• Sage Weil's avatar
    libceph: add update_authorizer auth method · 0bed9b5c
    Sage Weil authored
    Currently the messenger calls out to a get_authorizer con op, which will
    create a new authorizer if it doesn't yet have one.  In the meantime, when
    we rotate our service keys, the authorizer doesn't get updated.  Eventually
    it will be rejected by the server on a new connection attempt and get
    invalidated, and we will then rebuild a new authorizer, but this is not
    ideal.
    
    Instead, if we do have an authorizer, call a new update_authorizer op that
    will verify that the current authorizer is using the latest secret.  If it
    is not, we will build a new one that does.  This avoids the transient
    failure.
    
    This fixes one of the sorry sequence of events for bug
    
    	http://tracker.ceph.com/issues/4282Signed-off-by: default avatarSage Weil <sage@inktank.com>
    Reviewed-by: default avatarAlex Elder <elder@inktank.com>
    0bed9b5c
auth_x.h 875 Bytes