1*3d14c5d2SYehuda Sadeh 2*3d14c5d2SYehuda Sadeh #include <linux/ceph/ceph_debug.h> 3*3d14c5d2SYehuda Sadeh 4*3d14c5d2SYehuda Sadeh #include <linux/err.h> 5*3d14c5d2SYehuda Sadeh #include <linux/module.h> 6*3d14c5d2SYehuda Sadeh #include <linux/random.h> 7*3d14c5d2SYehuda Sadeh #include <linux/slab.h> 8*3d14c5d2SYehuda Sadeh 9*3d14c5d2SYehuda Sadeh #include <linux/ceph/decode.h> 10*3d14c5d2SYehuda Sadeh #include <linux/ceph/auth.h> 11*3d14c5d2SYehuda Sadeh 12*3d14c5d2SYehuda Sadeh #include "auth_none.h" 13*3d14c5d2SYehuda Sadeh 14*3d14c5d2SYehuda Sadeh static void reset(struct ceph_auth_client *ac) 15*3d14c5d2SYehuda Sadeh { 16*3d14c5d2SYehuda Sadeh struct ceph_auth_none_info *xi = ac->private; 17*3d14c5d2SYehuda Sadeh 18*3d14c5d2SYehuda Sadeh xi->starting = true; 19*3d14c5d2SYehuda Sadeh xi->built_authorizer = false; 20*3d14c5d2SYehuda Sadeh } 21*3d14c5d2SYehuda Sadeh 22*3d14c5d2SYehuda Sadeh static void destroy(struct ceph_auth_client *ac) 23*3d14c5d2SYehuda Sadeh { 24*3d14c5d2SYehuda Sadeh kfree(ac->private); 25*3d14c5d2SYehuda Sadeh ac->private = NULL; 26*3d14c5d2SYehuda Sadeh } 27*3d14c5d2SYehuda Sadeh 28*3d14c5d2SYehuda Sadeh static int is_authenticated(struct ceph_auth_client *ac) 29*3d14c5d2SYehuda Sadeh { 30*3d14c5d2SYehuda Sadeh struct ceph_auth_none_info *xi = ac->private; 31*3d14c5d2SYehuda Sadeh 32*3d14c5d2SYehuda Sadeh return !xi->starting; 33*3d14c5d2SYehuda Sadeh } 34*3d14c5d2SYehuda Sadeh 35*3d14c5d2SYehuda Sadeh static int should_authenticate(struct ceph_auth_client *ac) 36*3d14c5d2SYehuda Sadeh { 37*3d14c5d2SYehuda Sadeh struct ceph_auth_none_info *xi = ac->private; 38*3d14c5d2SYehuda Sadeh 39*3d14c5d2SYehuda Sadeh return xi->starting; 40*3d14c5d2SYehuda Sadeh } 41*3d14c5d2SYehuda Sadeh 42*3d14c5d2SYehuda Sadeh /* 43*3d14c5d2SYehuda Sadeh * the generic auth code decode the global_id, and we carry no actual 44*3d14c5d2SYehuda Sadeh * authenticate state, so nothing happens here. 45*3d14c5d2SYehuda Sadeh */ 46*3d14c5d2SYehuda Sadeh static int handle_reply(struct ceph_auth_client *ac, int result, 47*3d14c5d2SYehuda Sadeh void *buf, void *end) 48*3d14c5d2SYehuda Sadeh { 49*3d14c5d2SYehuda Sadeh struct ceph_auth_none_info *xi = ac->private; 50*3d14c5d2SYehuda Sadeh 51*3d14c5d2SYehuda Sadeh xi->starting = false; 52*3d14c5d2SYehuda Sadeh return result; 53*3d14c5d2SYehuda Sadeh } 54*3d14c5d2SYehuda Sadeh 55*3d14c5d2SYehuda Sadeh /* 56*3d14c5d2SYehuda Sadeh * build an 'authorizer' with our entity_name and global_id. we can 57*3d14c5d2SYehuda Sadeh * reuse a single static copy since it is identical for all services 58*3d14c5d2SYehuda Sadeh * we connect to. 59*3d14c5d2SYehuda Sadeh */ 60*3d14c5d2SYehuda Sadeh static int ceph_auth_none_create_authorizer( 61*3d14c5d2SYehuda Sadeh struct ceph_auth_client *ac, int peer_type, 62*3d14c5d2SYehuda Sadeh struct ceph_authorizer **a, 63*3d14c5d2SYehuda Sadeh void **buf, size_t *len, 64*3d14c5d2SYehuda Sadeh void **reply_buf, size_t *reply_len) 65*3d14c5d2SYehuda Sadeh { 66*3d14c5d2SYehuda Sadeh struct ceph_auth_none_info *ai = ac->private; 67*3d14c5d2SYehuda Sadeh struct ceph_none_authorizer *au = &ai->au; 68*3d14c5d2SYehuda Sadeh void *p, *end; 69*3d14c5d2SYehuda Sadeh int ret; 70*3d14c5d2SYehuda Sadeh 71*3d14c5d2SYehuda Sadeh if (!ai->built_authorizer) { 72*3d14c5d2SYehuda Sadeh p = au->buf; 73*3d14c5d2SYehuda Sadeh end = p + sizeof(au->buf); 74*3d14c5d2SYehuda Sadeh ceph_encode_8(&p, 1); 75*3d14c5d2SYehuda Sadeh ret = ceph_entity_name_encode(ac->name, &p, end - 8); 76*3d14c5d2SYehuda Sadeh if (ret < 0) 77*3d14c5d2SYehuda Sadeh goto bad; 78*3d14c5d2SYehuda Sadeh ceph_decode_need(&p, end, sizeof(u64), bad2); 79*3d14c5d2SYehuda Sadeh ceph_encode_64(&p, ac->global_id); 80*3d14c5d2SYehuda Sadeh au->buf_len = p - (void *)au->buf; 81*3d14c5d2SYehuda Sadeh ai->built_authorizer = true; 82*3d14c5d2SYehuda Sadeh dout("built authorizer len %d\n", au->buf_len); 83*3d14c5d2SYehuda Sadeh } 84*3d14c5d2SYehuda Sadeh 85*3d14c5d2SYehuda Sadeh *a = (struct ceph_authorizer *)au; 86*3d14c5d2SYehuda Sadeh *buf = au->buf; 87*3d14c5d2SYehuda Sadeh *len = au->buf_len; 88*3d14c5d2SYehuda Sadeh *reply_buf = au->reply_buf; 89*3d14c5d2SYehuda Sadeh *reply_len = sizeof(au->reply_buf); 90*3d14c5d2SYehuda Sadeh return 0; 91*3d14c5d2SYehuda Sadeh 92*3d14c5d2SYehuda Sadeh bad2: 93*3d14c5d2SYehuda Sadeh ret = -ERANGE; 94*3d14c5d2SYehuda Sadeh bad: 95*3d14c5d2SYehuda Sadeh return ret; 96*3d14c5d2SYehuda Sadeh } 97*3d14c5d2SYehuda Sadeh 98*3d14c5d2SYehuda Sadeh static void ceph_auth_none_destroy_authorizer(struct ceph_auth_client *ac, 99*3d14c5d2SYehuda Sadeh struct ceph_authorizer *a) 100*3d14c5d2SYehuda Sadeh { 101*3d14c5d2SYehuda Sadeh /* nothing to do */ 102*3d14c5d2SYehuda Sadeh } 103*3d14c5d2SYehuda Sadeh 104*3d14c5d2SYehuda Sadeh static const struct ceph_auth_client_ops ceph_auth_none_ops = { 105*3d14c5d2SYehuda Sadeh .name = "none", 106*3d14c5d2SYehuda Sadeh .reset = reset, 107*3d14c5d2SYehuda Sadeh .destroy = destroy, 108*3d14c5d2SYehuda Sadeh .is_authenticated = is_authenticated, 109*3d14c5d2SYehuda Sadeh .should_authenticate = should_authenticate, 110*3d14c5d2SYehuda Sadeh .handle_reply = handle_reply, 111*3d14c5d2SYehuda Sadeh .create_authorizer = ceph_auth_none_create_authorizer, 112*3d14c5d2SYehuda Sadeh .destroy_authorizer = ceph_auth_none_destroy_authorizer, 113*3d14c5d2SYehuda Sadeh }; 114*3d14c5d2SYehuda Sadeh 115*3d14c5d2SYehuda Sadeh int ceph_auth_none_init(struct ceph_auth_client *ac) 116*3d14c5d2SYehuda Sadeh { 117*3d14c5d2SYehuda Sadeh struct ceph_auth_none_info *xi; 118*3d14c5d2SYehuda Sadeh 119*3d14c5d2SYehuda Sadeh dout("ceph_auth_none_init %p\n", ac); 120*3d14c5d2SYehuda Sadeh xi = kzalloc(sizeof(*xi), GFP_NOFS); 121*3d14c5d2SYehuda Sadeh if (!xi) 122*3d14c5d2SYehuda Sadeh return -ENOMEM; 123*3d14c5d2SYehuda Sadeh 124*3d14c5d2SYehuda Sadeh xi->starting = true; 125*3d14c5d2SYehuda Sadeh xi->built_authorizer = false; 126*3d14c5d2SYehuda Sadeh 127*3d14c5d2SYehuda Sadeh ac->protocol = CEPH_AUTH_NONE; 128*3d14c5d2SYehuda Sadeh ac->private = xi; 129*3d14c5d2SYehuda Sadeh ac->ops = &ceph_auth_none_ops; 130*3d14c5d2SYehuda Sadeh return 0; 131*3d14c5d2SYehuda Sadeh } 132*3d14c5d2SYehuda Sadeh 133