From 6461989f9ab9f3cf7ee39148d3de9bf199c26064 Mon Sep 17 00:00:00 2001
From: Mohit Agrawal <moagrawa@redhat.com>
Date: Mon, 27 Feb 2017 11:20:14 +0530
Subject: [PATCH 342/361] socket: Avoid flooding of SSL messages in case of
failure/success
Problem: Avoid flodding of SSL messages in case of failure/success
Solution: 1) Ideally ssl_setup_connection should be call after getting success on
connect so update the condition before call socket_spawn in socket_connect.
2) Change the message type to debug in case of success.
mainline:
> BUG: 1427018
> Reviewed-on: https://review.gluster.org/16767
> Smoke: Gluster Build System <jenkins@build.gluster.org>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
> Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
(cherry picked from commit 857885cbe54f61b2a05ac6f4204c4e51e07df378)
BUG: 1412930
Change-Id: Icb6101e49304d5fe539609b4afacfb1b50b62f84
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Reviewed-on: https://code.engineering.redhat.com/gerrit/101323
Tested-by: Milind Changire <mchangir@redhat.com>
Reviewed-by: Atin Mukherjee <amukherj@redhat.com>
---
rpc/rpc-transport/socket/src/socket.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/rpc/rpc-transport/socket/src/socket.c b/rpc/rpc-transport/socket/src/socket.c
index a3b12dd..088efda 100644
--- a/rpc/rpc-transport/socket/src/socket.c
+++ b/rpc/rpc-transport/socket/src/socket.c
@@ -345,17 +345,17 @@ ssl_setup_connection (rpc_transport_t *this, int server)
X509_NAME_get_text_by_NID(X509_get_subject_name(peer),
NID_commonName, peer_CN, sizeof(peer_CN)-1);
peer_CN[sizeof(peer_CN)-1] = '\0';
- gf_log(this->name,GF_LOG_INFO,"peer CN = %s", peer_CN);
- gf_log (this->name, GF_LOG_INFO,
- "SSL verification succeeded (client: %s)",
- this->peerinfo.identifier);
+ gf_log(this->name, GF_LOG_DEBUG, "peer CN = %s", peer_CN);
+ gf_log (this->name, GF_LOG_DEBUG,
+ "SSL verification succeeded (client: %s) (server: %s)",
+ this->peerinfo.identifier, this->myinfo.identifier);
return gf_strdup(peer_CN);
/* Error paths. */
ssl_error:
gf_log (this->name, GF_LOG_ERROR,
- "SSL connect error (client: %s)",
- this->peerinfo.identifier);
+ "SSL connect error (client: %s) (server: %s)",
+ this->peerinfo.identifier, this->myinfo.identifier);
ssl_dump_error_stack(this->name);
free_ssl:
SSL_free(priv->ssl_ssl);
@@ -3237,7 +3237,7 @@ handler:
rpc_transport_ref (this);
refd = _gf_true;
- if (priv->own_thread) {
+ if (priv->own_thread && !(priv->connect_failed)) {
if (pipe(priv->pipe) < 0) {
gf_log(this->name,GF_LOG_ERROR,
"could not create pipe");
--
1.8.3.1