summaryrefslogtreecommitdiff
path: root/net/ceph/auth_x.c
diff options
context:
space:
mode:
authorIlya Dryomov <idryomov@gmail.com>2021-06-21 12:17:40 +0200
committerIlya Dryomov <idryomov@gmail.com>2021-06-24 21:03:17 +0200
commit03af4c7bad8ca59143bca488b90b3775d10d7f94 (patch)
treeacc80188616ede6bd9488eb29601f41a1e0c0d44 /net/ceph/auth_x.c
parent3c0d0894320cc517fda657c69939cd0313d0b4e2 (diff)
downloadlwn-03af4c7bad8ca59143bca488b90b3775d10d7f94.tar.gz
lwn-03af4c7bad8ca59143bca488b90b3775d10d7f94.zip
libceph: set global_id as soon as we get an auth ticket
Commit 61ca49a9105f ("libceph: don't set global_id until we get an auth ticket") delayed the setting of global_id too much. It is set only after all tickets are received, but in pre-nautilus clusters an auth ticket and the service tickets are obtained in separate steps (for a total of three MAuth replies). When the service tickets are requested, global_id is used to build an authorizer; if global_id is still 0 we never get them and fail to establish the session. Moving the setting of global_id into protocol implementations. This way global_id can be set exactly when an auth ticket is received, not sooner nor later. Fixes: 61ca49a9105f ("libceph: don't set global_id until we get an auth ticket") Signed-off-by: Ilya Dryomov <idryomov@gmail.com> Reviewed-by: Jeff Layton <jlayton@kernel.org>
Diffstat (limited to 'net/ceph/auth_x.c')
-rw-r--r--net/ceph/auth_x.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index cab99c5581b0..b71b1635916e 100644
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -597,7 +597,7 @@ bad:
return -EINVAL;
}
-static int handle_auth_session_key(struct ceph_auth_client *ac,
+static int handle_auth_session_key(struct ceph_auth_client *ac, u64 global_id,
void **p, void *end,
u8 *session_key, int *session_key_len,
u8 *con_secret, int *con_secret_len)
@@ -613,6 +613,7 @@ static int handle_auth_session_key(struct ceph_auth_client *ac,
if (ret)
return ret;
+ ceph_auth_set_global_id(ac, global_id);
if (*p == end) {
/* pre-nautilus (or didn't request service tickets!) */
WARN_ON(session_key || con_secret);
@@ -661,7 +662,7 @@ e_inval:
return -EINVAL;
}
-static int ceph_x_handle_reply(struct ceph_auth_client *ac,
+static int ceph_x_handle_reply(struct ceph_auth_client *ac, u64 global_id,
void *buf, void *end,
u8 *session_key, int *session_key_len,
u8 *con_secret, int *con_secret_len)
@@ -695,9 +696,9 @@ static int ceph_x_handle_reply(struct ceph_auth_client *ac,
switch (op) {
case CEPHX_GET_AUTH_SESSION_KEY:
/* AUTH ticket + [connection secret] + service tickets */
- ret = handle_auth_session_key(ac, &p, end, session_key,
- session_key_len, con_secret,
- con_secret_len);
+ ret = handle_auth_session_key(ac, global_id, &p, end,
+ session_key, session_key_len,
+ con_secret, con_secret_len);
break;
case CEPHX_GET_PRINCIPAL_SESSION_KEY: