From: Sage Weil Date: Sun, 28 Apr 2019 13:43:28 +0000 (-0500) Subject: msg: set_require_authorizer on messenger, not dispatcher X-Git-Tag: v15.1.0~2797^2~3 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=f10660e84f85116b977f97aba5d3734233db0345;p=ceph.git msg: set_require_authorizer on messenger, not dispatcher This flag is used for compatibility with pre-nautilus OSDs, which do not send authorizers on the OSD heartbeat connections. However, because the AuthServer is implemented by MonClient, which is shared across all OSD messengers, we can't set this to false for the OSD without disabling all auth. Instead, make it a Messenger property, and set it only on the heartbeat server messengers. Signed-off-by: Sage Weil --- diff --git a/src/mon/MonClient.cc b/src/mon/MonClient.cc index d01c436a2358..3cf9b5899f4f 100644 --- a/src/mon/MonClient.cc +++ b/src/mon/MonClient.cc @@ -1433,7 +1433,7 @@ int MonClient::handle_auth_request( // for some channels prior to nautilus (osd heartbeat), we tolerate the lack of // an authorizer. if (payload.length() == 0 && - !handle_authentication_dispatcher->require_authorizer) { + !con->get_messenger()->require_authorizer) { handle_authentication_dispatcher->ms_handle_authentication(con); return 1; } diff --git a/src/msg/Dispatcher.h b/src/msg/Dispatcher.h index f7a6fded3477..4c707da7d279 100644 --- a/src/msg/Dispatcher.h +++ b/src/msg/Dispatcher.h @@ -218,16 +218,8 @@ public: * @} //Authentication */ - void ms_set_require_authorizer(bool b) { - require_authorizer = b; - } protected: CephContext *cct; -public: - // allow unauthenticated connections. This is needed for - // compatibility with pre-nautilus OSDs, which do not authenticate - // the heartbeat sessions. - bool require_authorizer = true; private: explicit Dispatcher(const Dispatcher &rhs); Dispatcher& operator=(const Dispatcher &rhs); diff --git a/src/msg/Messenger.h b/src/msg/Messenger.h index 1af703adde1e..edd202f3256b 100644 --- a/src/msg/Messenger.h +++ b/src/msg/Messenger.h @@ -113,6 +113,12 @@ public: using Policy = ceph::net::Policy; +public: + // allow unauthenticated connections. This is needed for + // compatibility with pre-nautilus OSDs, which do not authenticate + // the heartbeat sessions. + bool require_authorizer = true; + protected: // for authentication AuthRegistry auth_registry; @@ -788,6 +794,10 @@ public: } } + void set_require_authorizer(bool b) { + require_authorizer = b; + } + /** * @} // Dispatcher Interfacing */ diff --git a/src/osd/OSD.cc b/src/osd/OSD.cc index e900d8abc7c5..e8b17e2bd817 100644 --- a/src/osd/OSD.cc +++ b/src/osd/OSD.cc @@ -8431,7 +8431,8 @@ void OSD::check_osdmap_features() } if (osdmap->require_osd_release < CEPH_RELEASE_NAUTILUS) { - heartbeat_dispatcher.ms_set_require_authorizer(false); + hb_front_server_messenger->set_require_authorizer(false); + hb_back_server_messenger->set_require_authorizer(false); } if (osdmap->require_osd_release != last_require_osd_release) { diff --git a/src/test/crimson/perf_async_msgr.cc b/src/test/crimson/perf_async_msgr.cc index d64388ec56cd..64a646a066ba 100644 --- a/src/test/crimson/perf_async_msgr.cc +++ b/src/test/crimson/perf_async_msgr.cc @@ -26,7 +26,7 @@ struct Server { msgr->set_default_policy(Messenger::Policy::stateless_server(0)); msgr->set_auth_client(&dummy_auth); msgr->set_auth_server(&dummy_auth); - dispatcher.ms_set_require_authorizer(false); + msgr->set_require_authorizer(false); } DummyAuthClientServer dummy_auth; unique_ptr msgr; diff --git a/src/test/crimson/test_async_echo.cc b/src/test/crimson/test_async_echo.cc index 7a7323f1f736..c9a4e907308e 100644 --- a/src/test/crimson/test_async_echo.cc +++ b/src/test/crimson/test_async_echo.cc @@ -31,7 +31,7 @@ struct Server { msgr->set_default_policy(Messenger::Policy::stateless_server(0)); msgr->set_auth_client(&dummy_auth); msgr->set_auth_server(&dummy_auth); - dispatcher.ms_set_require_authorizer(false); + msgr->set_require_authorizer(false); } DummyAuthClientServer dummy_auth; unique_ptr msgr; @@ -92,7 +92,7 @@ struct Client { msgr->set_default_policy(Messenger::Policy::lossy_client(0)); msgr->set_auth_client(&dummy_auth); msgr->set_auth_server(&dummy_auth); - dispatcher.ms_set_require_authorizer(false); + msgr->set_require_authorizer(false); } DummyAuthClientServer dummy_auth; struct ClientDispatcher : Dispatcher { diff --git a/src/test/msgr/test_msgr.cc b/src/test/msgr/test_msgr.cc index 9243db606672..7b55ad4b2d28 100644 --- a/src/test/msgr/test_msgr.cc +++ b/src/test/msgr/test_msgr.cc @@ -81,6 +81,7 @@ class MessengerTest : public ::testing::TestWithParam { server_msgr->set_auth_server(&dummy_auth); client_msgr->set_auth_client(&dummy_auth); client_msgr->set_auth_server(&dummy_auth); + server_msgr->set_require_authorizer(false); } void TearDown() override { ASSERT_EQ(server_msgr->get_dispatch_queue_len(), 0); @@ -115,8 +116,6 @@ class FakeDispatcher : public Dispatcher { explicit FakeDispatcher(bool s): Dispatcher(g_ceph_context), lock("FakeDispatcher::lock"), is_server(s), got_new(false), got_remote_reset(false), got_connect(false), loopback(false) { - // don't need authorizers - ms_set_require_authorizer(false); } bool ms_can_fast_dispatch_any() const override { return true; } bool ms_can_fast_dispatch(const Message *m) const override { @@ -1509,8 +1508,6 @@ class SyntheticDispatcher : public Dispatcher { SyntheticDispatcher(bool s, SyntheticWorkload *wl): Dispatcher(g_ceph_context), lock("SyntheticDispatcher::lock"), is_server(s), got_new(false), got_remote_reset(false), got_connect(false), index(0), workload(wl) { - // don't need authorizers - ms_set_require_authorizer(false); } bool ms_can_fast_dispatch_any() const override { return true; } bool ms_can_fast_dispatch(const Message *m) const override { @@ -2087,8 +2084,6 @@ class MarkdownDispatcher : public Dispatcher { std::atomic count = { 0 }; explicit MarkdownDispatcher(bool s): Dispatcher(g_ceph_context), lock("MarkdownDispatcher::lock"), last_mark(false) { - // don't need authorizers - ms_set_require_authorizer(false); } bool ms_can_fast_dispatch_any() const override { return false; } bool ms_can_fast_dispatch(const Message *m) const override {