Add a validity check for 'auth add' and 'fs authorize'. 'auth caps' and
'auth get-or-create[-key]' already had the check.
Fixes: http://tracker.ceph.com/issues/22525
Signed-off-by: Sage Weil <sage@redhat.com>
(cherry picked from commit
fa588730bfea17eb1ca556e20ffcfd0b7628d093)
Conflicts:
src/mon/AuthMonitor.cc (no "fs autorize" in jewel)
}
}
+ if (!valid_caps(caps_vec, &ss)) {
+ err = -EINVAL;
+ goto done;
+ }
+
// are we about to have it?
for (vector<Incremental>::iterator p = pending_auth.begin();
p != pending_auth.end();
get_last_committed() + 1));
return true;
} else if ((prefix == "auth get-or-create-key" ||
- prefix == "auth get-or-create") &&
+ prefix == "auth get-or-create") &&
!entity_name.empty()) {
// auth get-or-create <name> [mon osdcapa osd osdcapb ...]