From 0b3612f81f21a5e8a01dc564c0fd0337b898d0d5 Mon Sep 17 00:00:00 2001
From: Ashish Pandey <aspandey@redhat.com>
Date: Wed, 23 Mar 2016 11:26:49 +0530
Subject: [PATCH 39/80] glfs/heal: Use encrypted connection in shd

When management encryption is enabled, GlusterD
only allows encrypted connections for port 24007.
SHD is trying to fetch it's volfile using an
unencrypted connection.

If /var/lib/glusterd/secure-access is present , i.e.
if management ssl is enabled, use encrypted connection
fecth info from glusterd.

master -
http://review.gluster.org/#/c/13815/
release-3.7 -
http://review.gluster.org/#/c/13832/

Change-Id: Ia41dcde1a69375379409889ec5b3a70cb95a4fd0
BUG: 1279628
Signed-off-by: Ashish Pandey <aspandey@redhat.com>
Reviewed-on: http://review.gluster.org/13815
Smoke: Gluster Build System <jenkins@build.gluster.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
Signed-off-by: Ashish Pandey <aspandey@redhat.com>
Reviewed-on: https://code.engineering.redhat.com/gerrit/71390
Tested-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
---
 heal/src/glfs-heal.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/heal/src/glfs-heal.c b/heal/src/glfs-heal.c
index 83c1b10..59bd21f 100644
--- a/heal/src/glfs-heal.c
+++ b/heal/src/glfs-heal.c
@@ -15,6 +15,7 @@
 #include "glfs-handles.h"
 #include "glfs-internal.h"
 #include "protocol-common.h"
+#include "syscall.h"
 #include "syncop.h"
 #include "syncop-utils.h"
 #include <string.h>
@@ -902,6 +903,10 @@ main (int argc, char **argv)
                 goto out;
         }
 
+        if (sys_access(SECURE_ACCESS_FILE, F_OK) == 0) {
+                fs->ctx->secure_mgmt = 1;
+        }
+
         ret = glfs_set_volfile_server (fs, "unix", DEFAULT_GLUSTERD_SOCKFILE, 0);
         if (ret) {
                 printf("Setting the volfile server failed, %s\n", strerror (errno));
-- 
1.7.1