msg/async, V2: bring back the no-encryption ability.

Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>

src/msg/async/ProtocolV2.cc

@@ -342,29 +342,35 @@ struct SignedEncryptedFrame : public PayloadFrame<T, Args...> {
   }
 
   SignedEncryptedFrame(ProtocolV2 &protocol, const Args &... args)
-      : PayloadFrame<T, Args...>(args...) {
-    ceph_assert(protocol.session_stream_handlers.tx);
-
-    protocol.session_stream_handlers.tx->reset_tx_handler({
-      this->payload.length()
-    });
-
-    auto exp_size = this->payload.length() + 16;
+      : PayloadFrame<T, Args...>(args...)
+  {
     // FIXME: plainsize -> ciphersize; for AES-GCM they are equall apart
     // from auth tag size
     this->fill_preamble({
-      segment_t{ this->payload.length() + 16 - FRAME_PREAMBLE_SIZE, 16 }
+      segment_t{ this->payload.length() - FRAME_PREAMBLE_SIZE, 16 }
     }, {});
 
-    protocol.session_stream_handlers.tx->authenticated_encrypt_update(
-      std::move(this->payload));
-    this->payload = \
-      protocol.session_stream_handlers.tx->authenticated_encrypt_final();
-    ceph_assert(exp_size == this->payload.length());
+    if (protocol.session_stream_handlers.tx) {
+      ceph_assert(protocol.session_stream_handlers.tx);
+      protocol.session_stream_handlers.tx->reset_tx_handler({
+	this->payload.length()
+      });
+
+      protocol.session_stream_handlers.tx->authenticated_encrypt_update(
+	std::move(this->payload));
+      this->payload = \
+	protocol.session_stream_handlers.tx->authenticated_encrypt_final();
+    }
   }
 
   SignedEncryptedFrame(ProtocolV2 &protocol, char *payload, uint32_t length)
-      : PayloadFrame<T, Args...>(do_not_encode_tag_t{}) {
+      : PayloadFrame<T, Args...>(do_not_encode_tag_t{})
+  {
+    if (!protocol.session_stream_handlers.rx) {
+      this->decode_frame(payload, length);
+      return;
+    }
+
     ceph::bufferlist bl;
     bl.push_back(buffer::create_static(length, payload));
 
@@ -520,7 +526,7 @@ struct MessageHeaderFrame
       segment_t{ this->payload.length() - FRAME_PREAMBLE_SIZE, 8 },
       segment_t{ front_len, 8 },
       segment_t{ middle_len, 8 },
-      segment_t{ data_len + 16, segment_t::DEFERRED_ALLOCATION },
+      segment_t{ data_len, segment_t::DEFERRED_ALLOCATION },
     }, {});
   }
 
@@ -1436,6 +1442,13 @@ CtPtr ProtocolV2::handle_read_frame_preamble_main(char *buffer, int r) {
       next_payload_len += main_preamble.segments[idx].length;
     }
 
+    if (session_stream_handlers.rx) {
+      rx_segments_todo_rev.front().length += \
+	session_stream_handlers.rx->get_extra_size_at_final();
+      next_payload_len += \
+	session_stream_handlers.rx->get_extra_size_at_final();
+    }
+
     // TODO: move this ugliness into dedicated procedure
     const auto rx_crc = ceph_crc32c(0,
       reinterpret_cast<const unsigned char*>(&main_preamble),

src/msg/async/crypto_onwire.cc

@@ -173,6 +173,9 @@ class AES128GCM_OnWireRxHandler : public ceph::crypto::onwire::RxHandler {
     memset(&nonce, 0, sizeof(nonce));
   }
 
+  std::uint32_t get_extra_size_at_final() override {
+    return AESGCM_TAG_LEN;
+  }
   void reset_rx_handler() override;
   ceph::bufferlist authenticated_decrypt_update(
     ceph::bufferlist&& ciphertext,

src/msg/async/crypto_onwire.h

@@ -78,6 +78,11 @@ class RxHandler {
 public:
   virtual ~RxHandler() = default;
 
+  // Transmitter can append extra bytes of ciphertext at the -final step.
+  // This method return how much was added, and thus let client translate
+  // plaintext size into ciphertext size to grab from wire.
+  virtual std::uint32_t get_extra_size_at_final() = 0;
+
   // Instance of RxHandler must be reset before doing any decrypt-update
   // step. This applies also to situation when decrypt-final was already
   // called and another round of update-...-update-final will take place.