aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorSage Weil <sage@inktank.com>2013-03-25 13:25:49 -0400
committerSage Weil <sage@inktank.com>2013-05-02 00:17:12 -0400
commit4b8e8b5d78b8322351d44487c1b76f7e9d3412bc (patch)
tree7ed1414e5ed9f30cf2019e9ff74c95ded5ad9e77 /net
parent20e55c4cc758e4dccdfd92ae8e9588dd624b2cd7 (diff)
libceph: fix authorizer invalidation
We were invalidating the authorizer by removing the ticket handler entirely. This was effective in inducing us to request a new authorizer, but in the meantime it mean that any authorizer we generated would get a new and initialized handler with secret_id=0, which would always be rejected by the server side with a confusing error message: auth: could not find secret_id=0 cephx: verify_authorizer could not get service secret for service osd secret_id=0 Instead, simply clear the validity field. This will still induce the auth code to request a new secret, but will let us continue to use the old ticket in the meantime. The messenger code will probably continue to fail, but the exponential backoff will kick in, and eventually the we will get a new (hopefully more valid) ticket from the mon and be able to continue. Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Alex Elder <elder@inktank.com>
Diffstat (limited to 'net')
-rw-r--r--net/ceph/auth_x.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index a16bf14eb027..bd8758dbfded 100644
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -630,7 +630,7 @@ static void ceph_x_invalidate_authorizer(struct ceph_auth_client *ac,
630 630
631 th = get_ticket_handler(ac, peer_type); 631 th = get_ticket_handler(ac, peer_type);
632 if (!IS_ERR(th)) 632 if (!IS_ERR(th))
633 remove_ticket_handler(ac, th); 633 memset(&th->validity, 0, sizeof(th->validity));
634} 634}
635 635
636 636