diff options
| author | Prasanna Kumar Kalever <prasanna.kalever@redhat.com> | 2015-06-24 12:21:02 +0530 |
|---|---|---|
| committer | Raghavendra G <rgowdapp@redhat.com> | 2015-07-26 21:31:39 -0700 |
| commit | 9442e7bf80f5c2189140918bb5588868204521ed (patch) | |
| tree | 8a480391111ac4c86b0ba7da96146befa3ac1bd6 /rpc/rpc-lib/src/rpcsvc-auth.c | |
| parent | e9b86d0b575e8e59f0910874341a4a05574124cf (diff) | |
rpc: fix binding brick issue while bind-insecure is enabled
problem:
When bind-insecure is turned on (which is the default now), it may happen
that brick is not able to bind to port assigned by Glusterd for example
49192-49195...
It seems to occur because the rpc_clnt connections are binding to ports in
the same range. so brick fails to bind to a port which is already used by
someone else
solution:
fix for now is to make rpc_clnt to get port numbers from 65535 in a descending
order, as a result port clash is minimized
other fixes:
previously rdma binds to port >= 1024 if it cannot find a free port < 1024,
even when bind insecure was turned off(ref to commit '0e3fd04e'), this patch
add's a check for bind-insecure in gf_rdma_client_bind function
This patch also re-enable bind-insecure and allow insecure by default which was
reverted (ref: commit cef1720) previously
Change-Id: Ia1cfa93c5454e2ae0ff57813689b75de282ebd07
BUG: 1238661
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Reviewed-on: http://review.gluster.org/11512
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
Diffstat (limited to 'rpc/rpc-lib/src/rpcsvc-auth.c')
| -rw-r--r-- | rpc/rpc-lib/src/rpcsvc-auth.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c index 6b4c7937437..b7d6c2216ef 100644 --- a/rpc/rpc-lib/src/rpcsvc-auth.c +++ b/rpc/rpc-lib/src/rpcsvc-auth.c @@ -221,9 +221,20 @@ rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options) else svc->allow_insecure = 0; } + } else { + /* By default set allow-insecure to true */ + svc->allow_insecure = 1; + + /* setting in options for the sake of functions that look + * configuration params for allow insecure, eg: gf_auth + */ + ret = dict_set_str (options, "rpc-auth-allow-insecure", "on"); + if (ret < 0) + gf_log ("rpc-auth", GF_LOG_DEBUG, + "dict_set failed for 'allow-insecure'"); } - return 0; + return ret; } int |