From 73a1f1b51e586ff7476ff4f4c1682abd0a317074 Mon Sep 17 00:00:00 2001 From: Greg Farnum Date: Wed, 8 Dec 2021 21:32:58 +0000 Subject: [PATCH] mon: take blocklist ranges as a subcommand, not implicitly from address format I discovered in testing with CephFS that this tends to interpret client IPs (which don't have ports, but do have nonces) as invalid ranges. So give it a separate input keyword that has to be applied first. Signed-off-by: Greg Farnum --- src/mon/MonCommands.h | 1 + src/mon/OSDMonitor.cc | 41 +++++++++++++++++++++++++++++------------ 2 files changed, 30 insertions(+), 12 deletions(-) diff --git a/src/mon/MonCommands.h b/src/mon/MonCommands.h index 2c113248ae494..a4186d04fbf53 100644 --- a/src/mon/MonCommands.h +++ b/src/mon/MonCommands.h @@ -1016,6 +1016,7 @@ COMMAND("osd new " "Reads secrets from JSON file via `-i ` (see man page).", "osd", "rw") COMMAND("osd blocklist " + "name=range,type=CephString,goodchars=[range],req=false " "name=blocklistop,type=CephChoices,strings=add|rm " "name=addr,type=CephEntityAddr " "name=expire,type=CephFloat,range=0.0,req=false", diff --git a/src/mon/OSDMonitor.cc b/src/mon/OSDMonitor.cc index 966746782c62c..9443c708c57fb 100644 --- a/src/mon/OSDMonitor.cc +++ b/src/mon/OSDMonitor.cc @@ -12696,8 +12696,18 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, return true; } else if (prefix == "osd blocklist" || prefix == "osd blacklist") { - string addrstr; + string addrstr, rangestr; + bool range = false; cmd_getval(cmdmap, "addr", addrstr); + if (cmd_getval(cmdmap, "range", rangestr)) { + if (rangestr == "range") { + range = true; + } else { + ss << "Did you mean to specify \"osd blocklist range\"?"; + err = -EINVAL; + goto reply; + } + } entity_addr_t addr; if (!addr.parse(addrstr)) { ss << "unable to parse address " << addrstr; @@ -12705,7 +12715,14 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, goto reply; } else { - if (addr.is_cidr()) { + if (range) { + if (!addr.maybe_cidr()) { + ss << "You specified a range command, but " << addr + << " does not parse as a CIDR range"; + err = -EINVAL; + goto reply; + } + addr.type = entity_addr_t::TYPE_CIDR; err = check_cluster_features(CEPH_FEATUREMASK_RANGE_BLOCKLIST, ss); if (err) { goto reply; @@ -12747,7 +12764,7 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, ob.erase(it); } }; - if (addr.is_cidr()) { + if (range) { add_to_pending_blocklists(pending_inc.new_range_blocklist, pending_inc.old_range_blocklist, addr, expires); @@ -12764,9 +12781,9 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, get_last_committed() + 1)); return true; } else if (blocklistop == "rm") { - auto maybe_rm_from_pending_blocklists = [](const auto& addr, - auto& blocklist, - auto& ob, auto& pb) { + auto rm_from_pending_blocklists = [](const auto& addr, + auto& blocklist, + auto& ob, auto& pb) { if (blocklist.count(addr)) { ob.push_back(addr); return true; @@ -12776,12 +12793,12 @@ bool OSDMonitor::prepare_command_impl(MonOpRequestRef op, } return false; }; - if (maybe_rm_from_pending_blocklists(addr, osdmap.blocklist, - pending_inc.old_blocklist, - pending_inc.new_blocklist) || - maybe_rm_from_pending_blocklists(addr, osdmap.range_blocklist, - pending_inc.old_range_blocklist, - pending_inc.new_range_blocklist)) { + if ((!range && rm_from_pending_blocklists(addr, osdmap.blocklist, + pending_inc.old_blocklist, + pending_inc.new_blocklist)) || + (range && rm_from_pending_blocklists(addr, osdmap.range_blocklist, + pending_inc.old_range_blocklist, + pending_inc.new_range_blocklist))) { ss << "un-blocklisting " << addr; getline(ss, rs); wait_for_finished_proposal(op, new Monitor::C_Command(mon, op, 0, rs, -- 2.39.5