libceph: introduce connection modes and ms_mode option
msgr2 supports two connection modes: crc (plain) and secure (on-wire encryption). Connection mode is picked by server based on input from client. Introduce ms_mode option: ms_mode=legacy - msgr1 (default) ms_mode=crc - crc mode, if denied fail ms_mode=secure - secure mode, if denied fail ms_mode=prefer-crc - crc mode, if denied agree to secure mode ms_mode=prefer-secure - secure mode, if denied agree to crc mode ms_mode affects all connections, we don't separate connections to mons like it's done in userspace with ms_client_mode vs ms_mon_client_mode. For now the default is legacy, to be flipped to prefer-crc after some time. Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
This commit is contained in:
Ilya Dryomov
@@ -39,13 +39,13 @@ static int init_protocol(struct ceph_auth_client *ac, int proto)
|
||||
/*
|
||||
* setup, teardown.
|
||||
*/
|
||||
struct ceph_auth_client *ceph_auth_init(const char *name, const struct ceph_crypto_key *key)
|
||||
struct ceph_auth_client *ceph_auth_init(const char *name,
|
||||
const struct ceph_crypto_key *key,
|
||||
const int *con_modes)
|
||||
{
|
||||
struct ceph_auth_client *ac;
|
||||
int ret;
|
||||
|
||||
dout("auth_init name '%s'\n", name);
|
||||
|
||||
ret = -ENOMEM;
|
||||
ac = kzalloc(sizeof(*ac), GFP_NOFS);
|
||||
if (!ac)
|
||||
@@ -57,8 +57,12 @@ struct ceph_auth_client *ceph_auth_init(const char *name, const struct ceph_cryp
|
||||
ac->name = name;
|
||||
else
|
||||
ac->name = CEPH_AUTH_NAME_DEFAULT;
|
||||
dout("auth_init name %s\n", ac->name);
|
||||
ac->key = key;
|
||||
ac->preferred_mode = con_modes[0];
|
||||
ac->fallback_mode = con_modes[1];
|
||||
|
||||
dout("%s name '%s' preferred_mode %d fallback_mode %d\n", __func__,
|
||||
ac->name, ac->preferred_mode, ac->fallback_mode);
|
||||
return ac;
|
||||
|
||||
out:
|
||||
|
||||
Reference in New Issue
Block a user