1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
#include "../KeyRing.h"
#include "CephxProtocol.h"
#include "CephxAuthorizeHandler.h"
#define dout_subsys ceph_subsys_auth
bool CephxAuthorizeHandler::verify_authorizer(CephContext *cct, KeyStore *keys,
bufferlist& authorizer_data, bufferlist& authorizer_reply,
EntityName& entity_name, uint64_t& global_id, AuthCapsInfo& caps_info, CryptoKey& session_key, uint64_t *auid)
{
bufferlist::iterator iter = authorizer_data.begin();
if (!authorizer_data.length()) {
ldout(cct, 1) << "verify authorizer, authorizer_data.length()=0" << dendl;
return false;
}
CephXServiceTicketInfo auth_ticket_info;
bool isvalid = cephx_verify_authorizer(cct, keys, iter, auth_ticket_info, authorizer_reply);
if (isvalid) {
caps_info = auth_ticket_info.ticket.caps;
entity_name = auth_ticket_info.ticket.name;
global_id = auth_ticket_info.ticket.global_id;
session_key = auth_ticket_info.session_key;
if (auid) *auid = auth_ticket_info.ticket.auid;
}
return isvalid;
}
// Return type of crypto used for this session's data; for cephx, symmetric authentication
int CephxAuthorizeHandler::authorizer_session_crypto()
{
return SESSION_SYMMETRIC_AUTHENTICATE;
}
|
