diff options
| author | Pranith K <pranithk@gluster.com> | 2011-03-25 21:42:49 +0000 | 
|---|---|---|
| committer | Vijay Bellur <vijay@dev.gluster.com> | 2011-03-26 08:38:55 -0700 | 
| commit | 3f37921807fc84af6d9529ae18aa8575e2458fc5 (patch) | |
| tree | 2bf6290295f110bc66bcb3900fac0350b938e589 | |
| parent | a9a6d95ecb86f45b197bc36d8e6a504d65367c3a (diff) | |
rpc: Provide an option to allow insecure ports
Signed-off-by: Pranith Kumar K <pranithk@gluster.com>
Signed-off-by: Vijay Bellur <vijay@dev.gluster.com>
BUG: 2582 (allow option to accept messages from insecure ports)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2582
| -rw-r--r-- | rpc/rpc-lib/src/rpcsvc-auth.c | 27 | ||||
| -rw-r--r-- | rpc/rpc-lib/src/rpcsvc.c | 2 | ||||
| -rw-r--r-- | rpc/rpc-lib/src/rpcsvc.h | 2 | 
3 files changed, 30 insertions, 1 deletions
| diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c index 0dac37b8294..567a78a438c 100644 --- a/rpc/rpc-lib/src/rpcsvc-auth.c +++ b/rpc/rpc-lib/src/rpcsvc-auth.c @@ -175,6 +175,32 @@ err:  }  int +rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options) +{ +        int             ret = -1; +        char            *allow_insecure_str = NULL; +        gf_boolean_t    is_allow_insecure = _gf_false; + +        GF_ASSERT (svc); +        GF_ASSERT (options); + +        ret = dict_get_str (options, "rpc-auth-allow-insecure", +                            &allow_insecure_str); +        if (0 == ret) { +                ret = gf_string2boolean (allow_insecure_str, +                                         &is_allow_insecure); +                if (0 == ret) { +                        if (_gf_true == is_allow_insecure) +                                svc->allow_insecure = 1; +                        else +                                svc->allow_insecure = 0; +                } +        } + +        return 0; +} + +int  rpcsvc_auth_init (rpcsvc_t *svc, dict_t *options)  {          int             ret = -1; @@ -182,6 +208,7 @@ rpcsvc_auth_init (rpcsvc_t *svc, dict_t *options)          if ((!svc) || (!options))                  return -1; +        (void) rpcsvc_set_allow_insecure (svc, options);          ret = rpcsvc_auth_add_initers (svc);          if (ret == -1) {                  gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add initers"); diff --git a/rpc/rpc-lib/src/rpcsvc.c b/rpc/rpc-lib/src/rpcsvc.c index 9d0d3d7a1a5..159edba530b 100644 --- a/rpc/rpc-lib/src/rpcsvc.c +++ b/rpc/rpc-lib/src/rpcsvc.c @@ -442,7 +442,7 @@ rpcsvc_handle_rpc_call (rpcsvc_t *svc, rpc_transport_t *trans,                  gf_log ("rpcsvc", GF_LOG_TRACE, "Client port: %d", (int)port); -                if (port > 1024) {  //Non-privilaged user, fail request +                if ((port > 1024) && (0 == svc->allow_insecure)) {  //Non-privileged user, fail request                          gf_log ("glusterd", GF_LOG_ERROR, "Request received from non-"                                  "privileged port. Failing request");                          return -1; diff --git a/rpc/rpc-lib/src/rpcsvc.h b/rpc/rpc-lib/src/rpcsvc.h index 3d5abc2d4d6..17da800fa9c 100644 --- a/rpc/rpc-lib/src/rpcsvc.h +++ b/rpc/rpc-lib/src/rpcsvc.h @@ -540,4 +540,6 @@ int rpcsvc_callback_submit (rpcsvc_t *rpc, rpc_transport_t *trans,  int  rpcsvc_transport_unix_options_build (dict_t **options, char *filepath); +int +rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options);  #endif | 
