auth: Fix buggy parsing of g_conf.keyring

Previously, we weren't correctly handling comma-separated lists of values in g_conf.keyring. Signed-off-by: Colin McCabe <colinm@hq.newdream.net>
2025-02-24 11:37:37 +00:00 · 2010-12-29 17:48:12 -08:00 · 2010-12-29 17:48:12 -08:00 · e1a1e1e6a6
commit e1a1e1e6a6
parent 27cba78148
2 changed files with 33 additions and 23 deletions
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@ -89,33 +89,43 @@ void AuthMonitor::on_active()
 */
 }

+int AuthMonitor::read_keyfile(bufferlist &bl, std::string &keyfile)
+{
+  keyfile.clear();
+  bl.clear();
+
+  if (!g_conf.keyring)
+    return 2;
+  list<string> ls;
+  get_str_list(string(g_conf.keyring), ls);
+  for (list<string>::const_iterator p = ls.begin(); p != ls.end(); ++p) {
+    if (bl.read_file(p->c_str()) == 0) {
+      keyfile = *p;
+      return 0;
+    }
+    bl.clear();
+  }
+  return 1;
+}
+
 void AuthMonitor::create_initial(bufferlist& bl)
 {
  dout(10) << "create_initial -- creating initial map" << dendl;
-  if (g_conf.keyring) {
-    dout(10) << "reading initial keyring " << dendl;
-    bufferlist bl;

-    string k = g_conf.keyring;
-    list<string> ls;
-    get_str_list(k, ls);
-    int r = -1;
-    for (list<string>::iterator p = ls.begin(); p != ls.end(); p++)
-      if ((r = bl.read_file(g_conf.keyring)) >= 0)
-	break;
-    if (r >= 0) {
-      KeyRing keyring;
-      bool read_ok = false;
-      try {
-        bufferlist::iterator iter = bl.begin();
-        ::decode(keyring, iter);
-        read_ok = true;
-      } catch (const buffer::error &err) {
-        cerr << "error reading file " << g_conf.keyring << std::endl;
-      }
-      if (read_ok)
-	import_keyring(keyring);
+  bufferlist kbl;
+  string keyfile;
+  if (read_keyfile(kbl, keyfile) == 0) {
+    KeyRing keyring;
+    bool read_ok = false;
+    try {
+      bufferlist::iterator iter = kbl.begin();
+      ::decode(keyring, iter);
+      read_ok = true;
+    } catch (const buffer::error &err) {
+      cerr << "error reading file " << g_conf.keyring << std::endl;
    }
+    if (read_ok)
+      import_keyring(keyring);
  }

  max_global_id = MIN_GLOBAL_ID;
--- a/src/mon/AuthMonitor.h
+++ b/src/mon/AuthMonitor.h
@ -93,7 +93,7 @@ private:
  void on_active();
  void election_finished();
  bool should_propose(double& delay);
-
+  static int read_keyfile(bufferlist &bl, std::string &keyfile);
  void create_initial(bufferlist& bl);
  bool update_from_paxos();
  void create_pending();  // prepare a new pending