fixing set key to the context-conf

none - 2

Signed-off-by: Leonid Chernin <leonidc@il.ibm.com>

diff --git a/src/auth/RotatingKeyRing.cc b/src/auth/RotatingKeyRing.cc
index 4bc6af6adcad369032098e51f3110e33cf4566df..8d693c1013a47d940386b32b467bfa6c5194da54 100644 (file)
--- a/src/auth/RotatingKeyRing.cc
+++ b/src/auth/RotatingKeyRing.cc
@@ -39,8 +39,29 @@ void RotatingKeyRing::dump_rotating() const
 
 bool RotatingKeyRing::get_secret(const EntityName& name, CryptoKey& secret) const
 {
+  // 1. Migration override
+  std::string mig_key;
+
+  #ifdef CEPH_HAVE_SEASTAR
+    // Crimson CephContext
+    int r = cct->conf().get_val("migration_inline_key", &mig_key);
+  #else
+    // Classic CephContext
+    int r = cct->_conf.get_val("migration_inline_key", &mig_key);
+  #endif
+
+  if (r == 0 && !mig_key.empty()) {
+    ldout(cct, 0) << "RotatingKeyRing::get_secret: using migration_inline_key override"
+                  << dendl;
+
+    ceph::buffer::ptr bp = ceph::buffer::copy(mig_key.data(), mig_key.size());
+    secret = CryptoKey(CEPH_CRYPTO_AES, utime_t(), bp);
+    return true;
+  }
+
+  // 2. Normal behavior
   std::lock_guard l{lock};
-  return keyring->get_secret(name, secret);
+  return keyring && keyring->get_secret(name, secret);
 }
 
 bool RotatingKeyRing::get_service_secret(uint32_t service_id_, uint64_t secret_id,

diff --git a/src/common/options/global.yaml.in b/src/common/options/global.yaml.in
index 035d81346850934cad851761c263f4c0d131e476..245342f79ee1e81eea6d7fccb29597b605e39720 100644 (file)
--- a/src/common/options/global.yaml.in
+++ b/src/common/options/global.yaml.in
@@ -169,6 +169,18 @@ options:
   flags:
   - no_mon_update
   - startup
+- name: migration_inline_key
+  type: str
+  level: advanced
+  default: 10.10.10.10
+  desc: Inline cephx key for migration source cluster
+  long_desc: >
+    Allows librbd migration to authenticate to a source cluster using a cephx
+    key provided in the migration spec. Disabled unless explicitly set.
+  flags:
+  - runtime
+  services:
+  - common
 - name: mon_host_override
   type: str
   level: advanced

diff --git a/src/librbd/migration/OpenSourceImageRequest.cc b/src/librbd/migration/OpenSourceImageRequest.cc
index e9f8c08a5ba3e36bbd413908c9fbedc3960225ad..b71b34503749799f2063fd6fd6c5f561ffb333b3 100644 (file)
--- a/src/librbd/migration/OpenSourceImageRequest.cc
+++ b/src/librbd/migration/OpenSourceImageRequest.cc
@@ -119,29 +119,18 @@ void OpenSourceImageRequest<I>::open_native(
      } else {
        ldout(m_cct, 5) << " get value by key " <<  fsid <<" got "<< value << dendl;
        CephContext* cct = (CephContext*)m_dst_io_ctx.cct();
-       //CephContext* cct = m_dst_io_ctx.cct();
-       ldout(m_cct, 5) << " here " <<  dendl;
-       r = cct->_conf.set_val("mon_host", mon_host);
-       ldout(m_cct, 5) << " here1 " << r << dendl;
-       lderr(m_cct) << "set_val returned: " << r << " (" << cpp_strerror(r) << ")" << dendl;
-
-       r = cct->_conf.set_val("key", value);
-       ldout(m_cct, 5) << " here2 "<< r  << dendl;
-       lderr(m_cct) << "set_val returned: " << r << " (" << cpp_strerror(r) << ")" << dendl;
-
-       r = cct->_conf.set_val("fsid", fsid);
-       ldout(m_cct, 5) << " here3 "<< r  << dendl;
-       lderr(m_cct) << "set_val returned: " << r << " (" << cpp_strerror(r) << ")" << dendl;
-
-return;
-       ldout(m_cct, 5) << "Verifying overridden config:"
+      // value = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
+       r = cct->_conf.set_val("migration_inline_key", value);
+       lderr(m_cct) << "migration_inline_key set_val returned: " << r << " (" << cpp_strerror(r) << ")" << dendl;
+       cct->_conf.apply_changes(nullptr);  //r = cct->_conf.set_val("fsid", fsid);
+
+    /*   ldout(m_cct, 5) << "Verifying overridden config:"
                       << " mon_host=" << cct->_conf.get_val<std::string>("mon_host")
                       << " key=" << cct->_conf.get_val<std::string>("key")
                       << " fsid=" << cct->_conf.get_val<std::string>("fsid")
-                      << dendl;
+                      << dendl;*/
      }
   }
-  ldout(m_cct, 5) << " here4 " << dendl;
   r = NativeFormat<I>::create_image_ctx(m_dst_io_ctx, source_spec_object,
                                             import_only, m_src_snap_id,
                                             m_src_image_ctx, m_src_rados);