msg: set_require_authorizer on messenger, not dispatcher

This flag is used for compatibility with pre-nautilus OSDs, which do not send authorizers on the OSD heartbeat connections. However, because the AuthServer is implemented by MonClient, which is shared across all OSD messengers, we can't set this to false for the OSD without disabling all auth. Instead, make it a Messenger property, and set it only on the heartbeat server messengers. Signed-off-by: Sage Weil <sage@redhat.com>
2025-03-11 02:39:05 +00:00 · 2019-04-28 08:43:28 -05:00 · 2019-04-28 08:43:28 -05:00 · f10660e84f
commit f10660e84f
parent 90e4c5fad5
7 changed files with 17 additions and 19 deletions
--- a/src/mon/MonClient.cc
+++ b/src/mon/MonClient.cc
@ -1433,7 +1433,7 @@ int MonClient::handle_auth_request(
  // for some channels prior to nautilus (osd heartbeat), we tolerate the lack of
  // an authorizer.
  if (payload.length() == 0 &&
-      !handle_authentication_dispatcher->require_authorizer) {
+      !con->get_messenger()->require_authorizer) {
    handle_authentication_dispatcher->ms_handle_authentication(con);
    return 1;
  }
--- a/src/msg/Dispatcher.h
+++ b/src/msg/Dispatcher.h
@ -218,16 +218,8 @@ public:
   * @} //Authentication
   */

-  void ms_set_require_authorizer(bool b) {
-    require_authorizer = b;
-  }
 protected:
  CephContext *cct;
-public:
-  // allow unauthenticated connections.  This is needed for
-  // compatibility with pre-nautilus OSDs, which do not authenticate
-  // the heartbeat sessions.
-  bool require_authorizer = true;
 private:
  explicit Dispatcher(const Dispatcher &rhs);
  Dispatcher& operator=(const Dispatcher &rhs);
--- a/src/msg/Messenger.h
+++ b/src/msg/Messenger.h
@ -113,6 +113,12 @@ public:

  using Policy = ceph::net::Policy<Throttle>;

+public:
+  // allow unauthenticated connections.  This is needed for
+  // compatibility with pre-nautilus OSDs, which do not authenticate
+  // the heartbeat sessions.
+  bool require_authorizer = true;
+
 protected:
  // for authentication
  AuthRegistry auth_registry;
@ -788,6 +794,10 @@ public:
    }
  }

+  void set_require_authorizer(bool b) {
+    require_authorizer = b;
+  }
+
  /**
   * @} // Dispatcher Interfacing
   */
--- a/src/osd/OSD.cc
+++ b/src/osd/OSD.cc
@ -8431,7 +8431,8 @@ void OSD::check_osdmap_features()
  }

  if (osdmap->require_osd_release < CEPH_RELEASE_NAUTILUS) {
-    heartbeat_dispatcher.ms_set_require_authorizer(false);
+    hb_front_server_messenger->set_require_authorizer(false);
+    hb_back_server_messenger->set_require_authorizer(false);
  }

  if (osdmap->require_osd_release != last_require_osd_release) {
--- a/src/test/crimson/perf_async_msgr.cc
+++ b/src/test/crimson/perf_async_msgr.cc
@ -26,7 +26,7 @@ struct Server {
    msgr->set_default_policy(Messenger::Policy::stateless_server(0));
    msgr->set_auth_client(&dummy_auth);
    msgr->set_auth_server(&dummy_auth);
-    dispatcher.ms_set_require_authorizer(false);
+    msgr->set_require_authorizer(false);
  }
  DummyAuthClientServer dummy_auth;
  unique_ptr<Messenger> msgr;
--- a/src/test/crimson/test_async_echo.cc
+++ b/src/test/crimson/test_async_echo.cc
@ -31,7 +31,7 @@ struct Server {
    msgr->set_default_policy(Messenger::Policy::stateless_server(0));
    msgr->set_auth_client(&dummy_auth);
    msgr->set_auth_server(&dummy_auth);
-    dispatcher.ms_set_require_authorizer(false);
+    msgr->set_require_authorizer(false);
  }
  DummyAuthClientServer dummy_auth;
  unique_ptr<Messenger> msgr;
@ -92,7 +92,7 @@ struct Client {
    msgr->set_default_policy(Messenger::Policy::lossy_client(0));
    msgr->set_auth_client(&dummy_auth);
    msgr->set_auth_server(&dummy_auth);
-    dispatcher.ms_set_require_authorizer(false);
+    msgr->set_require_authorizer(false);
  }
  DummyAuthClientServer dummy_auth;
  struct ClientDispatcher : Dispatcher {
--- a/src/test/msgr/test_msgr.cc
+++ b/src/test/msgr/test_msgr.cc
@ -81,6 +81,7 @@ class MessengerTest : public ::testing::TestWithParam<const char*> {
    server_msgr->set_auth_server(&dummy_auth);
    client_msgr->set_auth_client(&dummy_auth);
    client_msgr->set_auth_server(&dummy_auth);
+    server_msgr->set_require_authorizer(false);
  }
  void TearDown() override {
    ASSERT_EQ(server_msgr->get_dispatch_queue_len(), 0);
@ -115,8 +116,6 @@ class FakeDispatcher : public Dispatcher {
  explicit FakeDispatcher(bool s): Dispatcher(g_ceph_context), lock("FakeDispatcher::lock"),
                          is_server(s), got_new(false), got_remote_reset(false),
                          got_connect(false), loopback(false) {
-    // don't need authorizers
-    ms_set_require_authorizer(false);
  }
  bool ms_can_fast_dispatch_any() const override { return true; }
  bool ms_can_fast_dispatch(const Message *m) const override {
@ -1509,8 +1508,6 @@ class SyntheticDispatcher : public Dispatcher {
  SyntheticDispatcher(bool s, SyntheticWorkload *wl):
      Dispatcher(g_ceph_context), lock("SyntheticDispatcher::lock"), is_server(s), got_new(false),
      got_remote_reset(false), got_connect(false), index(0), workload(wl) {
-    // don't need authorizers
-    ms_set_require_authorizer(false);
  }
  bool ms_can_fast_dispatch_any() const override { return true; }
  bool ms_can_fast_dispatch(const Message *m) const override {
@ -2087,8 +2084,6 @@ class MarkdownDispatcher : public Dispatcher {
  std::atomic<uint64_t> count = { 0 };
  explicit MarkdownDispatcher(bool s): Dispatcher(g_ceph_context), lock("MarkdownDispatcher::lock"),
                              last_mark(false) {
-    // don't need authorizers
-    ms_set_require_authorizer(false);
  }
  bool ms_can_fast_dispatch_any() const override { return false; }
  bool ms_can_fast_dispatch(const Message *m) const override {