From: Greg Farnum Date: Wed, 8 Dec 2021 21:32:58 +0000 (+0000) Subject: mon: take blocklist ranges as a subcommand, not implicitly from address format X-Git-Tag: v16.2.11~543^2~16 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=1b993ba06128ea0c3b521f217ad953f0c6e6255d;p=ceph.git mon: take blocklist ranges as a subcommand, not implicitly from address format I discovered in testing with CephFS that this tends to interpret client IPs (which don't have ports, but do have nonces) as invalid ranges. So give it a separate input keyword that has to be applied first. Signed-off-by: Greg Farnum (cherry picked from commit 73a1f1b51e586ff7476ff4f4c1682abd0a317074) --- diff --git a/src/mon/MonCommands.h b/src/mon/MonCommands.h index e3cb65b3b243..f5ca47eb43ba 100644 --- a/src/mon/MonCommands.h +++ b/src/mon/MonCommands.h @@ -1043,6 +1043,7 @@ COMMAND("osd new " "Reads secrets from JSON file via `-i ` (see man page).", "osd", "rw") COMMAND("osd blocklist " + "name=range,type=CephString,goodchars=[range],req=false " "name=blocklistop,type=CephChoices,strings=add|rm " "name=addr,type=CephEntityAddr " "name=expire,type=CephFloat,range=0.0,req=false", diff --git a/src/mon/OSDMonitor.cc b/src/mon/OSDMonitor.cc index f9912dd08b1f..8ce12fd3c068 100644 --- a/src/mon/OSDMonitor.cc +++ b/src/mon/OSDMonitor.cc @@ -12693,8 +12693,18 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, return true; } else if (prefix == "osd blocklist" || prefix == "osd blacklist") { - string addrstr; + string addrstr, rangestr; + bool range = false; cmd_getval(cmdmap, "addr", addrstr); + if (cmd_getval(cmdmap, "range", rangestr)) { + if (rangestr == "range") { + range = true; + } else { + ss << "Did you mean to specify \"osd blocklist range\"?"; + err = -EINVAL; + goto reply; + } + } entity_addr_t addr; if (!addr.parse(addrstr.c_str(), 0)) { ss << "unable to parse address " << addrstr; @@ -12702,7 +12712,14 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, goto reply; } else { - if (addr.is_cidr()) { + if (range) { + if (!addr.maybe_cidr()) { + ss << "You specified a range command, but " << addr + << " does not parse as a CIDR range"; + err = -EINVAL; + goto reply; + } + addr.type = entity_addr_t::TYPE_CIDR; err = check_cluster_features(CEPH_FEATUREMASK_RANGE_BLOCKLIST, ss); if (err) { goto reply; @@ -12745,7 +12762,7 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, ob.erase(it); } }; - if (addr.is_cidr()) { + if (range) { add_to_pending_blocklists(pending_inc.new_range_blocklist, pending_inc.old_range_blocklist, addr, expires); @@ -12762,9 +12779,9 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, get_last_committed() + 1)); return true; } else if (blocklistop == "rm") { - auto maybe_rm_from_pending_blocklists = [](const auto& addr, - auto& blocklist, - auto& ob, auto& pb) { + auto rm_from_pending_blocklists = [](const auto& addr, + auto& blocklist, + auto& ob, auto& pb) { if (blocklist.count(addr)) { ob.push_back(addr); return true; @@ -12774,12 +12791,12 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, } return false; }; - if (maybe_rm_from_pending_blocklists(addr, osdmap.blocklist, - pending_inc.old_blocklist, - pending_inc.new_blocklist) || - maybe_rm_from_pending_blocklists(addr, osdmap.range_blocklist, - pending_inc.old_range_blocklist, - pending_inc.new_range_blocklist)) { + if ((!range && rm_from_pending_blocklists(addr, osdmap.blocklist, + pending_inc.old_blocklist, + pending_inc.new_blocklist)) || + (range && rm_from_pending_blocklists(addr, osdmap.range_blocklist, + pending_inc.old_range_blocklist, + pending_inc.new_range_blocklist))) { ss << "un-blocklisting " << addr; getline(ss, rs); wait_for_finished_proposal(op, new Monitor::C_Command(mon, op, 0, rs,