msg/async: msgr2: fix connection secret problems for WITH_SEASTAR builds

Signed-off-by: Ricardo Dias <rdias@suse.com>

diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc
index 07cfb00ec8022cbeca5478b6fd00adb3aa6c681d..6aa99d9bb528d3cc5e37fd77c7144a6f4f319096 100644 (file)
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -492,6 +492,7 @@ bool cephx_verify_authorizer(CephContext *cct, KeyStore *keys,
   CephXAuthorizeReply reply;
   // reply.trans_id = auth_msg.trans_id;
   reply.nonce_plus_one = auth_msg.nonce + 1;
+#ifndef WITH_SEASTAR
   if (connection_secret) {
     // generate a connection secret
     bufferptr bp;
@@ -502,6 +503,7 @@ bool cephx_verify_authorizer(CephContext *cct, KeyStore *keys,
     connection_secret->set_secret(CEPH_CRYPTO_AES, bp, ceph_clock_now());
     reply.connection_secret = *connection_secret;
   }
+#endif
   if (encode_encrypt(cct, reply, ticket_info.session_key, reply_bl, error)) {
     ldout(cct, 10) << "verify_authorizer: encode_encrypt error: " << error << dendl;
     return false;

diff --git a/src/crimson/net/SocketConnection.cc b/src/crimson/net/SocketConnection.cc
index 99f4e8fb97d0f02080e67529c09e715dbbe24f43..601b090136f0d6071ae4f68eddf8cc3649722758 100644 (file)
--- a/src/crimson/net/SocketConnection.cc
+++ b/src/crimson/net/SocketConnection.cc
@@ -690,10 +690,14 @@ SocketConnection::handle_connect_reply(msgr_tag_t tag)
         h.backoff = 0ms;
         set_features(h.reply.features & h.connect.features);
         if (h.authorizer) {
+          CryptoKey connection_secret;  // this is not used here, we just need
+                                        // to make get_auth_session_handler
+                                        // call happy
           session_security.reset(
               get_auth_session_handler(nullptr,
                                        h.authorizer->protocol,
                                        h.authorizer->session_key,
+                                       connection_secret,
                                        features));
         }
         h.authorizer.reset();
@@ -764,7 +768,7 @@ SocketConnection::repeat_connect()
     }).then([this] (bufferlist bl) {
       if (h.authorizer) {
         auto reply = bl.cbegin();
-        if (!h.authorizer->verify_reply(reply)) {
+        if (!h.authorizer->verify_reply(reply, nullptr)) {
           logger().error("{} authorizer failed to verify reply", __func__);
           throw std::system_error(make_error_code(error::negotiation_failure));
         }