*
*/
+#include "common/debug.h"
#include "Auth.h"
#include "AuthAuthorizeHandler.h"
#include "cephx/CephxAuthorizeHandler.h"
#include "AuthMethodList.h"
#include "common/Mutex.h"
+#define dout_subsys ceph_subsys_auth
+
AuthAuthorizeHandler *AuthAuthorizeHandlerRegistry::get_handler(int protocol)
{
if (!supported.is_supported_auth(protocol)) {
}
msgr->lock.Unlock();
+
+ // As it stands, this code is not totally secure, since the first monitor pipe that gets set up isn't ready to verify authorizers.
+ // As a result, we just skip over verifying the authorizer. Fixing it requires some surgery in monitor initialization. PLR
+
if (msgr->verify_authorizer(connection_state, peer_type,
- connect.authorizer_protocol, authorizer, authorizer_reply, authorizer_valid, session_key) &&
- !authorizer_valid) {
- ldout(msgr->cct,0) << "accept bad authorizer" << dendl;
- reply.tag = CEPH_MSGR_TAG_BADAUTHORIZER;
- session_security = NULL;
- goto reply;
+ connect.authorizer_protocol, authorizer, authorizer_reply, authorizer_valid, session_key) ) {
+ if (!authorizer_valid) {
+ ldout(msgr->cct,0) << "accept: got bad authorizer" << dendl;
+ reply.tag = CEPH_MSGR_TAG_BADAUTHORIZER;
+ session_security = NULL;
+ goto reply;
+ }
+ else {
+
+ // We've verified the authorizer for this pipe, so set up the session security structure. PLR
+
+ session_security = get_auth_session_handler(msgr->cct, connect.authorizer_protocol, session_key);
+ }
}
+ else {
- // We've verified the authorizer for this pipe, so set up the session security structure. PLR
-
- session_security = get_auth_session_handler(msgr->cct, connect.authorizer_protocol, session_key);
+ // verify_authorizer failed. Don't set up session security, since we have no authorizer to get a key from. PLR
+ ldout(msgr->cct,10) << "accept: verify_authorizer failed, setting session_security to NULL." << dendl;
+ session_security = NULL;
+ }
+
msgr->lock.Lock();
if (msgr->dispatch_queue.stop)
goto shutting_down;
projects / ceph.git / commitdiff