From: Yingxin Cheng <yingxin.cheng@intel.com>
Date: Thu, 13 Oct 2022 08:11:54 +0000 (+0800)
Subject: crimson/net: drop require_authorizer feature
X-Git-Tag: v18.1.0~994^2~3
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=a6089a49c36bd4c064da7b50d2b0b290ed54bfdd;p=ceph.git

crimson/net: drop require_authorizer feature

There is no need to consider the pre-nautilus scenario.

Signed-off-by: Yingxin Cheng <yingxin.cheng@intel.com>
---

diff --git a/src/crimson/mon/MonClient.cc b/src/crimson/mon/MonClient.cc
index edb5f4436bba..c79ac46c6da6 100644
--- a/src/crimson/mon/MonClient.cc
+++ b/src/crimson/mon/MonClient.cc
@@ -593,15 +593,8 @@ int Client::handle_auth_request(crimson::net::ConnectionRef con,
                                 const ceph::bufferlist& payload,
                                 ceph::bufferlist *reply)
 {
-  // for some channels prior to nautilus (osd heartbeat), we tolerate the lack of
-  // an authorizer.
   if (payload.length() == 0) {
-    if (con->get_messenger()->get_require_authorizer()) {
-      return -EACCES;
-    } else {
-      auth_handler.handle_authentication({}, {});
-      return 1;
-    }
+    return -EACCES;
   }
   auth_meta->auth_mode = payload[0];
   if (auth_meta->auth_mode < AUTH_MODE_AUTHORIZER ||
diff --git a/src/crimson/net/Messenger.h b/src/crimson/net/Messenger.h
index b9e56285e2a4..1e24b9466a50 100644
--- a/src/crimson/net/Messenger.h
+++ b/src/crimson/net/Messenger.h
@@ -38,7 +38,6 @@ using SocketPolicy = ceph::net::Policy<Throttle>;
 class Messenger {
   crimson::auth::AuthClient* auth_client = nullptr;
   crimson::auth::AuthServer* auth_server = nullptr;
-  bool require_authorizer = true;
 
 protected:
   entity_name_t my_name;
@@ -119,14 +118,6 @@ public:
 
   virtual void set_policy_throttler(entity_type_t peer_type, Throttle* throttle) = 0;
 
-  // allow unauthenticated connections.  This is needed for compatibility with
-  // pre-nautilus OSDs, which do not authenticate the heartbeat sessions.
-  bool get_require_authorizer() const {
-    return require_authorizer;
-  }
-  void set_require_authorizer(bool r) {
-    require_authorizer = r;
-  }
   static MessengerRef
   create(const entity_name_t& name,
          const std::string& lname,
diff --git a/src/crimson/osd/heartbeat.cc b/src/crimson/osd/heartbeat.cc
index ca8e7933a17c..484fe2213689 100644
--- a/src/crimson/osd/heartbeat.cc
+++ b/src/crimson/osd/heartbeat.cc
@@ -117,14 +117,6 @@ crimson::net::Messenger& Heartbeat::get_back_msgr() const
   return back_msgr;
 }
 
-void Heartbeat::set_require_authorizer(bool require_authorizer)
-{
-  if (front_msgr.get_require_authorizer() != require_authorizer) {
-    front_msgr.set_require_authorizer(require_authorizer);
-    back_msgr.set_require_authorizer(require_authorizer);
-  }
-}
-
 void Heartbeat::add_peer(osd_id_t _peer, epoch_t epoch)
 {
   assert(whoami != _peer);
diff --git a/src/crimson/osd/heartbeat.h b/src/crimson/osd/heartbeat.h
index 044c0d9791ff..50beb02b3fe1 100644
--- a/src/crimson/osd/heartbeat.h
+++ b/src/crimson/osd/heartbeat.h
@@ -47,7 +47,6 @@ public:
 
   crimson::net::Messenger &get_front_msgr() const;
   crimson::net::Messenger &get_back_msgr() const;
-  void set_require_authorizer(bool);
 
   // Dispatcher methods
   std::optional<seastar::future<>> ms_dispatch(
diff --git a/src/crimson/osd/osd.cc b/src/crimson/osd/osd.cc
index 191833669519..aff0086ad31b 100644
--- a/src/crimson/osd/osd.cc
+++ b/src/crimson/osd/osd.cc
@@ -1228,7 +1228,6 @@ seastar::future<> OSD::handle_peering_op(
 
 seastar::future<> OSD::check_osdmap_features()
 {
-  heartbeat->set_require_authorizer(true);
   return store.write_meta("require_osd_release",
                           stringify((int)osdmap->require_osd_release));
 }
diff --git a/src/crimson/tools/perf_async_msgr.cc b/src/crimson/tools/perf_async_msgr.cc
index b7b0ca606d35..de3367a6e91b 100644
--- a/src/crimson/tools/perf_async_msgr.cc
+++ b/src/crimson/tools/perf_async_msgr.cc
@@ -25,7 +25,6 @@ struct Server {
     msgr->set_default_policy(Messenger::Policy::stateless_server(0));
     msgr->set_auth_client(&dummy_auth);
     msgr->set_auth_server(&dummy_auth);
-    msgr->set_require_authorizer(false);
   }
   DummyAuthClientServer dummy_auth;
   std::unique_ptr<Messenger> msgr;
diff --git a/src/crimson/tools/perf_crimson_msgr.cc b/src/crimson/tools/perf_crimson_msgr.cc
index e6b5b9a0508c..ef5602b0f27b 100644
--- a/src/crimson/tools/perf_crimson_msgr.cc
+++ b/src/crimson/tools/perf_crimson_msgr.cc
@@ -338,7 +338,6 @@ static seastar::future<> run(
           if (client.is_active()) {
             client.msgr = crimson::net::Messenger::create(entity_name_t::OSD(client.sid), client.lname, client.sid);
             client.msgr->set_default_policy(crimson::net::SocketPolicy::lossy_client(0));
-            client.msgr->set_require_authorizer(false);
             client.msgr->set_auth_client(&client.dummy_auth);
             client.msgr->set_auth_server(&client.dummy_auth);
             return client.msgr->start({&client});
diff --git a/src/test/crimson/test_alien_echo.cc b/src/test/crimson/test_alien_echo.cc
index 15f0347692b5..e75d3d03c596 100644
--- a/src/test/crimson/test_alien_echo.cc
+++ b/src/test/crimson/test_alien_echo.cc
@@ -173,7 +173,6 @@ seastar_echo(const entity_addr_t addr, echo_role role, unsigned count)
       server.msgr->set_default_policy(crimson::net::SocketPolicy::stateless_server(0));
       server.msgr->set_policy_throttler(entity_name_t::TYPE_OSD,
                                         &server.byte_throttler);
-      server.msgr->set_require_authorizer(false);
       server.msgr->set_auth_client(&server.dummy_auth);
       server.msgr->set_auth_server(&server.dummy_auth);
       return server.msgr->bind(entity_addrvec_t{addr}
@@ -200,7 +199,6 @@ seastar_echo(const entity_addr_t addr, echo_role role, unsigned count)
       client.msgr->set_default_policy(crimson::net::SocketPolicy::lossy_client(0));
       client.msgr->set_policy_throttler(entity_name_t::TYPE_OSD,
                                         &client.byte_throttler);
-      client.msgr->set_require_authorizer(false);
       client.msgr->set_auth_client(&client.dummy_auth);
       client.msgr->set_auth_server(&client.dummy_auth);
       return client.msgr->start({&client.dispatcher}).then(
diff --git a/src/test/crimson/test_async_echo.cc b/src/test/crimson/test_async_echo.cc
index 62ad8daed047..758bcf626abf 100644
--- a/src/test/crimson/test_async_echo.cc
+++ b/src/test/crimson/test_async_echo.cc
@@ -30,7 +30,6 @@ struct Server {
     msgr->set_default_policy(Messenger::Policy::stateless_server(0));
     msgr->set_auth_client(&dummy_auth);
     msgr->set_auth_server(&dummy_auth);
-    msgr->set_require_authorizer(false);
   }
   DummyAuthClientServer dummy_auth;
   std::unique_ptr<Messenger> msgr;
@@ -89,7 +88,6 @@ struct Client {
     msgr->set_default_policy(Messenger::Policy::lossy_client(0));
     msgr->set_auth_client(&dummy_auth);
     msgr->set_auth_server(&dummy_auth);
-    msgr->set_require_authorizer(false);
   }
   DummyAuthClientServer dummy_auth;
   struct ClientDispatcher : Dispatcher {
diff --git a/src/test/crimson/test_messenger.cc b/src/test/crimson/test_messenger.cc
index 1e5e59508028..0b570f71d583 100644
--- a/src/test/crimson/test_messenger.cc
+++ b/src/test/crimson/test_messenger.cc
@@ -77,7 +77,6 @@ static seastar::future<> test_echo(unsigned rounds,
                              const entity_addr_t& addr) {
         msgr = crimson::net::Messenger::create(name, lname, nonce);
         msgr->set_default_policy(crimson::net::SocketPolicy::stateless_server(0));
-        msgr->set_require_authorizer(false);
         msgr->set_auth_client(&dummy_auth);
         msgr->set_auth_server(&dummy_auth);
         return msgr->bind(entity_addrvec_t{addr}).safe_then([this] {
diff --git a/src/test/crimson/test_messenger_peer.cc b/src/test/crimson/test_messenger_peer.cc
index 956238cfe3bc..0232262fc598 100644
--- a/src/test/crimson/test_messenger_peer.cc
+++ b/src/test/crimson/test_messenger_peer.cc
@@ -111,7 +111,6 @@ class FailoverSuitePeer : public Dispatcher {
     peer_msgr->set_default_policy(policy);
     peer_msgr->set_auth_client(&dummy_auth);
     peer_msgr->set_auth_server(&dummy_auth);
-    peer_msgr->set_require_authorizer(false);
     peer_msgr->bind(test_peer_addr);
     peer_msgr->add_dispatcher_head(this);
     peer_msgr->start();
@@ -368,7 +367,6 @@ class FailoverTestPeer : public Dispatcher {
     cmd_msgr->set_default_policy(Messenger::Policy::stateless_server(0));
     cmd_msgr->set_auth_client(&dummy_auth);
     cmd_msgr->set_auth_server(&dummy_auth);
-    cmd_msgr->set_require_authorizer(false);
     cmd_msgr->bind(cmd_peer_addr);
     cmd_msgr->add_dispatcher_head(this);
     cmd_msgr->start();
diff --git a/src/test/crimson/test_messenger_thrash.cc b/src/test/crimson/test_messenger_thrash.cc
index 84dd26b330db..37d7a68e2b15 100644
--- a/src/test/crimson/test_messenger_thrash.cc
+++ b/src/test/crimson/test_messenger_thrash.cc
@@ -345,7 +345,6 @@ class SyntheticWorkload {
      crimson::net::MessengerRef msgr =
        crimson::net::Messenger::create(name, lname, nonce);
      msgr->set_default_policy(server_policy);
-     msgr->set_require_authorizer(false);
      msgr->set_auth_client(&dummy_auth);
      msgr->set_auth_server(&dummy_auth);
      available_servers.insert(msgr);
diff --git a/src/test/crimson/test_monc.cc b/src/test/crimson/test_monc.cc
index 528c06aa6447..8723d20c6f06 100644
--- a/src/test/crimson/test_monc.cc
+++ b/src/test/crimson/test_monc.cc
@@ -42,7 +42,6 @@ static seastar::future<> test_monc()
     return crimson::common::sharded_perf_coll().start();
   }).then([]() mutable {
     auto msgr = crimson::net::Messenger::create(entity_name_t::OSD(0), "monc", 0);
-    msgr->set_require_authorizer(false);
     return seastar::do_with(MonClient{*msgr, dummy_handler},
                             [msgr](auto& monc) mutable {
       return msgr->start({&monc}).then([&monc] {