diff options
| author | Yan, Zheng <zyan@redhat.com> | 2014-11-11 03:30:55 -0500 |
|---|---|---|
| committer | Ilya Dryomov <idryomov@redhat.com> | 2014-12-17 12:09:51 -0500 |
| commit | a3fc98005c9c6e4649d26bee0935a7048a95c9e6 (patch) | |
| tree | ecd73ce3924c0c040c5a48c4a15c1b6f4137b935 | |
| parent | 97c85a828f36bbfffe9d77b977b65a5872b6cad4 (diff) | |
libceph: require cephx message signature by default
Signed-off-by: Yan, Zheng <zyan@redhat.com>
Reviewed-by: Ilya Dryomov <idryomov@redhat.com>
| -rw-r--r-- | include/linux/ceph/libceph.h | 1 | ||||
| -rw-r--r-- | net/ceph/ceph_common.c | 13 |
2 files changed, 14 insertions, 0 deletions
diff --git a/include/linux/ceph/libceph.h b/include/linux/ceph/libceph.h index d293f7e38814..8b11a79ca1cb 100644 --- a/include/linux/ceph/libceph.h +++ b/include/linux/ceph/libceph.h | |||
| @@ -29,6 +29,7 @@ | |||
| 29 | #define CEPH_OPT_NOSHARE (1<<1) /* don't share client with other sbs */ | 29 | #define CEPH_OPT_NOSHARE (1<<1) /* don't share client with other sbs */ |
| 30 | #define CEPH_OPT_MYIP (1<<2) /* specified my ip */ | 30 | #define CEPH_OPT_MYIP (1<<2) /* specified my ip */ |
| 31 | #define CEPH_OPT_NOCRC (1<<3) /* no data crc on writes */ | 31 | #define CEPH_OPT_NOCRC (1<<3) /* no data crc on writes */ |
| 32 | #define CEPH_OPT_NOMSGAUTH (1<<4) /* not require cephx message signature */ | ||
| 32 | 33 | ||
| 33 | #define CEPH_OPT_DEFAULT (0) | 34 | #define CEPH_OPT_DEFAULT (0) |
| 34 | 35 | ||
diff --git a/net/ceph/ceph_common.c b/net/ceph/ceph_common.c index d361a274aee7..5d5ab67f516d 100644 --- a/net/ceph/ceph_common.c +++ b/net/ceph/ceph_common.c | |||
| @@ -237,6 +237,8 @@ enum { | |||
| 237 | Opt_noshare, | 237 | Opt_noshare, |
| 238 | Opt_crc, | 238 | Opt_crc, |
| 239 | Opt_nocrc, | 239 | Opt_nocrc, |
| 240 | Opt_cephx_require_signatures, | ||
| 241 | Opt_nocephx_require_signatures, | ||
| 240 | }; | 242 | }; |
| 241 | 243 | ||
| 242 | static match_table_t opt_tokens = { | 244 | static match_table_t opt_tokens = { |
| @@ -255,6 +257,8 @@ static match_table_t opt_tokens = { | |||
| 255 | {Opt_noshare, "noshare"}, | 257 | {Opt_noshare, "noshare"}, |
| 256 | {Opt_crc, "crc"}, | 258 | {Opt_crc, "crc"}, |
| 257 | {Opt_nocrc, "nocrc"}, | 259 | {Opt_nocrc, "nocrc"}, |
| 260 | {Opt_cephx_require_signatures, "cephx_require_signatures"}, | ||
| 261 | {Opt_nocephx_require_signatures, "nocephx_require_signatures"}, | ||
| 258 | {-1, NULL} | 262 | {-1, NULL} |
| 259 | }; | 263 | }; |
| 260 | 264 | ||
| @@ -453,6 +457,12 @@ ceph_parse_options(char *options, const char *dev_name, | |||
| 453 | case Opt_nocrc: | 457 | case Opt_nocrc: |
| 454 | opt->flags |= CEPH_OPT_NOCRC; | 458 | opt->flags |= CEPH_OPT_NOCRC; |
| 455 | break; | 459 | break; |
| 460 | case Opt_cephx_require_signatures: | ||
| 461 | opt->flags &= ~CEPH_OPT_NOMSGAUTH; | ||
| 462 | break; | ||
| 463 | case Opt_nocephx_require_signatures: | ||
| 464 | opt->flags |= CEPH_OPT_NOMSGAUTH; | ||
| 465 | break; | ||
| 456 | 466 | ||
| 457 | default: | 467 | default: |
| 458 | BUG_ON(token); | 468 | BUG_ON(token); |
| @@ -496,6 +506,9 @@ struct ceph_client *ceph_create_client(struct ceph_options *opt, void *private, | |||
| 496 | init_waitqueue_head(&client->auth_wq); | 506 | init_waitqueue_head(&client->auth_wq); |
| 497 | client->auth_err = 0; | 507 | client->auth_err = 0; |
| 498 | 508 | ||
| 509 | if (!ceph_test_opt(client, NOMSGAUTH)) | ||
| 510 | required_features |= CEPH_FEATURE_MSG_AUTH; | ||
| 511 | |||
| 499 | client->extra_mon_dispatch = NULL; | 512 | client->extra_mon_dispatch = NULL; |
| 500 | client->supported_features = CEPH_FEATURES_SUPPORTED_DEFAULT | | 513 | client->supported_features = CEPH_FEATURES_SUPPORTED_DEFAULT | |
| 501 | supported_features; | 514 | supported_features; |