From: Sage Weil <sage@redhat.com>
Date: Thu, 1 Feb 2018 15:03:32 +0000 (-0600)
Subject: mon: require authentication for MGetConfig and mon metadata
X-Git-Tag: wip-pdonnell-testing-20180317.202121~121^2~26
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=9936f8916749cfafca6e45dd00573f8bedc72256;p=ceph-ci.git

mon: require authentication for MGetConfig and mon metadata

More importantly, the set of non-authentication operations that are allowed
is more restricted: auth messages, getting monmap, ping.

Signed-off-by: Sage Weil <sage@redhat.com>
---

diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc
index 2588482ae17..bffc1477ca0 100644
--- a/src/mon/Monitor.cc
+++ b/src/mon/Monitor.cc
@@ -4050,21 +4050,26 @@ void Monitor::dispatch_op(MonOpRequestRef op)
     case CEPH_MSG_MON_GET_MAP:
       handle_mon_get_map(op);
       break;
+  }
+  if (dealt_with)
+    return;
+
+  if (!op->get_session()->authenticated) {
+    dout(5) << __func__ << " " << op->get_req()->get_source_inst()
+            << " is not authenticated, dropping " << *(op->get_req())
+            << dendl;
+    goto drop;
+  }
 
-      // unauthenticated clients can fetch config
+  switch (op->get_req()->get_type()) {
     case MSG_GET_CONFIG:
       configmon()->handle_get_config(op);
-      break;
+      return;
 
     case CEPH_MSG_MON_METADATA:
       return handle_mon_metadata(op);
 
-    default:
-      dealt_with = false;
-      break;
   }
-  if (dealt_with)
-    return;
 
   /* well, maybe the op belongs to a service... */
   op->set_type_service();