From 28f373d89fba7266473c952d9c2bf6ec5f02628c Mon Sep 17 00:00:00 2001
From: Kaushal M <kaushal@redhat.com>
Date: Mon, 9 Apr 2012 12:17:16 +0530
Subject: xlator/server,xlator/nfs : Fix authentication for address lists

Fixes authentication problems when address lists are given for
auth.{allow,reject} and nfs.rpc-auth-{allow,reject}.

Change-Id: I9959ebfa6820aef52c883372e1085660560e1e73
BUG: 810179
Signed-off-by: Kaushal M <kaushal@redhat.com>
Reviewed-on: http://review.gluster.com/3104
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
---
 xlators/nfs/server/src/mount3.c | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

(limited to 'xlators/nfs')

diff --git a/xlators/nfs/server/src/mount3.c b/xlators/nfs/server/src/mount3.c
index cebdf5270..2e482771d 100644
--- a/xlators/nfs/server/src/mount3.c
+++ b/xlators/nfs/server/src/mount3.c
@@ -754,24 +754,37 @@ mnt3_check_client_net (struct mount3_state *ms, rpcsvc_request_t *req,
                        xlator_t *targetxl)
 {
 
-        rpcsvc_t        *svc = NULL;
-        int             ret = -1;
+        rpcsvc_t                *svc = NULL;
+        rpc_transport_t         *trans = NULL;
+        struct sockaddr_storage sastorage = {0,};
+        char                    peer[RPCSVC_PEER_STRLEN] = {0,};
+        int                     ret = -1;
 
         if ((!ms) || (!req) || (!targetxl))
                 return -1;
 
         svc = rpcsvc_request_service (req);
+
+        trans = rpcsvc_request_transport (req);
+        ret = rpcsvc_transport_peeraddr (trans, peer, RPCSVC_PEER_STRLEN,
+                                         &sastorage, sizeof (sastorage));
+        if (ret != 0) {
+                gf_log (GF_MNT, GF_LOG_WARNING, "Failed to get peer addr: %s",
+                        gai_strerror (ret));
+        }
+
         ret = rpcsvc_transport_peer_check (svc->options, targetxl->name,
-                                           rpcsvc_request_transport (req));
+                                           trans);
         if (ret == RPCSVC_AUTH_REJECT) {
-                gf_log (GF_MNT, GF_LOG_TRACE, "Peer not allowed");
+                gf_log (GF_MNT, GF_LOG_INFO, "Peer %s  not allowed", peer);
                 goto err;
         }
 
         ret = rpcsvc_transport_privport_check (svc, targetxl->name,
                                                rpcsvc_request_transport (req));
         if (ret == RPCSVC_AUTH_REJECT) {
-                gf_log (GF_MNT, GF_LOG_TRACE, "Unprivileged port not allowed");
+                gf_log (GF_MNT, GF_LOG_INFO, "Peer %s rejected. Unprivileged "
+                        "port not allowed", peer);
                 goto err;
         }
 
-- 
cgit