From ef13bdb3ef81aeebc8c1a65fd398d766fd1940be Mon Sep 17 00:00:00 2001
From: Patrick Donnelly <pdonnell@ibm.com>
Date: Thu, 29 May 2025 11:52:34 -0400
Subject: [PATCH] auth/cephx: provide more debugging when sig checks fail

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>
---
 src/auth/cephx/CephxSessionHandler.cc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/auth/cephx/CephxSessionHandler.cc b/src/auth/cephx/CephxSessionHandler.cc
index e55babd039b..6e14fa1a865 100644
--- a/src/auth/cephx/CephxSessionHandler.cc
+++ b/src/auth/cephx/CephxSessionHandler.cc
@@ -198,6 +198,10 @@ int CephxSessionHandler::check_message_signature(Message *m)
     ldout(cct, 0) << "SIGN: MSG seq " << m->get_seq() << "          sig: " << m->get_footer().sig << dendl;
     ldout(cct, 0) << "SIGN: MSG seq " << m->get_seq() << " Locally calculated signature:" << dendl;
     ldout(cct, 0) << "SIGN: MSG seq " << m->get_seq() << "    sig_check: " << sig << dendl;
+    ldout(cct, 30) << "key: " << key << dendl;
+    ldout(cct, 30) << "protocol: " << protocol << dendl;
+    ldout(cct, 30) << "features: " << features << dendl;
+    ldout(cct, 30) << "message: " << *m << dendl;
 
     // For the moment, printing an error message to the log and
     // returning failure is sufficient.  In the long term, we should
-- 
2.39.5