From c9a0fad614df6803dc5b377ca48d98141608e8aa Mon Sep 17 00:00:00 2001
From: Kaushal M <kaushal@redhat.com>
Date: Thu, 5 May 2016 14:19:55 +0530
Subject: [PATCH 90/94] glusterfsd: explicitly turn on encryption for volfile fetch
Problem: In case of encrypted transport RPC clients not able to
reconnect.due to this daemon(glustershd etc) not able to
fetch volfile and not started.
Solution: After turn on encryption explictly to fetch volfile
issue is resolved.
> Change-Id: I58e1fe7f5edf0abb5732432291ff677e81429b79
> BUG: 1333317
> Signed-off-by: Kaushal M <kaushal@redhat.com>
> Reviewed-on: http://review.gluster.org/14253
> Smoke: Gluster Build System <jenkins@build.gluster.com>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
> (cherry picked from commit 60d235515e582319474ba7231aad490d19240642)
>Reviewed-on: http://review.gluster.org/15567
>CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
>NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
>Reviewed-by: Niels de Vos <ndevos@redhat.com>
>Smoke: Gluster Build System <jenkins@build.gluster.org>
Change-Id: I15193837dc692b0cd7df942843bcf27a1c47e695
BUG: 1378528
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Reviewed-on: https://code.engineering.redhat.com/gerrit/85897
Reviewed-by: Atin Mukherjee <amukherj@redhat.com>
---
glusterfsd/src/glusterfsd-mgmt.c | 13 +++++++++++++
1 files changed, 13 insertions(+), 0 deletions(-)
diff --git a/glusterfsd/src/glusterfsd-mgmt.c b/glusterfsd/src/glusterfsd-mgmt.c
index e257659..2a090eb 100644
--- a/glusterfsd/src/glusterfsd-mgmt.c
+++ b/glusterfsd/src/glusterfsd-mgmt.c
@@ -2154,6 +2154,19 @@ glusterfs_mgmt_init (glusterfs_ctx_t *ctx)
if (ret)
goto out;
+ /* Explicitly turn on encrypted transport. */
+ if (ctx->secure_mgmt) {
+ ret = dict_set_dynstr_with_alloc
+ (options, "transport.socket.ssl-enabled", "yes");
+ if (ret) {
+ gf_log (THIS->name, GF_LOG_ERROR,
+ "failed to set 'transport.socket.ssl-enabled' "
+ "in options dict");
+ goto out;
+
+ }
+ }
+
rpc = rpc_clnt_new (options, THIS, THIS->name, 8);
if (!rpc) {
ret = -1;
--
1.7.1