doc/dev/msgr2: update docs to match implementation for auth frames

Signed-off-by: Sage Weil <sage@redhat.com>
2025-04-01 00:26:47 +00:00 · 2019-01-20 17:16:54 -06:00 · 2019-01-20 17:16:54 -06:00 · c1a2d1be52
commit c1a2d1be52
parent ee2e31b244
1 changed files with 7 additions and 17 deletions
--- a/doc/dev/msgr2.rst
+++ b/doc/dev/msgr2.rst
@ -108,25 +108,18 @@ Authentication
 * TAG_AUTH_REQUEST: client->server::

    __le32 method;  // CEPH_AUTH_{NONE, CEPHX, ...}
-    __le32 len;
    method specific payload

-* TAG_AUTH_BAD_METHOD (server only): reject client-selected auth method::
+* TAG_AUTH_BAD_METHOD server -> client: reject client-selected auth method::

    __le32 method
+    __le32 negative error result code
    __le32 num_methods
    __le32 allowed_methods[num_methods] // CEPH_AUTH_{NONE, CEPHX, ...}

-  - Returns the unsupported/forbidden method along with the list of allowed
-    authentication methods.
-
-* TAG_AUTH_BAD_AUTH: server->client::
-
-    __le32 error code (e.g., EPERM, EACCESS)
-    __le32 len;
-    error string;
-
-  - Sent when the authentication fails
+  - Returns the attempted auth method, and error code (-EOPNOTSUPP if
+    the method is unsupported), and the list of allowed authentication
+    methods.

 * TAG_AUTH_REPLY_MORE: server->client::

@ -140,11 +133,8 @@ Authentication

 * TAG_AUTH_DONE: (server->client)::

-    confounder (block_size bytes of random garbage)
-    __le64 flags
-      FLAG_ENCRYPTED  1
-      FLAG_SIGNED     2
-    signature
+    __le64 global_id
+    method specific payload

  - The server is the one to decide authentication has completed.