]> Pileus Git - ~andy/linux/blobdiff - fs/ceph/auth_x.c
projects / ~andy / linux / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ceph: clean up service ticket decoding
[~andy/linux] / fs / ceph / auth_x.c
diff --git a/fs/ceph/auth_x.c b/fs/ceph/auth_x.c
index 33d3ad4dc456ef24ad9aa0876ff90794a340aa61..8d8a8496476328c500e7e959e6a9fcbb90ac5d1d 100644 (file)
--- a/fs/ceph/auth_x.c
+++ b/fs/ceph/auth_x.c
@@ -156,7 +156,11 @@ static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac,
                struct timespec validity;
                struct ceph_crypto_key old_key;
                void *tp, *tpend;
+               struct ceph_timespec new_validity;
+               struct ceph_crypto_key new_session_key;
                struct ceph_buffer *new_ticket_blob;
+               unsigned long new_expires, new_renew_after;
+               u64 new_secret_id;
 
                ceph_decode_need(&p, end, sizeof(u32) + 1, bad);
 
@@ -189,16 +193,16 @@ static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac,
                        goto bad;
 
                memcpy(&old_key, &th->session_key, sizeof(old_key));
-               ret = ceph_crypto_key_decode(&th->session_key, &dp, dend);
+               ret = ceph_crypto_key_decode(&new_session_key, &dp, dend);
                if (ret)
                        goto out;
 
-               ceph_decode_copy(&dp, &th->validity, sizeof(th->validity));
-               ceph_decode_timespec(&validity, &th->validity);
-               th->expires = get_seconds() + validity.tv_sec;
-               th->renew_after = th->expires - (validity.tv_sec / 4);
-               dout(" expires=%lu renew_after=%lu\n", th->expires,
-                    th->renew_after);
+               ceph_decode_copy(&dp, &new_validity, sizeof(new_validity));
+               ceph_decode_timespec(&validity, &new_validity);
+               new_expires = get_seconds() + validity.tv_sec;
+               new_renew_after = new_expires - (validity.tv_sec / 4);
+               dout(" expires=%lu renew_after=%lu\n", new_expires,
+                    new_renew_after);
 
                /* ticket blob for service */
                ceph_decode_8_safe(&p, end, is_enc, bad);
@@ -223,13 +227,21 @@ static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac,
                dout(" ticket blob is %d bytes\n", dlen);
                ceph_decode_need(&tp, tpend, 1 + sizeof(u64), bad);
                struct_v = ceph_decode_8(&tp);
-               th->secret_id = ceph_decode_64(&tp);
+               new_secret_id = ceph_decode_64(&tp);
                ret = ceph_decode_buffer(&new_ticket_blob, &tp, tpend);
                if (ret)
                        goto out;
+
+               /* all is well, update our ticket */
+               ceph_crypto_key_destroy(&th->session_key);
                if (th->ticket_blob)
                        ceph_buffer_put(th->ticket_blob);
+               th->session_key = new_session_key;
                th->ticket_blob = new_ticket_blob;
+               th->validity = new_validity;
+               th->secret_id = new_secret_id;
+               th->expires = new_expires;
+               th->renew_after = new_renew_after;
                dout(" got ticket service %d (%s) secret_id %lld len %d\n",
                     type, ceph_entity_type_name(type), th->secret_id,
                     (int)th->ticket_blob->vec.iov_len);
Andy's Linux Kernel repo