cephx: fix negotiation on reconnect

author Sage Weil <sage@newdream.net>

Thu, 11 Feb 2010 17:00:10 +0000 (09:00 -0800)

committer Sage Weil <sage@newdream.net>

Thu, 11 Feb 2010 18:03:25 +0000 (10:03 -0800)
author Sage Weil <sage@newdream.net>
Thu, 11 Feb 2010 17:00:10 +0000 (09:00 -0800)
committer Sage Weil <sage@newdream.net>
Thu, 11 Feb 2010 18:03:25 +0000 (10:03 -0800)
diff --git a/src/auth/cephx/CephxClientHandler.cc b/src/auth/cephx/CephxClientHandler.cc

index ea2d131c27b8acf82fc1de5fcebc345b71dab448..098a9ddb1a61cdc6bcdd9bc1429598bf5666251a 100644 (file)
--- a/src/auth/cephx/CephxClientHandler.cc
+++ b/src/auth/cephx/CephxClientHandler.cc
@@ -97,6 +97,8 @@ int CephxClientHandler::handle_response(int ret, bufferlist::iterator& indata)
      server_challenge = ch.server_challenge;
      dout(10) << " got initial server challenge " << server_challenge << dendl;
      starting = false;
+
+    tickets.invalidate_ticket(CEPH_ENTITY_TYPE_AUTH);
      return -EAGAIN;
    }
  
diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc

index 1ae234be14144addf66bd04a74987004905c2ac9..01615f6088e2945d576947474974ddc57baf236c 100644 (file)
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -215,6 +215,13 @@ void CephXTicketManager::set_have_need_key(uint32_t service_id, uint32_t& have,
      have &= ~service_id;
  }
  
+void CephXTicketManager::invalidate_ticket(uint32_t service_id)
+{
+  map<uint32_t, CephXTicketHandler>::iterator iter = tickets_map.find(service_id);
+  if (iter != tickets_map.end())
+    iter->second.invalidate_ticket();
+}
+
  /*
   * PRINCIPAL: verify our attempt to authenticate succeeded.  fill out
   * this ServiceTicket with the result.
diff --git a/src/auth/cephx/CephxProtocol.h b/src/auth/cephx/CephxProtocol.h

index 0ead914e52c2b342d171113510bb8e9122dae59c..2403c03bf84f33617399b84e920cec51306f2244 100644 (file)
--- a/src/auth/cephx/CephxProtocol.h
+++ b/src/auth/cephx/CephxProtocol.h
@@ -290,6 +290,10 @@ struct CephXTicketHandler {
  
    bool have_key();
    bool need_key();
+
+  void invalidate_ticket() {
+    have_key_flag = 0;
+  }
  };
  
  struct CephXTicketManager {
@@ -311,6 +315,7 @@ struct CephXTicketManager {
    bool need_key(uint32_t service_id);
    void set_have_need_key(uint32_t service_id, uint32_t& have, uint32_t& need);
    void validate_tickets(uint32_t mask, uint32_t& have, uint32_t& need);
+  void invalidate_ticket(uint32_t service_id);
  };
author	Sage Weil <sage@newdream.net>
	Thu, 11 Feb 2010 17:00:10 +0000 (09:00 -0800)
committer	Sage Weil <sage@newdream.net>
	Thu, 11 Feb 2010 18:03:25 +0000 (10:03 -0800)
src/auth/cephx/CephxClientHandler.cc		patch \| blob \| history
src/auth/cephx/CephxProtocol.cc		patch \| blob \| history
src/auth/cephx/CephxProtocol.h		patch \| blob \| history