auth: cleaner about timestamp change

author Sage Weil <sage@newdream.net>

Thu, 22 Oct 2009 23:50:20 +0000 (16:50 -0700)

committer Sage Weil <sage@newdream.net>

Thu, 22 Oct 2009 23:51:20 +0000 (16:51 -0700)
author Sage Weil <sage@newdream.net>
Thu, 22 Oct 2009 23:50:20 +0000 (16:50 -0700)
committer Sage Weil <sage@newdream.net>
Thu, 22 Oct 2009 23:51:20 +0000 (16:51 -0700)
diff --git a/src/auth/Auth.cc b/src/auth/Auth.cc

index c6c73f00fde7c0cbfefab77b4fa5f51e5597ef60..32e0e2d988322b37ee4ee0f8abffe2808ce6304b 100644 (file)
--- a/src/auth/Auth.cc
+++ b/src/auth/Auth.cc
@@ -251,7 +251,7 @@ bool verify_authorizer(KeyStore& keys, bufferlist::iterator& indata,
    AuthAuthorizeReply reply;
    // reply.trans_id = auth_msg.trans_id;
    reply.timestamp = auth_msg.now;
-  reply.timestamp += 1;
+  reply.timestamp.sec_ref() += 1;
    if (encode_encrypt(reply, ticket_info.session_key, reply_bl) < 0)
      return false;
  
@@ -264,10 +264,15 @@ bool AuthAuthorizer::verify_reply(bufferlist::iterator& indata)
  {
    AuthAuthorizeReply reply;
  
-  if (decode_decrypt(reply, session_key, indata) < 0)
+  if (decode_decrypt(reply, session_key, indata) < 0) {
+    dout(0) << " coudln't decrypt auth reply" << dendl;
      return false;
+  }
  
-  if (timestamp + 1 != reply.timestamp) {
+  utime_t expect = timestamp;
+  expect.sec_ref() += 1;
+  if (expect != reply.timestamp) {
+    dout(0) << " bad ts got " << reply.timestamp << " expect " << expect << " sent " << timestamp << dendl;
      return false;
    }
author	Sage Weil <sage@newdream.net>
	Thu, 22 Oct 2009 23:50:20 +0000 (16:50 -0700)
committer	Sage Weil <sage@newdream.net>
	Thu, 22 Oct 2009 23:51:20 +0000 (16:51 -0700)