Project

General

Profile

Actions
Copy link

Bug #2429

closed

ceph-client: verify_authrizer_reply con method never called

Added by Alex Elder almost 12 years ago. Updated about 11 years ago.

Status:
Resolved
Priority:
High
Assignee:
Sage Weil
Category:
libceph
Target version:
-
% Done:

0%

Source:
Development
Tags:
Backport:
Regression:
Severity:
Reviewed:
Affected Versions:
ceph-qa-suite:
Crash signature (v1):
Crash signature (v2):

Description

Both ceph_connection_operations and ceph_auth_client_ops define
a verify_authorizer_reply method.

The only caller of functions by that name in the client code are
the two auth_client verify_authorizer_reply methods, but they
themselves are never called.

This means we're never actually checking the authorizer returned
by the server, so we're (at least) not verifying its authenticity.

Maybe the client isn't supposed to--in which case this is dead
code that can be removed. But I think we want the authentication
between client and server to be mutual.

Actions
Copy link
 #1

Updated by Alex Elder almost 12 years ago

Whoops, forgot to fill in a real subject/title. Not sure how to
fix it either.

Actions
Copy link
 #2

Updated by Sage Weil almost 12 years ago

  • Subject changed from ceph-client: to ceph-client: verify_authrizer_reply con method never called
  • Category set to libceph
  • Priority changed from Normal to High
Actions
Copy link
 #3

Updated by Sage Weil over 11 years ago

  • Status changed from New to 12
Actions
Copy link
 #4

Updated by Sage Weil about 11 years ago

  • Assignee set to Sage Weil
Actions
Copy link
 #5

Updated by Sage Weil about 11 years ago

  • Status changed from 12 to 7
Actions
Copy link
 #6

Updated by Sage Weil about 11 years ago

  • Status changed from 7 to Resolved
Actions
Copy link

Also available in: Atom PDF