From 4987e13ba5d833a8a7968e4f8f38cb41d1699420 Mon Sep 17 00:00:00 2001
From: Patrick Donnelly <pdonnell@ibm.com>
Date: Tue, 13 May 2025 12:28:39 -0400
Subject: [PATCH] mon/AuthMonitor: shutdown session connection on auth failure

Currently the mons will allow the session to persist even though an auth
failure has occurred, probably while trying to obtain new tickets.

A sequence to easily trigger this:

    ceph auth rotate osd.0
    ceph auth wipe-rotating-service-keys

The osd.0 will continue interacting with the mons until restart or a network
interruption occurs.

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>
---
 src/mon/AuthMonitor.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc
index d69655cc6a4..d335e36ebbe 100644
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -836,6 +836,11 @@ bool AuthMonitor::prep_auth(MonOpRequestRef op, bool paxos_writable)
 reply:
   reply = new MAuthReply(proto, &response_bl, ret, s->con->peer_global_id);
   mon.send_reply(op, reply);
+  if (ret < 0) {
+    /* auth has failed (key change?), close the session */
+    dout(1) << "stopping due to failed auth (" << cpp_strerror(ret) << "): " << *s << dendl;
+    s->con->shutdown();
+  }
   if (finished) {
     // always send the latest monmap.
     if (m->monmap_epoch < mon.monmap->get_epoch())
-- 
2.39.5