64(&p); | |
182 | payload_len = ceph_decode_32(&p); | |
183 | payload = p; | |
184 | p += payload_len; | |
185 | ceph_decode_need(&p, end, sizeof(u32), bad); | |
186 | result_msg_len = ceph_decode_32(&p); | |
187 | result_msg = p; | |
188 | p += result_msg_len; | |
189 | if (p != end) | |
190 | goto bad; | |
191 | ||
192 | dout(" result %d '%.*s' gid %llu len %d\n", result, result_msg_len, | |
193 | result_msg, global_id, payload_len); | |
194 | ||
195 | payload_end = payload + payload_len; | |
196 | ||
197 | if (global_id && ac->global_id != global_id) { | |
198 | dout(" set global_id %lld -> %lld\n", ac->global_id, global_id); | |
199 | ac->global_id = global_id; | |
200 | } | |
201 | ||
202 | if (ac->negotiating) { | |
dc14657c YS |
203 | /* server does not support our protocols? */ |
204 | if (!protocol && result < 0) { | |
205 | ret = result; | |
206 | goto out; | |
207 | } | |
4e7a5dcd SW |
208 | /* set up (new) protocol handler? */ |
209 | if (ac->protocol && ac->protocol != protocol) { | |
210 | ac->ops->destroy(ac); | |
211 | ac->protocol = 0; | |
212 | ac->ops = NULL; | |
213 | } | |
214 | if (ac->protocol != protocol) { | |
215 | ret = ceph_auth_init_protocol(ac, protocol); | |
216 | if (ret) { | |
217 | pr_err("error %d on auth protocol %d init\n", | |
218 | ret, protocol); | |
219 | goto out; | |
220 | } | |
221 | } | |
9bd2e6f8 SW |
222 | |
223 | ac->negotiating = false; | |
4e7a5dcd SW |
224 | } |
225 | ||
226 | ret = ac->ops->handle_reply(ac, result, payload, payload_end); | |
227 | if (ret == -EAGAIN) { | |
9bd2e6f8 | 228 | return ceph_build_auth_request(ac, reply_buf, reply_len); |
4e7a5dcd SW |
229 | } else if (ret) { |
230 | pr_err("authentication error %d\n", ret); | |
231 | return ret; | |
232 | } | |
233 | return 0; | |
234 | ||
235 | bad: | |
236 | pr_err("failed to decode auth msg\n"); | |
237 | out: | |
238 | return ret; | |
239 | } | |
240 | ||
9bd2e6f8 SW |
241 | int ceph_build_auth(struct ceph_auth_client *ac, |
242 | void *msg_buf, size_t msg_len) | |
243 | { | |
244 | if (!ac->protocol) | |
245 | return ceph_auth_build_hello(ac, msg_buf, msg_len); | |
246 | BUG_ON(!ac->ops); | |
247 | if (!ac->ops->is_authenticated(ac)) | |
248 | return ceph_build_auth_request(ac, msg_buf, msg_len); | |
249 | return 0; | |
250 | } | |
4e7a5dcd | 251 | |
9bd2e6f8 SW |
252 | int ceph_auth_is_authenticated(struct ceph_auth_client *ac) |
253 | { | |
254 | if (!ac->ops) | |
255 | return 0; | |
256 | return ac->ops->is_authenticated(ac); | |
257 | } |