Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
auth/cephx: rotate auth tickets less often
If unauthorized global_id (re)use is disallowed, a client that has been disconnected from the network long enough for keys to rotate and its auth ticket to expire (i.e. become invalid/unverifiable) would not be able to reconnect. The default TTL is 12 hours, resulting in a 12-24 hour reconnect window (the previous key is kept around, so the actual window can be up to double the TTL). The setting has stayed the same since 2009, but it also hasn't been enforced. Bump it to get a 72 hour reconnect window to cover for something breaking on Friday and not getting fixed until Monday. Signed-off-by: Ilya Dryomov <idryomov@gmail.com> (cherry picked from commit 522a52e)
- Loading branch information