fixing set key to the context-conf

none
Signed-off-by: Leonid Chernin <leonidc@il.ibm.com>

diff --git a/src/auth/RotatingKeyRing.cc b/src/auth/RotatingKeyRing.cc
index 4bc6af6adcad369032098e51f3110e33cf4566df..dcd5c970a1ec6258c90703e4fa3ba80785ec8b0f 100644 (file)
--- a/src/auth/RotatingKeyRing.cc
+++ b/src/auth/RotatingKeyRing.cc
@@ -39,8 +39,22 @@ void RotatingKeyRing::dump_rotating() const
 
 bool RotatingKeyRing::get_secret(const EntityName& name, CryptoKey& secret) const
 {
+  // 1. Migration override
+  std::string mig_key;
+  int r = cct->_conf.get_val("migration_inline_key", &mig_key);
+  if (r == 0 && !mig_key.empty()) {
+    ldout(cct, 5) << "RotatingKeyRing::get_secret: using migration_inline_key override"
+                  << dendl;
+    // Convert string to buffer::ptr
+    ceph::buffer::ptr bp = ceph::buffer::copy(mig_key.data(), mig_key.size());
+    // Build a key from the inline string
+    secret = CryptoKey(CEPH_CRYPTO_AES, utime_t(), bp);
+    return true;
+  }
+
+  // 2. Normal behavior
   std::lock_guard l{lock};
-  return keyring->get_secret(name, secret);
+  return keyring && keyring->get_secret(name, secret);
 }
 
 bool RotatingKeyRing::get_service_secret(uint32_t service_id_, uint64_t secret_id,

diff --git a/src/common/options/global.yaml.in b/src/common/options/global.yaml.in
index f3ebf1b1a8e2e8c6c24fa28af5545eea29ea5cd2..0ff1bc0e4ecd0eb83e62df43b7ece4e93495d382 100644 (file)
--- a/src/common/options/global.yaml.in
+++ b/src/common/options/global.yaml.in
@@ -169,6 +169,18 @@ options:
   flags:
   - no_mon_update
   - startup
+- name: migration_inline_key
+  type: str
+  level: advanced
+  default: 10.10.10.10
+  desc: Inline cephx key for migration source cluster
+  long_desc: >
+    Allows librbd migration to authenticate to a source cluster using a cephx
+    key provided in the migration spec. Disabled unless explicitly set.
+  flags:
+  - runtime
+  services:
+  - common
 - name: mon_host_override
   type: str
   level: advanced

diff --git a/src/librbd/migration/OpenSourceImageRequest.cc b/src/librbd/migration/OpenSourceImageRequest.cc
index e9f8c08a5ba3e36bbd413908c9fbedc3960225ad..c7042e747870497f299efa5b809a79c12b4b9b15 100644 (file)
--- a/src/librbd/migration/OpenSourceImageRequest.cc
+++ b/src/librbd/migration/OpenSourceImageRequest.cc
@@ -119,26 +119,16 @@ void OpenSourceImageRequest<I>::open_native(
      } else {
        ldout(m_cct, 5) << " get value by key " <<  fsid <<" got "<< value << dendl;
        CephContext* cct = (CephContext*)m_dst_io_ctx.cct();
-       //CephContext* cct = m_dst_io_ctx.cct();
-       ldout(m_cct, 5) << " here " <<  dendl;
-       r = cct->_conf.set_val("mon_host", mon_host);
-       ldout(m_cct, 5) << " here1 " << r << dendl;
-       lderr(m_cct) << "set_val returned: " << r << " (" << cpp_strerror(r) << ")" << dendl;
-
-       r = cct->_conf.set_val("key", value);
-       ldout(m_cct, 5) << " here2 "<< r  << dendl;
-       lderr(m_cct) << "set_val returned: " << r << " (" << cpp_strerror(r) << ")" << dendl;
 
-       r = cct->_conf.set_val("fsid", fsid);
-       ldout(m_cct, 5) << " here3 "<< r  << dendl;
+       r = cct->_conf.set_val("migration_inline_key", value);
        lderr(m_cct) << "set_val returned: " << r << " (" << cpp_strerror(r) << ")" << dendl;
+       cct->_conf.apply_changes(nullptr);  //r = cct->_conf.set_val("fsid", fsid);
 
-return;
-       ldout(m_cct, 5) << "Verifying overridden config:"
+    /*   ldout(m_cct, 5) << "Verifying overridden config:"
                       << " mon_host=" << cct->_conf.get_val<std::string>("mon_host")
                       << " key=" << cct->_conf.get_val<std::string>("key")
                       << " fsid=" << cct->_conf.get_val<std::string>("fsid")
-                      << dendl;
+                      << dendl;*/
      }
   }
   ldout(m_cct, 5) << " here4 " << dendl;