msg/Pipe: require MSG_AUTH feature on server if option is enabled

If we

  negotiate cephx AND
  are a server AND
  cephx require signatures = true

then require the MSG_AUTH feature bit.  Put this in the Policy struct for
this connection so that the existing feature bit checks and error reporting
are used, and the peer knows what feature it is missing.

Signed-off-by: Sage Weil <sage@inktank.com>

diff --git a/src/msg/Pipe.cc b/src/msg/Pipe.cc
index 0add14b441efa252bf1cdd3f6eda5dc6fe56b1d4..736146d9f4b7fcc7d21b34d0107e33e7cc7449ae 100644 (file)
--- a/src/msg/Pipe.cc
+++ b/src/msg/Pipe.cc
@@ -354,6 +354,24 @@ int Pipe::accept()
       goto reply;
     }
 
+    // require signatures for cephx?
+    if (connect.authorizer_protocol == CEPH_AUTH_CEPHX) {
+      if (peer_type == CEPH_ENTITY_TYPE_OSD ||
+         peer_type == CEPH_ENTITY_TYPE_MDS) {
+       if (msgr->cct->_conf->cephx_require_signatures ||
+           msgr->cct->_conf->cephx_cluster_require_signatures) {
+         ldout(msgr->cct,10) << "using cephx, requiring MSG_AUTH feature bit for cluster" << dendl;
+         policy.features_required |= CEPH_FEATURE_MSG_AUTH;
+       }
+      } else {
+       if (msgr->cct->_conf->cephx_require_signatures ||
+           msgr->cct->_conf->cephx_service_require_signatures) {
+         ldout(msgr->cct,10) << "using cephx, requiring MSG_AUTH feature bit for service" << dendl;
+         policy.features_required |= CEPH_FEATURE_MSG_AUTH;
+       }
+      }
+    }
+
     feat_missing = policy.features_required & ~(uint64_t)connect.features;
     if (feat_missing) {
       ldout(msgr->cct,1) << "peer missing required features " << std::hex << feat_missing << std::dec << dendl;