From fc8d9c11350a908d61f12a1ee34be589fc1af820 Mon Sep 17 00:00:00 2001
From: Sage Weil <sage@redhat.com>
Date: Tue, 23 Apr 2019 13:52:07 -0500
Subject: [PATCH] mon/MonClient: discard old challenge if authorizer is bad

If we are a server/accepter, and we get a bad authorizer, discard our old
challenge, since the previous exchange has failed.  This way if the client
retries, their new authorize attempt won't conflict with our old challenge.

Signed-off-by: Sage Weil <sage@redhat.com>
---
 src/mon/MonClient.cc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/mon/MonClient.cc b/src/mon/MonClient.cc
index 8df084b7df6..d01c436a235 100644
--- a/src/mon/MonClient.cc
+++ b/src/mon/MonClient.cc
@@ -1472,6 +1472,8 @@ int MonClient::handle_auth_request(
     return 0;
   }
   ldout(cct,10) << __func__ << " bad authorizer on " << con << dendl;
+  // discard old challenge
+  auth_meta->authorizer_challenge.reset();
   return -EACCES;
 }
 
-- 
2.39.5