doc/dev/msgr2: update docs to match implementation for auth frames

Signed-off-by: Sage Weil <sage@redhat.com>

diff --git a/doc/dev/msgr2.rst b/doc/dev/msgr2.rst
index d6f4c66555d6c11f649f6737e436775b680715c7..b71e0d0593fdff694f9c0efb53a39792aaa96e95 100644 (file)
--- a/doc/dev/msgr2.rst
+++ b/doc/dev/msgr2.rst
@@ -108,25 +108,18 @@ Authentication
 * TAG_AUTH_REQUEST: client->server::
 
     __le32 method;  // CEPH_AUTH_{NONE, CEPHX, ...}
-    __le32 len;
     method specific payload
 
-* TAG_AUTH_BAD_METHOD (server only): reject client-selected auth method::
+* TAG_AUTH_BAD_METHOD server -> client: reject client-selected auth method::
 
     __le32 method
+    __le32 negative error result code
     __le32 num_methods
     __le32 allowed_methods[num_methods] // CEPH_AUTH_{NONE, CEPHX, ...}
 
-  - Returns the unsupported/forbidden method along with the list of allowed
-    authentication methods.
-
-* TAG_AUTH_BAD_AUTH: server->client::
-
-    __le32 error code (e.g., EPERM, EACCESS)
-    __le32 len;
-    error string;
-
-  - Sent when the authentication fails
+  - Returns the attempted auth method, and error code (-EOPNOTSUPP if
+    the method is unsupported), and the list of allowed authentication
+    methods.
 
 * TAG_AUTH_REPLY_MORE: server->client::
 
@@ -140,11 +133,8 @@ Authentication
 
 * TAG_AUTH_DONE: (server->client)::
 
-    confounder (block_size bytes of random garbage)
-    __le64 flags
-      FLAG_ENCRYPTED  1
-      FLAG_SIGNED     2
-    signature
+    __le64 global_id
+    method specific payload
 
   - The server is the one to decide authentication has completed.