From 749c8ec875b1e46c5180cffab8e41dac2107017d Mon Sep 17 00:00:00 2001
From: Patrick Donnelly <pdonnell@ibm.com>
Date: Thu, 29 May 2025 11:52:34 -0400
Subject: [PATCH] auth/cephx: provide more debugging when sig checks fail

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>
---
 src/auth/cephx/CephxSessionHandler.cc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/auth/cephx/CephxSessionHandler.cc b/src/auth/cephx/CephxSessionHandler.cc
index f2545d1d5e8..f55ab565886 100644
--- a/src/auth/cephx/CephxSessionHandler.cc
+++ b/src/auth/cephx/CephxSessionHandler.cc
@@ -199,6 +199,10 @@ int CephxSessionHandler::check_message_signature(Message *m)
     ldout(cct, 0) << "SIGN: MSG seq " << m->get_seq() << "          sig: " << m->get_footer().sig << dendl;
     ldout(cct, 0) << "SIGN: MSG seq " << m->get_seq() << " Locally calculated signature:" << dendl;
     ldout(cct, 0) << "SIGN: MSG seq " << m->get_seq() << "    sig_check: " << sig << dendl;
+    ldout(cct, 30) << "key: " << key << dendl;
+    ldout(cct, 30) << "protocol: " << protocol << dendl;
+    ldout(cct, 30) << "features: " << features << dendl;
+    ldout(cct, 30) << "message: " << *m << dendl;
 
     // For the moment, printing an error message to the log and
     // returning failure is sufficient.  In the long term, we should
-- 
2.47.3