From: Sage Weil <sage@redhat.com>
Date: Mon, 10 Oct 2016 20:59:28 +0000 (-0400)
Subject: mon/MonClient: do not request MGR key from pre-kraken mons
X-Git-Tag: v11.1.0~632^2~1
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=bf0dc6dbdb1cfaf58125c60722f1f417f5d28b92;p=ceph.git

mon/MonClient: do not request MGR key from pre-kraken mons

If we do, the older mon will return EPERM.

Signed-off-by: Sage Weil <sage@redhat.com>
---

diff --git a/src/mon/MonClient.cc b/src/mon/MonClient.cc
index 19b76405a96d..1e6dcc122f3b 100644
--- a/src/mon/MonClient.cc
+++ b/src/mon/MonClient.cc
@@ -494,6 +494,18 @@ void MonClient::handle_auth(MAuthReply *m)
 	m->put();
 	return;
       }
+      // do not request MGR key unless the mon has the SERVER_KRAKEN
+      // feature.  otherwise it will give us an auth error.  note that
+      // we have to check for both the kraken and jewel key because
+      // pre-jewel the kraken feature bit was used for something else.
+      if ((want_keys & CEPH_ENTITY_TYPE_MGR) &&
+	  !(m->get_connection()->has_feature(CEPH_FEATURE_SERVER_KRAKEN) &&
+	    m->get_connection()->has_feature(CEPH_FEATURE_SERVER_JEWEL))) {
+	ldout(cct, 1) << __func__
+		      << " not requesting MGR keys from pre-kraken monitor"
+		      << dendl;
+	want_keys &= ~CEPH_ENTITY_TYPE_MGR;
+      }
       auth->set_want_keys(want_keys);
       auth->init(entity_name);
       auth->set_global_id(global_id);