From e4a3475574dcc541dab58ac363b8b15368b5fefc Mon Sep 17 00:00:00 2001
From: xie xingguo <xie.xingguo@zte.com.cn>
Date: Tue, 12 Mar 2019 16:14:40 +0800
Subject: [PATCH] mgr/DaemonServer: handle caps more carefully

There are two problems:
- **allow_all** should override any other caps, if any
- do not try to accept an invalid osd connection, e.g.,
  with unrecognized caps

Signed-off-by: xie xingguo <xie.xingguo@zte.com.cn>
---
 src/mgr/DaemonServer.cc | 22 +++++++++-------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/src/mgr/DaemonServer.cc b/src/mgr/DaemonServer.cc
index 7f5205c8d83..27f5e2e11a5 100644
--- a/src/mgr/DaemonServer.cc
+++ b/src/mgr/DaemonServer.cc
@@ -165,7 +165,6 @@ KeyStore *DaemonServer::ms_get_auth1_authorizer_keystore()
 
 int DaemonServer::ms_handle_authentication(Connection *con)
 {
-  int ret = 0;
   MgrSession *s = new MgrSession(cct);
   con->set_priv(s);
   s->inst.addr = con->get_peer_addr();
@@ -180,27 +179,24 @@ int DaemonServer::ms_handle_authentication(Connection *con)
     dout(10) << " session " << s << " " << s->entity_name
 	     << " allow_all" << dendl;
     s->caps.set_allow_all();
-  }
-
-  if (caps_info.caps.length() > 0) {
+  } else if (caps_info.caps.length() > 0) {
     auto p = caps_info.caps.cbegin();
     string str;
     try {
       decode(str, p);
     }
     catch (buffer::error& e) {
-      ret = -EPERM;
-    }
-    bool success = s->caps.parse(str);
-    if (success) {
       dout(10) << " session " << s << " " << s->entity_name
-	       << " has caps " << s->caps << " '" << str << "'" << dendl;
-      ret = 1;
-    } else {
+               << " failed to decode caps" << dendl;
+      return -EPERM;
+    }
+    if (!s->caps.parse(str)) {
       dout(10) << " session " << s << " " << s->entity_name
 	       << " failed to parse caps '" << str << "'" << dendl;
-      ret = -EPERM;
+      return -EPERM;
     }
+    dout(10) << " session " << s << " " << s->entity_name
+             << " has caps " << s->caps << " '" << str << "'" << dendl;
   }
 
   if (con->get_peer_type() == CEPH_ENTITY_TYPE_OSD) {
@@ -211,7 +207,7 @@ int DaemonServer::ms_handle_authentication(Connection *con)
     osd_cons[s->osd_id].insert(con);
   }
 
-  return ret;
+  return 1;
 }
 
 bool DaemonServer::ms_get_authorizer(
-- 
2.39.5