]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7e70afb)
mon: stat requests use caps->check_privileges instead of a macro
authorGreg Farnum <gregf@hq.newdream.net>
Mon, 22 Mar 2010 20:28:01 +0000 (13:28 -0700)
committerGreg Farnum <gregf@hq.newdream.net>
Tue, 23 Mar 2010 18:41:52 +0000 (11:41 -0700)
src/mon/Monitor.cc patch | blob | history
src/mon/PGMonitor.cc patch | blob | history

diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc
index eb0ceea9e032def8c2666cd389c4b88dc71038e7..d862a238df44771446e6b1ebf58625f53577489e 100644 (file)
--- a/src/mon/Monitor.cc
+++ b/src/mon/Monitor.cc
@@ -649,7 +649,6 @@ do { \
     case CEPH_MSG_STATFS:
     case MSG_PGSTATS:
     case MSG_GETPOOLSTATS:
-      ALLOW_CAPS(PAXOS_PGMAP, MON_CAP_R);
       fill_caps(m);
       paxos_service[PAXOS_PGMAP]->dispatch((PaxosServiceMessage*)m);
       break;
diff --git a/src/mon/PGMonitor.cc b/src/mon/PGMonitor.cc
index ebee606a60b6db69ab98723aca18d0e295e86c3c..900cb3a24e6647a54873818ff7bad98315602f96 100644 (file)
--- a/src/mon/PGMonitor.cc
+++ b/src/mon/PGMonitor.cc
@@ -207,6 +207,12 @@ void PGMonitor::committed()
 
 void PGMonitor::handle_statfs(MStatfs *statfs)
 {
+  //check caps
+  if(!statfs->caps->check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
+    dout(0) << "MStatfs received from entity with insufficient privileges "
+           << *statfs->caps << dendl;
+    goto out;
+  }
   MStatfsReply *reply;
 
   dout(10) << "handle_statfs " << *statfs << " from " << statfs->get_orig_source() << dendl;
@@ -233,9 +239,14 @@ void PGMonitor::handle_statfs(MStatfs *statfs)
 
 bool PGMonitor::preprocess_getpoolstats(MGetPoolStats *m)
 {
-  dout(10) << "preprocess_getpoolstats " << *m << dendl;
   MGetPoolStatsReply *reply;
 
+  if (!m->caps->check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
+    dout(0) << "MGetPoolStats received from entity with insufficient caps "
+           << *m->caps << dendl;
+    goto out;
+  }
+
   if (ceph_fsid_compare(&m->fsid, &mon->monmap->fsid)) {
     dout(0) << "preprocess_getpoolstats on fsid " << m->fsid << " != " << mon->monmap->fsid << dendl;
     goto out;
@@ -267,6 +278,12 @@ bool PGMonitor::preprocess_pg_stats(MPGStats *stats)
 {
   int from = stats->get_orig_source().num();
 
+  //check caps
+  if (!stats->caps->check_privileges(PAXOS_PGMAP, MON_CAP_R)) {
+    dout(0) << "MPGStats received from entity with insufficient privileges "
+           << *stats->caps << dendl;
+    goto out;
+  }
   // first, just see if they need a new osdmap.  but 
   // only if they've had the map for a while.
   if (stats->had_map_for > 30.0 && 
@@ -294,7 +311,7 @@ bool PGMonitor::preprocess_pg_stats(MPGStats *stats)
        p++)
     ack->pg_stat[p->first] = p->second.reported;
   mon->send_reply(stats, ack);
-
+ out:
   delete stats;
   return true;
 }
Unnamed repository; edit this file 'description' to name the repository.