msg/Pipe: do not hold pipe_lock for verify_authorizer()

We shouldn't hold the pipe_lock while doing the ms_verify_authorizer
upcalls.

Fix by unlocking a bit earlier, and verifying our state is still correct
in the failure path.

This regression was introduced by ecab4bb9513385bd765cca23e4e2fadb7ac4bac2.

Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Greg Farnum <greg@inktank.com>
(cherry picked from commit 723d691f7a1f53888618dfc311868d1988f61f56)

Conflicts:

	src/msg/Pipe.cc

diff --git a/src/msg/Pipe.cc b/src/msg/Pipe.cc
index fbf28f8ce98b4430446c449b0e89bbe5ef3b8333..87426218d4862cbbb55921cc88d47782332167f7 100644 (file)
--- a/src/msg/Pipe.cc
+++ b/src/msg/Pipe.cc
@@ -386,10 +386,15 @@ int Pipe::accept()
     
     // Check the authorizer.  If not good, bail out.
 
-    if (!msgr->verify_authorizer(connection_state, peer_type, connect.authorizer_protocol, authorizer, 
+    pipe_lock.Unlock();
+
+    if (!msgr->verify_authorizer(connection_state, peer_type, connect.authorizer_protocol, authorizer,
                                 authorizer_reply, authorizer_valid, session_key) ||
        !authorizer_valid) {
       ldout(msgr->cct,0) << "accept: got bad authorizer" << dendl;
+      pipe_lock.Lock();
+      if (state != STATE_ACCEPTING)
+       goto shutting_down_msgr_unlocked;
       reply.tag = CEPH_MSGR_TAG_BADAUTHORIZER;
       delete session_security;
       session_security = NULL;
@@ -400,7 +405,6 @@ int Pipe::accept()
 
     ldout(msgr->cct,10) << "accept:  setting up session_security." << dendl;
 
-    pipe_lock.Unlock();
     msgr->lock.Lock();
     pipe_lock.Lock();
     if (msgr->dispatch_queue.stop)
@@ -705,8 +709,9 @@ int Pipe::accept()
   return -1;
 
  shutting_down:
-  assert(pipe_lock.is_locked());
   msgr->lock.Unlock();
+ shutting_down_msgr_unlocked:
+  assert(pipe_lock.is_locked());
 
   if (msgr->cct->_conf->ms_inject_internal_delays) {
     ldout(msgr->cct, 10) << " sleep for " << msgr->cct->_conf->ms_inject_internal_delays << dendl;