From: Ricardo Dias <rdias@suse.com>
Date: Wed, 16 Jan 2019 08:44:42 +0000 (+0000)
Subject: msg/async: msgr2: fix connection secret problems for WITH_SEASTAR builds
X-Git-Tag: v14.1.0~271^2~23
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=9a2864d38d7fbd532c45c9da9b4172e244eec8f0;p=ceph.git

msg/async: msgr2: fix connection secret problems for WITH_SEASTAR builds

Signed-off-by: Ricardo Dias <rdias@suse.com>
---

diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc
index 07cfb00ec802..6aa99d9bb528 100644
--- a/src/auth/cephx/CephxProtocol.cc
+++ b/src/auth/cephx/CephxProtocol.cc
@@ -492,6 +492,7 @@ bool cephx_verify_authorizer(CephContext *cct, KeyStore *keys,
   CephXAuthorizeReply reply;
   // reply.trans_id = auth_msg.trans_id;
   reply.nonce_plus_one = auth_msg.nonce + 1;
+#ifndef WITH_SEASTAR
   if (connection_secret) {
     // generate a connection secret
     bufferptr bp;
@@ -502,6 +503,7 @@ bool cephx_verify_authorizer(CephContext *cct, KeyStore *keys,
     connection_secret->set_secret(CEPH_CRYPTO_AES, bp, ceph_clock_now());
     reply.connection_secret = *connection_secret;
   }
+#endif
   if (encode_encrypt(cct, reply, ticket_info.session_key, reply_bl, error)) {
     ldout(cct, 10) << "verify_authorizer: encode_encrypt error: " << error << dendl;
     return false;
diff --git a/src/crimson/net/SocketConnection.cc b/src/crimson/net/SocketConnection.cc
index 99f4e8fb97d0..601b090136f0 100644
--- a/src/crimson/net/SocketConnection.cc
+++ b/src/crimson/net/SocketConnection.cc
@@ -690,10 +690,14 @@ SocketConnection::handle_connect_reply(msgr_tag_t tag)
         h.backoff = 0ms;
         set_features(h.reply.features & h.connect.features);
         if (h.authorizer) {
+          CryptoKey connection_secret;  // this is not used here, we just need
+                                        // to make get_auth_session_handler
+                                        // call happy
           session_security.reset(
               get_auth_session_handler(nullptr,
                                        h.authorizer->protocol,
                                        h.authorizer->session_key,
+                                       connection_secret,
                                        features));
         }
         h.authorizer.reset();
@@ -764,7 +768,7 @@ SocketConnection::repeat_connect()
     }).then([this] (bufferlist bl) {
       if (h.authorizer) {
         auto reply = bl.cbegin();
-        if (!h.authorizer->verify_reply(reply)) {
+        if (!h.authorizer->verify_reply(reply, nullptr)) {
           logger().error("{} authorizer failed to verify reply", __func__);
           throw std::system_error(make_error_code(error::negotiation_failure));
         }