From 1ad850f142cb6340f855eac8471450eb5e9696a8 Mon Sep 17 00:00:00 2001
From: Greg Farnum <gregf@hq.newdream.net>
Date: Mon, 22 Mar 2010 09:40:45 -0700
Subject: [PATCH] mon: OSD handling messages use caps->check_privileges instead
 of macros

---
 src/mon/Monitor.cc    |  3 ---
 src/mon/OSDMonitor.cc | 27 +++++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 3 deletions(-)

diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc
index 6ee5a31dad82a..4be3533985328 100644
--- a/src/mon/Monitor.cc
+++ b/src/mon/Monitor.cc
@@ -603,7 +603,6 @@ do { \
 
       // misc
     case CEPH_MSG_MON_GET_MAP:
-      /* public.. no need for checks */
       handle_mon_get_map((MMonGetMap*)m);
       break;
 
@@ -622,8 +621,6 @@ do { \
     case MSG_OSD_BOOT:
     case MSG_OSD_ALIVE:
     case MSG_OSD_PGTEMP:
-      ALLOW_MESSAGES_FROM(CEPH_ENTITY_TYPE_OSD);
-      ALLOW_CAPS(PAXOS_OSDMAP, MON_CAP_R);
       fill_caps(m);
       paxos_service[PAXOS_OSDMAP]->dispatch((PaxosServiceMessage*)m);
       break;
diff --git a/src/mon/OSDMonitor.cc b/src/mon/OSDMonitor.cc
index 558c318a219e8..f2cb291bf73fe 100644
--- a/src/mon/OSDMonitor.cc
+++ b/src/mon/OSDMonitor.cc
@@ -296,6 +296,13 @@ bool OSDMonitor::preprocess_failure(MOSDFailure *m)
     goto didit;
   }
 
+  //check permissions
+  if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+    dout(0) << "got MOSDFailure from entity with insufficient caps "
+	    << *m->caps << dendl;
+    goto didit;
+  }
+
   /*
    * FIXME
    * this whole thing needs a rework of some sort.  we shouldn't
@@ -385,6 +392,14 @@ bool OSDMonitor::preprocess_boot(MOSDBoot *m)
     return true;
   }
 
+  //check permissions, ignore if failed (no response expected)
+  if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+    dout(0) << "got preprocess_boot message from entity with insufficient caps"
+	    << *m->caps << dendl;
+    delete m;
+    return true;
+  }
+
   assert(m->get_orig_source_inst().name.is_osd());
   int from = m->get_orig_source_inst().name.num();
   
@@ -488,6 +503,12 @@ void OSDMonitor::_booted(MOSDBoot *m, bool logit)
 
 bool OSDMonitor::preprocess_alive(MOSDAlive *m)
 {
+  //check permissions, ignore if failed
+  if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+    dout(0) << "attempt to send MOSDAlive from entity with insufficient privileges:"
+	    << *m->caps << dendl;
+    return true;
+  }
   int from = m->get_orig_source().num();
   if (osdmap.is_up(from) &&
       osdmap.get_inst(from) == m->get_orig_source_inst() &&
@@ -534,6 +555,12 @@ bool OSDMonitor::preprocess_pgtemp(MOSDPGTemp *m)
 {
   dout(10) << "preprocess_pgtemp " << *m << dendl;
 
+  //check caps
+  if (!m->caps->check_privileges(PAXOS_OSDMAP, MON_CAP_X)) {
+    dout(0) << "attempt to send MOSDPGTemp from entity with insufficient caps "
+	    << *m->caps << dendl;
+    return true;
+  }
   vector<int> empty;
   for (map<pg_t,vector<int> >::iterator p = m->pg_temp.begin(); p != m->pg_temp.end(); p++) {
     dout(20) << " " << p->first
-- 
2.39.5