* refs/pull/26466/head:
msg/async, v2: fix wrong base for KeepAliveFrameAck.
msg/async, v2: frame decoding operates on bufferlist.
msg/async, v2: drop ceph_msg_header2 fields duplicating segment info.
msg/async, v2: drop the scaffolding in preamble parsing.
msg/async, v2: handle msg authentication failures.
msg/async, v2: drop depedency on uint128_t. Clean up onwire crypto.
msg/async, v2: fix cur_msg_size in ::reset_recv_state().
msg/async, v2: drop magic numbers for segments.
msg/async, v2: get rid of magic number in SignedEncryptedFrame.
msg/async, v2: get rid of the magic number for default alignment.
msg/async, v2: decouple onwire segment length from logical length.
msg/async, v2: follow the const bl& concept in authenticated_encrypt_update().
msg/async, v2: drop handling of extra segments in ::fill_preamble().
msg/async, v2: get rid of magic numbers for alignment.
msg/async, v2: drop reserve() from onwire crypto's TxHandler.
msg/async: add con_mode to debug lines
msg/DispatchQueue: include con_mode in <== line
common/ceph_strings: get_con_mode_name()
msg/Connection: add get_con_mode()
msg/async/ProtocolV2: clean up preamble comments
msg/async, v2: improve debug around sending client indent.
msg/async, v2: bring back the no-encryption ability.
msg/async, v2: workaround con_mode handling.
msg/async, v2: drop the throttles bypass.
msg/async, v2: READ_MESSAGE_FRONT -> THROTTLE_DONE.
msg/async: WaitFrame of V2 can be crypto processed now.
msg/async: initial multi-segment support for V2.
msg/async: V2 bypasses throttles just for development.
msg/async: rectify reseting security state in ProtocolV2::reset_recv_state().
msg/async: switch to CRC32 for V2 preamble blocks.
msg/async: bump up preamble block size to 32 bytes.
msg/async: get rid of the distiction on main and extra V2 preamble.
msg/async: add debug around empty ClientIdent::addrs.
msg/async: V2 uses segments instead of next_payload_len, part 1.
msg/async: perform V2 frame dispatch in dedicated method.
msg/async: implement crc checking for main preamble of V2.
msg/async: receive V2 messages with new preable format.
msg/async: transmit V2 messages with new preable format.
msg/async: reset crypto processors in ProtocolV2::reset_recv_state().
msg/async: preamble of V2 Frames is now encrypted and authenticated.
msg/async: slightly rework ProtocolV2 preamble crafting.
msg/async: reset the rx stream handler in ::handle_read_frame_length_and_tag.
auth, msg/async, v2: drop AuthStreamHandler and AES128GCM_StreamHandler.
msg/async: Messages in Protocol2 are crypto-processed only once.
msg/async: SignedEncryptedFrame uses ceph::crypto::onwire.
msg/async: expose message segmentation to ::write_message().
auth: implement ceph::crypto::onwire with OpenSSL EVP.
auth: introduce ceph::crypto::onwire interfaces.
msg/async: decouple MessageHeaderFrame from SignedEncryptedFrame.
msg/async: move Protocol* asserts in SignedEncryptedFrame to compile time.
msg/async: simplify encryption handling in the PayloadFrame class.
auth: drop AES128CBC_HMACSHA256_StreamHandler.
msg/async: ensure consistency between con_mode and session_security.
msg/async: drop MessageFrame. Use MessageHeaderFrame instead.
msg/async: set con_mode and session_security at both peers.
msg/async, auth: switch AuthStreamHandler::rxtx_t to std::unique_ptr.
crypto: AES128GCM_StreamHandler brings authenticated encryption with AES-GCM.
include: uint128_t -> ceph::uint128_t + using.
msg/async: move crypto handling from ProtocolV2 into AuthStreamHandler.
auth, msg: dissect AuthStreamHandler from AuthSessionHandler.
auth/cephx: make _calc_signature() of CephxSessionHandler private.
auth: drop {en,de}crypt_message() from AuthSessionHandler.
auth: introduce DummyAuthSessionHandler.
auth: make AuthSessionHandler purely abstract.
auth: drop no_security() from AuthSessionHandler.
auth: drop get_protocol() and get_key() from AuthSessionHandler.
auth: drop sign_bufferlist() from AuthSessionHandler.
msg/async: drop get_auth_meta() from Protocol.
msg/async: emphasize ProtocolV2 does authenticated encryption.
Reviewed-by: Sage Weil <sage@redhat.com>
For those with multiple storage pools sharing the same devices,
I think it would make much more sense to offer per-pool
commands to bring pools with high priority, e.g., because they
are hosting data of more importance than others, back to normal
quickly.
Fixes: http://tracker.ceph.com/issues/38456
Signed-off-by: xie xingguo <xie.xingguo@zte.com.cn>
* refs/pull/26602/head:
Revert "pybind: set language_level for cythonize explicitly"
Revert "pybind: auto encode/decode cstr"
Reviewed-by: Jason Dillaman <dillaman@redhat.com>
* refs/pull/26550/head:
mon/AuthMonitor: provide auth_lock-safe _assign_global_id()
mon/AuthMonitor: provide AuthMonitor with mon count and rank *only* while active
Reviewed-by: Greg Farnum <gfarnum@redhat.com>
cmake,rgw: make amqp support optional
Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Yuval Lifshitz <yuvalif@yahoo.com>
Reviewed-by: Willem Jan Withagen <wjw@digiware.nl>
This change is driven by buggy buffer's life time management
polluting AuthAuthorizer::bl with dangling raw_static instances.
Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
