auth/cephx: add authorizer challenge
Allow the accepting side of a connection to reject an initial authorizer
with a random challenge. The connecting side then has to respond with an
updated authorizer proving they are able to decrypt the service's challenge
and that the new authorizer was produced for this specific connection
instance.
The accepting side requires this challenge and response unconditionally
if the client side advertises they have the feature bit. Servers wishing
to require this improved level of authentication simply have to require
the appropriate feature.
Signed-off-by: Sage Weil <sage@redhat.com>
(cherry picked from commit
f80b848d3f830eb6dba50123e04385173fa4540b)
# Conflicts:
# src/auth/Auth.h
# src/auth/cephx/CephxProtocol.cc
# src/auth/cephx/CephxProtocol.h
# src/auth/none/AuthNoneProtocol.h
# src/msg/Dispatcher.h
# src/msg/async/AsyncConnection.cc
- const_iterator
- ::decode vs decode
- AsyncConnection ctor arg noise
- get_random_bytes(), not cct->random()
(cherry picked from commit
5ead97120e07054d80623dada90a5cc764c28468)
# Conflicts:
# src/auth/cephx/CephxAuthorizeHandler.h
# src/auth/cephx/CephxProtocol.h
# src/auth/none/AuthNoneAuthorizeHandler.h
# src/auth/none/AuthNoneProtocol.h
# src/auth/unknown/AuthUnknownAuthorizeHandler.h
# src/mds/MDSDaemon.cc
# src/mds/MDSDaemon.h
# src/mgr/DaemonServer.cc
# src/mgr/DaemonServer.h
# src/mon/Monitor.cc
# src/mon/Monitor.h
# src/msg/async/AsyncConnection.cc
# src/osd/OSD.cc
# src/osd/OSD.h
# src/test/messenger/simple_dispatcher.h
# src/test/msgr/perf_msgr_client.cc
# src/test/msgr/perf_msgr_server.cc
# src/test/msgr/test_msgr.cc
- lots of override annotation conflicts
- _refused() callbacks no present in jewel
- lots of msg/async conflicts (code has changed a fair bit)
- we inherited some upstream rotating keys checks, see
f159a093ecab4aa53693ec106c00d5ecb383c467
projects / ceph.git / commit