msg/Pipe: remove broken cephs signing requirement check

Remove the special-case check, which does not inform the peer what
protocol features are missing.  It also enforces this requirement even
when we negotiate auth none.

Reported as part of bug #3657.

Signed-off-by: Sage Weil <sage@inktank.com>

diff --git a/src/msg/Pipe.cc b/src/msg/Pipe.cc
index 0ca1906d88b45b7f4784f2c7cbda9b24d702d38d..62db0e8dff9f481c2a3c452f824e9dc2eaf6db1b 100644 (file)
--- a/src/msg/Pipe.cc
+++ b/src/msg/Pipe.cc
@@ -355,18 +355,6 @@ int Pipe::accept()
       goto reply;
     }
     
-    // If the server supports signing session messages, and it is configured to require the client
-    // to sign, and the client can't sign, bail out.  PLR
-
-    if ((policy.features_supported & CEPH_FEATURE_MSG_AUTH) &&
-       msgr->cct->_conf->cephx_require_signatures &&
-       !(connect.features & CEPH_FEATURE_MSG_AUTH)) {
-      ldout(msgr->cct,1) << "Client can't sign messages." << dendl;
-      reply.tag = CEPH_MSGR_TAG_FEATURES;
-      msgr->lock.Unlock();
-      goto reply;
-    }
-
     msgr->lock.Unlock();
 
     // Check the authorizer.  If not good, bail out.
@@ -941,16 +929,6 @@ int Pipe::connect()
        goto fail_locked;
       }
 
-      // If the client supports signing session messages, and it is configured to require the server
-      // to sign, and the server can't sign, bail out.  PLR
-
-      if ((policy.features_supported & CEPH_FEATURE_MSG_AUTH) &&
-         msgr->cct->_conf->cephx_require_signatures &&
-          !(reply.features & CEPH_FEATURE_MSG_AUTH)) {
-        ldout(msgr->cct,1) << "Server can't sign messages." << dendl;
-        goto fail_locked;
-      }
-
       if (reply.tag == CEPH_MSGR_TAG_SEQ) {
         ldout(msgr->cct,10) << "got CEPH_MSGR_TAG_SEQ, reading acked_seq and writing in_seq" << dendl;
         uint64_t newly_acked_seq = 0;