From: Kefu Chai <kchai@redhat.com>
Date: Wed, 16 Oct 2019 07:51:54 +0000 (+0800)
Subject: crimson/mon: skip CEPHX_V2 challenge if client doesn't support it
X-Git-Tag: v15.1.0~1209^2
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=1309976cc040ecc2400db84b09336030026d8d93;p=ceph-ci.git

crimson/mon: skip CEPHX_V2 challenge if client doesn't support it

port 321548010578d6ff7bbf2e5ce8a550008b131423 from src/mon/MonClient

Signed-off-by: Kefu Chai <kchai@redhat.com>
---

diff --git a/src/crimson/mon/MonClient.cc b/src/crimson/mon/MonClient.cc
index 8aa59d825d5..7ef75567131 100644
--- a/src/crimson/mon/MonClient.cc
+++ b/src/crimson/mon/MonClient.cc
@@ -617,7 +617,14 @@ int Client::handle_auth_request(ceph::net::ConnectionRef con,
                    auth_method);
     return -EOPNOTSUPP;
   }
+  auto authorizer_challenge = &auth_meta->authorizer_challenge;
   ceph_assert(active_con);
+  if (!HAVE_FEATURE(active_con->get_conn()->get_features(), CEPHX_V2)) {
+    if (local_conf().get_val<uint64_t>("cephx_service_require_version") >= 2) {
+      return -EACCES;
+    }
+    authorizer_challenge = nullptr;
+  }
   bool was_challenge = (bool)auth_meta->authorizer_challenge;
   EntityName name;
   AuthCapsInfo caps_info;
@@ -632,7 +639,7 @@ int Client::handle_auth_request(ceph::net::ConnectionRef con,
     &caps_info,
     &auth_meta->session_key,
     &auth_meta->connection_secret,
-    &auth_meta->authorizer_challenge);
+    authorizer_challenge);
   if (is_valid) {
     auth_handler.handle_authentication(name, caps_info);
     return 1;