diff options
| author | Ilya Dryomov <idryomov@gmail.com> | 2021-04-14 19:58:49 +0200 |
|---|---|---|
| committer | Ilya Dryomov <idryomov@gmail.com> | 2021-04-14 19:58:49 +0200 |
| commit | f3a4166379b12d4a7bba667fe761e5b660552db1 (patch) | |
| tree | 44bee23b3853b971baa31048faa4fcdee4b87863 /qa/suites/rgw/sts/objectstore/bluestore-bitmap.yaml | |
| parent | Merge pull request #40614 from smithfarm/wip-39556 (diff) | |
| parent | Merge branch 'master' into wip-unauthorized-gids (diff) | |
| download | ceph-f3a4166379b12d4a7bba667fe761e5b660552db1.tar.xz ceph-f3a4166379b12d4a7bba667fe761e5b660552db1.zip | |
Merge branch 'CVE-2021-20288' into master
* CVE-2021-20288:
qa/standalone: default to disable insecure global id reclaim
qa/suites/upgrade/octopus-x: disable insecure global_id reclaim health warnings
qa/tasks/ceph[adm].conf[.template]: disable insecure global_id reclaim health alerts
cephadm: set auth_allow_insecure_global_id_reclaim for mon on bootstrap
mon/HealthMonitor: raise AUTH_INSECURE_GLOBAL_ID_RENEWAL[_ALLOWED]
auth/cephx: ignore CEPH_ENTITY_TYPE_AUTH in requested keys
auth/cephx: rotate auth tickets less often
mon: fail fast when unauthorized global_id (re)use is disallowed
auth/cephx: option to disallow unauthorized global_id (re)use
auth/cephx: make cephx_decode_ticket() take a const ticket_blob
auth/AuthServiceHandler: keep track of global_id and whether it is new
auth/AuthServiceHandler: build_cephx_response_header() is cephx-specific
auth/AuthServiceHandler: drop unused start_session() args
mon/MonClient: drop global_id arg from _add_conn() and _add_conns()
mon/MonClient: reset auth state in shutdown()
mon/MonClient: preserve auth state on reconnects
mon/MonClient: claim active_con's auth explicitly
mon/MonClient: resurrect "waiting for monmap|config" timeouts
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Diffstat (limited to 'qa/suites/rgw/sts/objectstore/bluestore-bitmap.yaml')
0 files changed, 0 insertions, 0 deletions