From: Rishabh Dave <ridave@redhat.com>
Date: Thu, 28 Sep 2023 17:34:51 +0000 (+0530)
Subject: mon/AuthMonitor: check if entity is absent before creating it
X-Git-Tag: v19.0.0~308^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=a669cd642251bacfcfd6188e72404fd824c80b73;p=ceph.git

mon/AuthMonitor: check if entity is absent before creating it

Although this code path is not used for creating entities yet, it is
better to fix the bug sooner than later. Method
AuthMonitor::_update_or_create_entity() must exit (with appropriate
error code) when entity to be created on the Ceph cluster is already
present.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
---

diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc
index 1aac226e149d..35300015cae5 100644
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -1984,6 +1984,14 @@ int AuthMonitor::_update_or_create_entity(const EntityName& entity,
   KeyServerData::Incremental auth_inc;
   auth_inc.name = entity;
 
+  // if entity to be created is already present.
+  if (create_entity &&
+      mon.key_server.get_auth(auth_inc.name, auth_inc.auth)) {
+    ss << "entity already exists" << auth_inc.name;
+    return -EEXIST;
+  }
+
+  // if entity to be updated is absent.
   if (!create_entity &&
       !mon.key_server.get_auth(auth_inc.name, auth_inc.auth)) {
     ss << "couldn't find entry " << auth_inc.name;