diff options
author | Ashish Pandey <aspandey@redhat.com> | 2016-03-23 11:26:49 +0530 |
---|---|---|
committer | Pranith Kumar Karampuri <pkarampu@redhat.com> | 2016-03-28 23:00:04 -0700 |
commit | 1e1c34419848d1f1072fe7d5309bb11c7a60f57c (patch) | |
tree | e9d3380e3b1f06aefe067d0ccfeb2f32a912b601 | |
parent | cd32751867252219bd66fa300418579080eef924 (diff) |
glfs/heal: Use encrypted connection in shd
When management encryption is enabled, GlusterD
only allows encrypted connections for port 24007.
SHD is trying to fetch it's volfile using an
unencrypted connection.
If /var/lib/glusterd/secure-access is present , i.e.
if management ssl is enabled, use encrypted connection
fecth info from glusterd.
master -
http://review.gluster.org/13815
Change-Id: Ia41dcde1a69375379409889ec5b3a70cb95a4fd0
BUG: 1321514
Signed-off-by: Ashish Pandey <aspandey@redhat.com>
Reviewed-on: http://review.gluster.org/13832
Smoke: Gluster Build System <jenkins@build.gluster.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
-rw-r--r-- | heal/src/glfs-heal.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/heal/src/glfs-heal.c b/heal/src/glfs-heal.c index c6c1161b05b..076b631e636 100644 --- a/heal/src/glfs-heal.c +++ b/heal/src/glfs-heal.c @@ -15,6 +15,7 @@ #include "glfs-handles.h" #include "glfs-internal.h" #include "protocol-common.h" +#include "syscall.h" #include "syncop.h" #include "syncop-utils.h" #include <string.h> @@ -911,6 +912,10 @@ main (int argc, char **argv) goto out; } + if (sys_access(SECURE_ACCESS_FILE, F_OK) == 0) { + fs->ctx->secure_mgmt = 1; + } + ret = glfs_set_volfile_server (fs, "unix", DEFAULT_GLUSTERD_SOCKFILE, 0); if (ret) { printf("Setting the volfile server failed, %s\n", strerror (errno)); |