24 static int init_protocol(struct ceph_auth_client *ac, int proto)  in init_protocol()  argument
30 		return ceph_auth_none_init(ac);  in init_protocol()
32 		return ceph_x_init(ac);  in init_protocol()
39 void ceph_auth_set_global_id(struct ceph_auth_client *ac, u64 global_id)  in ceph_auth_set_global_id()  argument
46 	if (ac->global_id && global_id != ac->global_id)  in ceph_auth_set_global_id()
47 		pr_err("global_id changed from %llu to %llu\n", ac->global_id,  in ceph_auth_set_global_id()
50 	ac->global_id = global_id;  in ceph_auth_set_global_id()
60 	struct ceph_auth_client *ac;  in ceph_auth_init()  local
62 	ac = kzalloc(sizeof(*ac), GFP_NOFS);  in ceph_auth_init()
63 	if (!ac)  in ceph_auth_init()
66 	mutex_init(&ac->mutex);  in ceph_auth_init()
67 	ac->negotiating = true;  in ceph_auth_init()
69 		ac->name = name;  in ceph_auth_init()
71 		ac->name = CEPH_AUTH_NAME_DEFAULT;  in ceph_auth_init()
72 	ac->key = key;  in ceph_auth_init()
73 	ac->preferred_mode = con_modes[0];  in ceph_auth_init()
74 	ac->fallback_mode = con_modes[1];  in ceph_auth_init()
77 	     ac->name, ac->preferred_mode, ac->fallback_mode);  in ceph_auth_init()
78 	return ac;  in ceph_auth_init()
81 void ceph_auth_destroy(struct ceph_auth_client *ac)  in ceph_auth_destroy()  argument
83 	dout("auth_destroy %p\n", ac);  in ceph_auth_destroy()
84 	if (ac->ops)  in ceph_auth_destroy()
85 		ac->ops->destroy(ac);  in ceph_auth_destroy()
86 	kfree(ac);  in ceph_auth_destroy()
92 void ceph_auth_reset(struct ceph_auth_client *ac)  in ceph_auth_reset()  argument
94 	mutex_lock(&ac->mutex);  in ceph_auth_reset()
95 	dout("auth_reset %p\n", ac);  in ceph_auth_reset()
96 	if (ac->ops && !ac->negotiating)  in ceph_auth_reset()
97 		ac->ops->reset(ac);  in ceph_auth_reset()
98 	ac->negotiating = true;  in ceph_auth_reset()
99 	mutex_unlock(&ac->mutex);  in ceph_auth_reset()
121 int ceph_auth_build_hello(struct ceph_auth_client *ac, void *buf, size_t len)  in ceph_auth_build_hello()  argument
128 	mutex_lock(&ac->mutex);  in ceph_auth_build_hello()
147 	ret = ceph_auth_entity_name_encode(ac->name, &p, end);  in ceph_auth_build_hello()
151 	ceph_encode_64(&p, ac->global_id);  in ceph_auth_build_hello()
156 	mutex_unlock(&ac->mutex);  in ceph_auth_build_hello()
164 static int build_request(struct ceph_auth_client *ac, bool add_header,  in build_request()  argument
177 		ceph_encode_32_safe(&p, end, ac->protocol, e_range);  in build_request()
181 	ret = ac->ops->build_request(ac, p + sizeof(u32), end);  in build_request()
184 		       ceph_auth_proto_name(ac->protocol), ret);  in build_request()
198 int ceph_handle_auth_reply(struct ceph_auth_client *ac,  in ceph_handle_auth_reply()  argument
213 	mutex_lock(&ac->mutex);  in ceph_handle_auth_reply()
234 	if (ac->negotiating) {  in ceph_handle_auth_reply()
241 		if (ac->protocol && ac->protocol != protocol) {  in ceph_handle_auth_reply()
242 			ac->ops->destroy(ac);  in ceph_handle_auth_reply()
243 			ac->protocol = 0;  in ceph_handle_auth_reply()
244 			ac->ops = NULL;  in ceph_handle_auth_reply()
246 		if (ac->protocol != protocol) {  in ceph_handle_auth_reply()
247 			ret = init_protocol(ac, protocol);  in ceph_handle_auth_reply()
255 		ac->negotiating = false;  in ceph_handle_auth_reply()
260 		       ceph_auth_proto_name(ac->protocol), result);  in ceph_handle_auth_reply()
265 	ret = ac->ops->handle_reply(ac, global_id, payload, payload_end,  in ceph_handle_auth_reply()
268 		ret = build_request(ac, true, reply_buf, reply_len);  in ceph_handle_auth_reply()
275 	mutex_unlock(&ac->mutex);  in ceph_handle_auth_reply()
284 int ceph_build_auth(struct ceph_auth_client *ac,  in ceph_build_auth()  argument
289 	mutex_lock(&ac->mutex);  in ceph_build_auth()
290 	if (ac->ops->should_authenticate(ac))  in ceph_build_auth()
291 		ret = build_request(ac, true, msg_buf, msg_len);  in ceph_build_auth()
292 	mutex_unlock(&ac->mutex);  in ceph_build_auth()
296 int ceph_auth_is_authenticated(struct ceph_auth_client *ac)  in ceph_auth_is_authenticated()  argument
300 	mutex_lock(&ac->mutex);  in ceph_auth_is_authenticated()
301 	if (ac->ops)  in ceph_auth_is_authenticated()
302 		ret = ac->ops->is_authenticated(ac);  in ceph_auth_is_authenticated()
303 	mutex_unlock(&ac->mutex);  in ceph_auth_is_authenticated()
308 int __ceph_auth_get_authorizer(struct ceph_auth_client *ac,  in __ceph_auth_get_authorizer()  argument
315 	mutex_lock(&ac->mutex);  in __ceph_auth_get_authorizer()
321 		ret = ac->ops->create_authorizer(ac, peer_type, auth);  in __ceph_auth_get_authorizer()
322 	else if (ac->ops->update_authorizer)  in __ceph_auth_get_authorizer()
323 		ret = ac->ops->update_authorizer(ac, peer_type, auth);  in __ceph_auth_get_authorizer()
329 	*proto = ac->protocol;  in __ceph_auth_get_authorizer()
331 		*pref_mode = ac->preferred_mode;  in __ceph_auth_get_authorizer()
332 		*fallb_mode = ac->fallback_mode;  in __ceph_auth_get_authorizer()
336 	mutex_unlock(&ac->mutex);  in __ceph_auth_get_authorizer()
347 int ceph_auth_add_authorizer_challenge(struct ceph_auth_client *ac,  in ceph_auth_add_authorizer_challenge()  argument
354 	mutex_lock(&ac->mutex);  in ceph_auth_add_authorizer_challenge()
355 	if (ac->ops && ac->ops->add_authorizer_challenge)  in ceph_auth_add_authorizer_challenge()
356 		ret = ac->ops->add_authorizer_challenge(ac, a, challenge_buf,  in ceph_auth_add_authorizer_challenge()
358 	mutex_unlock(&ac->mutex);  in ceph_auth_add_authorizer_challenge()
363 int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac,  in ceph_auth_verify_authorizer_reply()  argument
371 	mutex_lock(&ac->mutex);  in ceph_auth_verify_authorizer_reply()
372 	if (ac->ops && ac->ops->verify_authorizer_reply)  in ceph_auth_verify_authorizer_reply()
373 		ret = ac->ops->verify_authorizer_reply(ac, a,  in ceph_auth_verify_authorizer_reply()
376 	mutex_unlock(&ac->mutex);  in ceph_auth_verify_authorizer_reply()
381 void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac, int peer_type)  in ceph_auth_invalidate_authorizer()  argument
383 	mutex_lock(&ac->mutex);  in ceph_auth_invalidate_authorizer()
384 	if (ac->ops && ac->ops->invalidate_authorizer)  in ceph_auth_invalidate_authorizer()
385 		ac->ops->invalidate_authorizer(ac, peer_type);  in ceph_auth_invalidate_authorizer()
386 	mutex_unlock(&ac->mutex);  in ceph_auth_invalidate_authorizer()
427 int ceph_auth_get_request(struct ceph_auth_client *ac, void *buf, int buf_len)  in ceph_auth_get_request()  argument
429 	int proto = ac->key ? CEPH_AUTH_CEPHX : CEPH_AUTH_NONE;  in ceph_auth_get_request()
435 	mutex_lock(&ac->mutex);  in ceph_auth_get_request()
436 	if (ac->protocol == CEPH_AUTH_UNKNOWN) {  in ceph_auth_get_request()
437 		ret = init_protocol(ac, proto);  in ceph_auth_get_request()
444 		WARN_ON(ac->protocol != proto);  in ceph_auth_get_request()
445 		ac->ops->reset(ac);  in ceph_auth_get_request()
449 	ceph_encode_32_safe(&p, end, ac->protocol, e_range);  in ceph_auth_get_request()
450 	ret = encode_con_modes(&p, end, ac->preferred_mode, ac->fallback_mode);  in ceph_auth_get_request()
458 	ret = ceph_auth_entity_name_encode(ac->name, &p, end);  in ceph_auth_get_request()
462 	ceph_encode_64_safe(&p, end, ac->global_id, e_range);  in ceph_auth_get_request()
467 	mutex_unlock(&ac->mutex);  in ceph_auth_get_request()
475 int ceph_auth_handle_reply_more(struct ceph_auth_client *ac, void *reply,  in ceph_auth_handle_reply_more()  argument
480 	mutex_lock(&ac->mutex);  in ceph_auth_handle_reply_more()
481 	ret = ac->ops->handle_reply(ac, 0, reply, reply + reply_len,  in ceph_auth_handle_reply_more()
484 		ret = build_request(ac, false, buf, buf_len);  in ceph_auth_handle_reply_more()
487 	mutex_unlock(&ac->mutex);  in ceph_auth_handle_reply_more()
491 int ceph_auth_handle_reply_done(struct ceph_auth_client *ac,  in ceph_auth_handle_reply_done()  argument
498 	mutex_lock(&ac->mutex);  in ceph_auth_handle_reply_done()
499 	ret = ac->ops->handle_reply(ac, global_id, reply, reply + reply_len,  in ceph_auth_handle_reply_done()
503 	mutex_unlock(&ac->mutex);  in ceph_auth_handle_reply_done()
507 bool ceph_auth_handle_bad_method(struct ceph_auth_client *ac,  in ceph_auth_handle_bad_method()  argument
512 	mutex_lock(&ac->mutex);  in ceph_auth_handle_bad_method()
513 	WARN_ON(used_proto != ac->protocol);  in ceph_auth_handle_bad_method()
516 		if (!contains(allowed_protos, proto_cnt, ac->protocol)) {  in ceph_auth_handle_bad_method()
518 			       ceph_auth_proto_name(ac->protocol));  in ceph_auth_handle_bad_method()
521 		if (!contains(allowed_modes, mode_cnt, ac->preferred_mode) &&  in ceph_auth_handle_bad_method()
522 		    (ac->fallback_mode == CEPH_CON_MODE_UNKNOWN ||  in ceph_auth_handle_bad_method()
523 		     !contains(allowed_modes, mode_cnt, ac->fallback_mode))) {  in ceph_auth_handle_bad_method()
525 			       ceph_con_mode_name(ac->preferred_mode));  in ceph_auth_handle_bad_method()
526 			if (ac->fallback_mode == CEPH_CON_MODE_UNKNOWN)  in ceph_auth_handle_bad_method()
530 				       ceph_con_mode_name(ac->fallback_mode));  in ceph_auth_handle_bad_method()
537 	       ceph_auth_proto_name(ac->protocol), result);  in ceph_auth_handle_bad_method()
539 	mutex_unlock(&ac->mutex);  in ceph_auth_handle_bad_method()
543 	mutex_unlock(&ac->mutex);  in ceph_auth_handle_bad_method()
547 int ceph_auth_get_authorizer(struct ceph_auth_client *ac,  in ceph_auth_get_authorizer()  argument
557 	ret = __ceph_auth_get_authorizer(ac, auth, peer_type, true, &proto,  in ceph_auth_get_authorizer()
577 int ceph_auth_handle_svc_reply_more(struct ceph_auth_client *ac,  in ceph_auth_handle_svc_reply_more()  argument
586 	ret = ceph_auth_add_authorizer_challenge(ac, auth->authorizer,  in ceph_auth_handle_svc_reply_more()
601 int ceph_auth_handle_svc_reply_done(struct ceph_auth_client *ac,  in ceph_auth_handle_svc_reply_done()  argument
607 	return ceph_auth_verify_authorizer_reply(ac, auth->authorizer,  in ceph_auth_handle_svc_reply_done()
613 bool ceph_auth_handle_bad_authorizer(struct ceph_auth_client *ac,  in ceph_auth_handle_bad_authorizer()  argument
618 	mutex_lock(&ac->mutex);  in ceph_auth_handle_bad_authorizer()
619 	WARN_ON(used_proto != ac->protocol);  in ceph_auth_handle_bad_authorizer()
622 		if (!contains(allowed_protos, proto_cnt, ac->protocol)) {  in ceph_auth_handle_bad_authorizer()
624 			       ceph_auth_proto_name(ac->protocol),  in ceph_auth_handle_bad_authorizer()
628 		if (!contains(allowed_modes, mode_cnt, ac->preferred_mode) &&  in ceph_auth_handle_bad_authorizer()
629 		    (ac->fallback_mode == CEPH_CON_MODE_UNKNOWN ||  in ceph_auth_handle_bad_authorizer()
630 		     !contains(allowed_modes, mode_cnt, ac->fallback_mode))) {  in ceph_auth_handle_bad_authorizer()
632 			       ceph_con_mode_name(ac->preferred_mode),  in ceph_auth_handle_bad_authorizer()
634 			if (ac->fallback_mode == CEPH_CON_MODE_UNKNOWN)  in ceph_auth_handle_bad_authorizer()
638 				       ceph_con_mode_name(ac->fallback_mode),  in ceph_auth_handle_bad_authorizer()
646 	       ceph_auth_proto_name(ac->protocol),  in ceph_auth_handle_bad_authorizer()
649 	if (ac->ops->invalidate_authorizer)  in ceph_auth_handle_bad_authorizer()
650 		ac->ops->invalidate_authorizer(ac, peer_type);  in ceph_auth_handle_bad_authorizer()
652 	mutex_unlock(&ac->mutex);  in ceph_auth_handle_bad_authorizer()
656 	mutex_unlock(&ac->mutex);  in ceph_auth_handle_bad_authorizer()