From: Sage Weil <sage@newdream.net>
To: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: Sage Weil <sage@newdream.net>
Subject: [PATCH 17/26] ceph: trivial 'auth_none' authentication scheme
Date: Tue, 2 Mar 2010 16:46:48 -0800 [thread overview]
Message-ID: <1267577217-31923-18-git-send-email-sage@newdream.net> (raw)
In-Reply-To: <1267577217-31923-1-git-send-email-sage@newdream.net>
This implements a trivial authentication scheme that provides
no actual authentication.
Signed-off-by: Sage Weil <sage@newdream.net>
---
fs/ceph/auth_none.c | 121 +++++++++++++++++++++++++++++++++++++++++++++++++++
fs/ceph/auth_none.h | 28 ++++++++++++
2 files changed, 149 insertions(+), 0 deletions(-)
create mode 100644 fs/ceph/auth_none.c
create mode 100644 fs/ceph/auth_none.h
diff --git a/fs/ceph/auth_none.c b/fs/ceph/auth_none.c
new file mode 100644
index 0000000..b4ef6f0
--- /dev/null
+++ b/fs/ceph/auth_none.c
@@ -0,0 +1,121 @@
+
+#include "ceph_debug.h"
+
+#include <linux/err.h>
+#include <linux/module.h>
+#include <linux/random.h>
+
+#include "auth_none.h"
+#include "auth.h"
+#include "decode.h"
+
+static void reset(struct ceph_auth_client *ac)
+{
+ struct ceph_auth_none_info *xi = ac->private;
+
+ xi->starting = true;
+ xi->built_authorizer = false;
+}
+
+static void destroy(struct ceph_auth_client *ac)
+{
+ kfree(ac->private);
+ ac->private = NULL;
+}
+
+static int is_authenticated(struct ceph_auth_client *ac)
+{
+ struct ceph_auth_none_info *xi = ac->private;
+
+ return !xi->starting;
+}
+
+/*
+ * the generic auth code decode the global_id, and we carry no actual
+ * authenticate state, so nothing happens here.
+ */
+static int handle_reply(struct ceph_auth_client *ac, int result,
+ void *buf, void *end)
+{
+ struct ceph_auth_none_info *xi = ac->private;
+
+ xi->starting = false;
+ return result;
+}
+
+/*
+ * build an 'authorizer' with our entity_name and global_id. we can
+ * reuse a single static copy since it is identical for all services
+ * we connect to.
+ */
+static int ceph_auth_none_create_authorizer(
+ struct ceph_auth_client *ac, int peer_type,
+ struct ceph_authorizer **a,
+ void **buf, size_t *len,
+ void **reply_buf, size_t *reply_len)
+{
+ struct ceph_auth_none_info *ai = ac->private;
+ struct ceph_none_authorizer *au = &ai->au;
+ void *p, *end;
+ int ret;
+
+ if (!ai->built_authorizer) {
+ p = au->buf;
+ end = p + sizeof(au->buf);
+ ceph_encode_8(&p, 1);
+ ret = ceph_entity_name_encode(ac->name, &p, end - 8);
+ if (ret < 0)
+ goto bad;
+ ceph_decode_need(&p, end, sizeof(u64), bad2);
+ ceph_encode_64(&p, ac->global_id);
+ au->buf_len = p - (void *)au->buf;
+ ai->built_authorizer = true;
+ dout("built authorizer len %d\n", au->buf_len);
+ }
+
+ *a = (struct ceph_authorizer *)au;
+ *buf = au->buf;
+ *len = au->buf_len;
+ *reply_buf = au->reply_buf;
+ *reply_len = sizeof(au->reply_buf);
+ return 0;
+
+bad2:
+ ret = -ERANGE;
+bad:
+ return ret;
+}
+
+static void ceph_auth_none_destroy_authorizer(struct ceph_auth_client *ac,
+ struct ceph_authorizer *a)
+{
+ /* nothing to do */
+}
+
+static const struct ceph_auth_client_ops ceph_auth_none_ops = {
+ .reset = reset,
+ .destroy = destroy,
+ .is_authenticated = is_authenticated,
+ .handle_reply = handle_reply,
+ .create_authorizer = ceph_auth_none_create_authorizer,
+ .destroy_authorizer = ceph_auth_none_destroy_authorizer,
+};
+
+int ceph_auth_none_init(struct ceph_auth_client *ac)
+{
+ struct ceph_auth_none_info *xi;
+
+ dout("ceph_auth_none_init %p\n", ac);
+ xi = kzalloc(sizeof(*xi), GFP_NOFS);
+ if (!xi)
+ return -ENOMEM;
+
+ xi->starting = true;
+ xi->built_authorizer = false;
+
+ ac->protocol = CEPH_AUTH_NONE;
+ ac->private = xi;
+ ac->ops = &ceph_auth_none_ops;
+ return 0;
+}
+
diff --git a/fs/ceph/auth_none.h b/fs/ceph/auth_none.h
new file mode 100644
index 0000000..56c0553
--- /dev/null
+++ b/fs/ceph/auth_none.h
@@ -0,0 +1,28 @@
+#ifndef _FS_CEPH_AUTH_NONE_H
+#define _FS_CEPH_AUTH_NONE_H
+
+#include "auth.h"
+
+/*
+ * null security mode.
+ *
+ * we use a single static authorizer that simply encodes our entity name
+ * and global id.
+ */
+
+struct ceph_none_authorizer {
+ char buf[128];
+ int buf_len;
+ char reply_buf[0];
+};
+
+struct ceph_auth_none_info {
+ bool starting;
+ bool built_authorizer;
+ struct ceph_none_authorizer au; /* we only need one; it's static */
+};
+
+extern int ceph_auth_none_init(struct ceph_auth_client *ac);
+
+#endif
+
--
1.7.0
next prev parent reply other threads:[~2010-03-03 0:46 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-03 0:46 [PATCH 00/26] ceph distributed file system client Sage Weil
2010-03-03 0:46 ` [PATCH 01/26] ceph: documentation Sage Weil
2010-03-03 0:46 ` [PATCH 02/26] ceph: on-wire types Sage Weil
2010-03-03 0:46 ` [PATCH 03/26] ceph: client types Sage Weil
2010-03-03 0:46 ` [PATCH 04/26] ceph: hash function Sage Weil
2010-03-03 0:46 ` [PATCH 05/26] ceph: ref counted buffer Sage Weil
2010-03-03 0:46 ` [PATCH 06/26] ceph: dynamic pagelist buffer Sage Weil
2010-03-03 0:46 ` [PATCH 07/26] ceph: super.c Sage Weil
2010-03-03 0:46 ` [PATCH 08/26] ceph: inode operations Sage Weil
2010-03-03 0:46 ` [PATCH 09/26] ceph: directory operations Sage Weil
2010-03-03 0:46 ` [PATCH 10/26] ceph: file operations Sage Weil
2010-03-03 0:46 ` [PATCH 11/26] ceph: address space operations Sage Weil
2010-03-03 0:46 ` [PATCH 12/26] ceph: MDS client Sage Weil
2010-03-03 0:46 ` [PATCH 13/26] ceph: OSD client Sage Weil
2010-03-03 0:46 ` [PATCH 14/26] ceph: CRUSH mapping algorithm Sage Weil
2010-03-03 0:46 ` [PATCH 15/26] ceph: monitor client Sage Weil
2010-03-03 0:46 ` [PATCH 16/26] ceph: authentication interface Sage Weil
2010-03-03 0:46 ` Sage Weil [this message]
2010-03-03 0:46 ` [PATCH 18/26] ceph: 'auth_x' authentication scheme Sage Weil
2010-03-03 0:46 ` [PATCH 19/26] ceph: capability management Sage Weil
2010-03-03 0:46 ` [PATCH 20/26] ceph: snapshot management Sage Weil
2010-03-03 0:46 ` [PATCH 21/26] ceph: messenger library Sage Weil
2010-03-03 0:46 ` [PATCH 22/26] ceph: message pools Sage Weil
2010-03-03 0:46 ` [PATCH 23/26] ceph: nfs re-export support Sage Weil
2010-03-03 7:48 ` Christoph Hellwig
2010-03-03 21:37 ` Sage Weil
2010-03-04 11:50 ` Miklos Szeredi
2010-03-03 0:46 ` [PATCH 24/26] ceph: ioctls Sage Weil
2010-03-03 0:46 ` [PATCH 25/26] ceph: debugfs Sage Weil
2010-03-03 0:46 ` [PATCH 26/26] ceph: Kconfig, Makefile, MAINTAINERS entry Sage Weil
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1267577217-31923-18-git-send-email-sage@newdream.net \
--to=sage@newdream.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).