1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab
/*
* Ceph - scalable distributed file system
*
* Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
*
* This is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License version 2.1, as published by the Free Software
* Foundation. See file COPYING.
*
*/
#ifndef CEPH_AUTHMONITOR_H
#define CEPH_AUTHMONITOR_H
#include <map>
#include <set>
using namespace std;
#include "include/types.h"
#include "msg/Messenger.h"
#include "PaxosService.h"
#include "mon/Monitor.h"
class MMonCommand;
class MAuth;
class MAuthMon;
class MMonGlobalID;
class KeyRing;
#define MIN_GLOBAL_ID 0x1000
class AuthMonitor : public PaxosService {
void auth_usage(stringstream& ss);
enum IncType {
GLOBAL_ID,
AUTH_DATA,
};
public:
struct Incremental {
IncType inc_type;
uint64_t max_global_id;
uint32_t auth_type;
bufferlist auth_data;
void encode(bufferlist& bl) const {
__u8 v = 1;
::encode(v, bl);
__u32 _type = (__u32)inc_type;
::encode(_type, bl);
if (_type == GLOBAL_ID) {
::encode(max_global_id, bl);
} else {
::encode(auth_type, bl);
::encode(auth_data, bl);
}
}
void decode(bufferlist::iterator& bl) {
__u8 v;
::decode(v, bl);
__u32 _type;
::decode(_type, bl);
inc_type = (IncType)_type;
assert(inc_type >= GLOBAL_ID && inc_type <= AUTH_DATA);
if (_type == GLOBAL_ID) {
::decode(max_global_id, bl);
} else {
::decode(auth_type, bl);
::decode(auth_data, bl);
}
}
};
private:
vector<Incremental> pending_auth;
version_t last_rotating_ver;
uint64_t max_global_id;
uint64_t last_allocated_id;
void export_keyring(KeyRing& keyring);
void import_keyring(KeyRing& keyring);
void push_cephx_inc(KeyServerData::Incremental& auth_inc) {
Incremental inc;
inc.inc_type = AUTH_DATA;
::encode(auth_inc, inc.auth_data);
inc.auth_type = CEPH_AUTH_CEPHX;
pending_auth.push_back(inc);
}
void on_active();
void election_finished();
bool should_propose(double& delay);
void create_initial(bufferlist& bl);
bool update_from_paxos();
void create_pending(); // prepare a new pending
bool prepare_global_id(MMonGlobalID *m);
void increase_max_global_id();
uint64_t assign_global_id(MAuth *m, bool should_increase_max);
void encode_pending(bufferlist &bl); // propose pending update to peers
void committed();
bool preprocess_query(PaxosServiceMessage *m); // true if processed.
bool prepare_update(PaxosServiceMessage *m);
bool prep_auth(MAuth *m, bool paxos_writable);
bool preprocess_command(MMonCommand *m);
bool prepare_command(MMonCommand *m);
void check_rotate();
public:
AuthMonitor(Monitor *mn, Paxos *p) : PaxosService(mn, p), last_rotating_ver(0), max_global_id(0), last_allocated_id(0) {}
void pre_auth(MAuth *m);
void tick(); // check state, take actions
void init();
};
WRITE_CLASS_ENCODER(AuthMonitor::Incremental);
#endif
|