• Ilya Dryomov's avatar
    libceph: verify authorize reply on connect · e1589b27
    Ilya Dryomov authored
    [ Upstream commit 5c056fdc ]
    
    After sending an authorizer (ceph_x_authorize_a + ceph_x_authorize_b),
    the client gets back a ceph_x_authorize_reply, which it is supposed to
    verify to ensure the authenticity and protect against replay attacks.
    The code for doing this is there (ceph_x_verify_authorizer_reply(),
    ceph_auth_verify_authorizer_reply() + plumbing), but it is never
    invoked by the the messenger.
    
    AFAICT this goes back to 2009, when ceph authentication protocols
    support was added to the kernel client in 4e7a5dcd ("ceph:
    negotiate authentication protocol; implement AUTH_NONE protocol").
    
    The second param of ceph_connection_operations::verify_authorizer_reply
    is unused all the way down.  Pass 0 to facilitate backporting, and kill
    it in the next commit.
    
    Cc: stable@vger.kernel.org
    Signed-off-by: default avatarIlya Dryomov <idryomov@gmail.com>
    Reviewed-by: default avatarSage Weil <sage@redhat.com>
    Signed-off-by: default avatarSasha Levin <alexander.levin@verizon.com>
    e1589b27
messenger.c 85.1 KB