From 8cbfb327a851c4f80bff70832cf22ba3e6f99429 Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Thu, 11 Feb 2010 09:00:10 -0800 Subject: [PATCH] cephx: fix negotiation on reconnect Don't send another request after initial handshake if we don't need an auth ticket. --- src/auth/cephx/CephxClientHandler.cc | 2 ++ src/auth/cephx/CephxProtocol.cc | 7 +++++++ src/auth/cephx/CephxProtocol.h | 5 +++++ 3 files changed, 14 insertions(+) diff --git a/src/auth/cephx/CephxClientHandler.cc b/src/auth/cephx/CephxClientHandler.cc index ea2d131c27b8a..098a9ddb1a61c 100644 --- a/src/auth/cephx/CephxClientHandler.cc +++ b/src/auth/cephx/CephxClientHandler.cc @@ -97,6 +97,8 @@ int CephxClientHandler::handle_response(int ret, bufferlist::iterator& indata) server_challenge = ch.server_challenge; dout(10) << " got initial server challenge " << server_challenge << dendl; starting = false; + + tickets.invalidate_ticket(CEPH_ENTITY_TYPE_AUTH); return -EAGAIN; } diff --git a/src/auth/cephx/CephxProtocol.cc b/src/auth/cephx/CephxProtocol.cc index 1ae234be14144..01615f6088e29 100644 --- a/src/auth/cephx/CephxProtocol.cc +++ b/src/auth/cephx/CephxProtocol.cc @@ -215,6 +215,13 @@ void CephXTicketManager::set_have_need_key(uint32_t service_id, uint32_t& have, have &= ~service_id; } +void CephXTicketManager::invalidate_ticket(uint32_t service_id) +{ + map::iterator iter = tickets_map.find(service_id); + if (iter != tickets_map.end()) + iter->second.invalidate_ticket(); +} + /* * PRINCIPAL: verify our attempt to authenticate succeeded. fill out * this ServiceTicket with the result. diff --git a/src/auth/cephx/CephxProtocol.h b/src/auth/cephx/CephxProtocol.h index 0ead914e52c2b..2403c03bf84f3 100644 --- a/src/auth/cephx/CephxProtocol.h +++ b/src/auth/cephx/CephxProtocol.h @@ -290,6 +290,10 @@ struct CephXTicketHandler { bool have_key(); bool need_key(); + + void invalidate_ticket() { + have_key_flag = 0; + } }; struct CephXTicketManager { @@ -311,6 +315,7 @@ struct CephXTicketManager { bool need_key(uint32_t service_id); void set_have_need_key(uint32_t service_id, uint32_t& have, uint32_t& need); void validate_tickets(uint32_t mask, uint32_t& have, uint32_t& need); + void invalidate_ticket(uint32_t service_id); }; -- 2.39.5