git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Sage Weil <sage@inktank.com>
	Mon, 25 Mar 2013 17:25:49 +0000 (10:25 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 20 Jun 2013 19:01:32 +0000 (12:01 -0700)
commit	def71c018b0cc6c1eb7f30aa3268e764f48e9cf0
tree	bb6064cdc92aac519642d7f62cc8d73e09da3f21	tree
parent	5725b3e6e06bc80daaed802e4fd58e094c20a191	commit \| diff

libceph: fix authorizer invalidation

commit 4b8e8b5d78b8322351d44487c1b76f7e9d3412bc upstream.

We were invalidating the authorizer by removing the ticket handler
entirely.  This was effective in inducing us to request a new authorizer,
but in the meantime it mean that any authorizer we generated would get a
new and initialized handler with secret_id=0, which would always be
rejected by the server side with a confusing error message:

auth: could not find secret_id=0
cephx: verify_authorizer could not get service secret for service osd secret_id=0

Instead, simply clear the validity field.  This will still induce the auth
code to request a new secret, but will let us continue to use the old
ticket in the meantime.  The messenger code will probably continue to fail,
but the exponential backoff will kick in, and eventually the we will get a
new (hopefully more valid) ticket from the mon and be able to continue.

Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Alex Elder <elder@inktank.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>