rpms / glusterfs

Clone
Source Code
GIT

Files

  1.   3604dfff43c1b5b83e19180114585fa936b1168d
  2.   SOURCES
  3.   0090-glusterfsd-explicitly-turn-on-encryption-for-volfile.patch
Blob Blame History Raw 
From c9a0fad614df6803dc5b377ca48d98141608e8aa Mon Sep 17 00:00:00 2001
From: Kaushal M <kaushal@redhat.com>
Date: Thu, 5 May 2016 14:19:55 +0530
Subject: [PATCH 90/94] glusterfsd: explicitly turn on encryption for volfile fetch

Problem: In case of encrypted transport RPC clients not able to
         reconnect.due to this daemon(glustershd etc) not able to
         fetch volfile and not started.

Solution: After turn on encryption explictly to fetch volfile
          issue is resolved.

> Change-Id: I58e1fe7f5edf0abb5732432291ff677e81429b79
> BUG: 1333317
> Signed-off-by: Kaushal M <kaushal@redhat.com>
> Reviewed-on: http://review.gluster.org/14253
> Smoke: Gluster Build System <jenkins@build.gluster.com>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
> (cherry picked from commit 60d235515e582319474ba7231aad490d19240642)

>Reviewed-on: http://review.gluster.org/15567
>CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
>NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
>Reviewed-by: Niels de Vos <ndevos@redhat.com>
>Smoke: Gluster Build System <jenkins@build.gluster.org>

Change-Id: I15193837dc692b0cd7df942843bcf27a1c47e695
BUG: 1378528
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Reviewed-on: https://code.engineering.redhat.com/gerrit/85897
Reviewed-by: Atin Mukherjee <amukherj@redhat.com>
---
 glusterfsd/src/glusterfsd-mgmt.c |   13 +++++++++++++
 1 files changed, 13 insertions(+), 0 deletions(-)

diff --git a/glusterfsd/src/glusterfsd-mgmt.c b/glusterfsd/src/glusterfsd-mgmt.c
index e257659..2a090eb 100644
--- a/glusterfsd/src/glusterfsd-mgmt.c
+++ b/glusterfsd/src/glusterfsd-mgmt.c
@@ -2154,6 +2154,19 @@ glusterfs_mgmt_init (glusterfs_ctx_t *ctx)
         if (ret)
                 goto out;
 
+        /* Explicitly turn on encrypted transport. */
+        if (ctx->secure_mgmt) {
+                ret = dict_set_dynstr_with_alloc
+                        (options, "transport.socket.ssl-enabled", "yes");
+                if (ret) {
+                        gf_log (THIS->name, GF_LOG_ERROR,
+                                "failed to set 'transport.socket.ssl-enabled' "
+                                "in options dict");
+                        goto out;
+
+                }
+        }
+
         rpc = rpc_clnt_new (options, THIS, THIS->name, 8);
         if (!rpc) {
                 ret = -1;
-- 
1.7.1

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation