From: Sage Weil <sage@inktank.com>
To: ceph-devel@vger.kernel.org
Cc: Sage Weil <sage@inktank.com>
Subject: [PATCH 2/6] libceph: fix authorizer invalidation
Date: Tue, 19 Mar 2013 16:08:02 -0700 [thread overview]
Message-ID: <1363734486-26879-2-git-send-email-sage@inktank.com> (raw)
In-Reply-To: <1363734486-26879-1-git-send-email-sage@inktank.com>
We were invalidating the authorizer by removing the ticket handler
entirely. This was effective in inducing us to request a new authorizer,
but in the meantime it mean that any authorizer we generated would get a
new and initialized handler with secret_id=0, which would always be
rejected by the server side with a confusing error message:
auth: could not find secret_id=0
cephx: verify_authorizer could not get service secret for service osd secret_id=0
Instead, simply clear the validity field. This will still induce the auth
code to request a new secret, but will let us continue to use the old
ticket in the meantime. The messenger code will probably continue to fail,
but the exponential backoff will kick in, and eventually the we will get a
new (hopefully more valid) ticket from the mon and be able to continue.
Signed-off-by: Sage Weil <sage@inktank.com>
---
net/ceph/auth_x.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index a16bf14..bd8758d 100644
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -630,7 +630,7 @@ static void ceph_x_invalidate_authorizer(struct ceph_auth_client *ac,
th = get_ticket_handler(ac, peer_type);
if (!IS_ERR(th))
- remove_ticket_handler(ac, th);
+ memset(&th->validity, 0, sizeof(th->validity));
}
--
1.7.9.5
next prev parent reply other threads:[~2013-03-19 23:08 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-19 23:08 [PATCH 1/6] libceph: clear messenger auth_retry flag when we authenticate Sage Weil
2013-03-19 23:08 ` Sage Weil [this message]
2013-03-25 13:39 ` [PATCH 2/6] libceph: fix authorizer invalidation Alex Elder
2013-03-25 15:51 ` Sage Weil
2013-03-19 23:08 ` [PATCH 3/6] libceph: add update_authorizer auth method Sage Weil
2013-03-25 14:15 ` Alex Elder
2013-03-25 15:53 ` Sage Weil
2013-03-19 23:08 ` [PATCH 4/6] libceph: wrap auth ops in wrapper functions Sage Weil
2013-03-25 14:25 ` Alex Elder
2013-03-19 23:08 ` [PATCH 5/6] libceph: wrap auth methods in a mutex Sage Weil
2013-03-25 14:32 ` Alex Elder
2013-03-25 16:26 ` Sage Weil
2013-03-25 16:49 ` Alex Elder
2013-03-19 23:08 ` [PATCH 6/6] libceph: verify authorizer reply Sage Weil
2013-03-25 14:41 ` Alex Elder
2013-03-25 16:29 ` Sage Weil
2013-03-25 13:32 ` [PATCH 1/6] libceph: clear messenger auth_retry flag when we authenticate Alex Elder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1363734486-26879-2-git-send-email-sage@inktank.com \
--to=sage@inktank.com \
--cc=ceph-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.