msg/Pipe: remove broken cephs signing requirement check

Remove the special-case check, which does not inform the peer what protocol features are missing. It also enforces this requirement even when we negotiate auth none. Reported as part of bug #3657. Signed-off-by: Sage Weil <sage@inktank.com>
2024-12-17 00:46:05 +00:00 · 2012-12-27 16:01:49 -08:00 · 2012-12-27 16:01:49 -08:00 · 0a5d6d8759
commit 0a5d6d8759
parent 65b787ea2a
1 changed files with 0 additions and 22 deletions
--- a/src/msg/Pipe.cc
+++ b/src/msg/Pipe.cc
@ -355,18 +355,6 @@ int Pipe::accept()
      goto reply;
    }
    
-    // If the server supports signing session messages, and it is configured to require the client
-    // to sign, and the client can't sign, bail out.  PLR
-
-    if ((policy.features_supported & CEPH_FEATURE_MSG_AUTH) &&
-	msgr->cct->_conf->cephx_require_signatures &&
-	!(connect.features & CEPH_FEATURE_MSG_AUTH)) {
-      ldout(msgr->cct,1) << "Client can't sign messages." << dendl;
-      reply.tag = CEPH_MSGR_TAG_FEATURES;
-      msgr->lock.Unlock();
-      goto reply;
-    }
-
    msgr->lock.Unlock();

    // Check the authorizer.  If not good, bail out.
@ -941,16 +929,6 @@ int Pipe::connect()
 	goto fail_locked;
      }

-      // If the client supports signing session messages, and it is configured to require the server
-      // to sign, and the server can't sign, bail out.  PLR
-
-      if ((policy.features_supported & CEPH_FEATURE_MSG_AUTH) &&
-	  msgr->cct->_conf->cephx_require_signatures &&
-          !(reply.features & CEPH_FEATURE_MSG_AUTH)) {
-        ldout(msgr->cct,1) << "Server can't sign messages." << dendl;
-        goto fail_locked;
-      }
-
      if (reply.tag == CEPH_MSGR_TAG_SEQ) {
        ldout(msgr->cct,10) << "got CEPH_MSGR_TAG_SEQ, reading acked_seq and writing in_seq" << dendl;
        uint64_t newly_acked_seq = 0;