From 113fa941e3a4feaed0891d1fb7d321ade3e1bca7 Mon Sep 17 00:00:00 2001 From: lijing Date: Fri, 5 Jan 2018 17:44:57 +0800 Subject: [PATCH] mon: expand cap validity check for mgr, osd, mds Also strenghen the check to declare an unknown cap type as invalid. Note that this means that in a mixed-version cluster, an older mon would apply the syntax check for the older caps, even if the (say) OSDs are newer and could parse something different. This is judged to be fine: it is not unreasonable to ask for the mons *and* daemons to be upgraded before using the new cap syntax or feature. Signed-off-by: Jing Li Signed-off-by: Sage Weil --- src/mon/AuthMonitor.cc | 34 ++++++++++++++++++++++++++++++++++ src/mon/AuthMonitor.h | 15 +++------------ src/mon/CMakeLists.txt | 4 +++- 3 files changed, 40 insertions(+), 13 deletions(-) diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc index 8b7210e63beee..b7d7c0bd5a8be 100644 --- a/src/mon/AuthMonitor.cc +++ b/src/mon/AuthMonitor.cc @@ -33,6 +33,9 @@ #include "include/stringify.h" #include "include/assert.h" +#include "mds/MDSAuthCaps.h" +#include "osd/OSDCap.h" + #define dout_subsys ceph_subsys_mon #undef dout_prefix #define dout_prefix _prefix(_dout, mon, get_last_committed()) @@ -1012,6 +1015,37 @@ int AuthMonitor::do_osd_new( return 0; } +bool AuthMonitor::valid_caps(const vector& caps, ostream *out) +{ + for (vector::const_iterator p = caps.begin(); + p != caps.end(); p += 2) { + if ((p+1) == caps.end()) { + *out << "cap '" << *p << "' has no value"; + return false; + } + if (*p == "mon" || *p == "mgr") { + MonCap tmp; + if (!tmp.parse(*(p+1), out)) { + return false; + } + } else if (*p == "osd") { + OSDCap ocap; + if (!ocap.parse(*(p+1), out)) { + return false; + } + } else if (*p == "mds") { + MDSAuthCaps mdscap; + if (!mdscap.parse(g_ceph_context, *(p+1), out)) { + return false; + } + } else { + *out << "unknown cap type '" << *p << "'"; + return false; + } + } + return true; +} + bool AuthMonitor::prepare_command(MonOpRequestRef op) { MMonCommand *m = static_cast(op->get_req()); diff --git a/src/mon/AuthMonitor.h b/src/mon/AuthMonitor.h index 1304c80d2f45f..faad9427ed196 100644 --- a/src/mon/AuthMonitor.h +++ b/src/mon/AuthMonitor.h @@ -18,6 +18,7 @@ #include #include +#include "global/global_init.h" #include "include/ceph_features.h" #include "include/types.h" #include "mon/PaxosService.h" @@ -128,19 +129,9 @@ private: pending_auth.push_back(inc); } - /* validate mon caps ; don't care about caps for other services as + /* validate mon/osd/mds caps ; don't care about caps for other services as * we don't know how to validate them */ - bool valid_caps(const vector& caps, ostream *out) { - for (vector::const_iterator p = caps.begin(); - p != caps.end(); p += 2) { - if (!p->empty() && *p != "mon") - continue; - MonCap tmp; - if (!tmp.parse(*(p+1), out)) - return false; - } - return true; - } + bool valid_caps(const vector& caps, ostream *out); void on_active() override; bool should_propose(double& delay) override; diff --git a/src/mon/CMakeLists.txt b/src/mon/CMakeLists.txt index 403c954edaf2c..c8e2edbd7116b 100644 --- a/src/mon/CMakeLists.txt +++ b/src/mon/CMakeLists.txt @@ -20,7 +20,9 @@ set(lib_mon_srcs HealthMonitor.cc PGMap.cc ConfigKeyService.cc - ../mgr/mgr_commands.cc) + ../mds/MDSAuthCaps.cc + ../mgr/mgr_commands.cc + ../osd/OSDCap.cc) add_library(mon STATIC ${lib_mon_srcs} $ -- 2.39.5