Revert "rpc: By default set allow-insecure, bind-insecure to on"

This reverts commit 243a5b429f225acb8e7132264fe0a0835ff013d5.

This patch introduced a regression where client no longer binds to 
privileged port. This is causing lots of regressions. Hence reverting 
this patch for now and will be resent after suitable modifications.

Change-Id: I302252fd3832b0a5a03b04e30cfa0def37597404
Reviewed-on: http://review.gluster.org/11508
Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
Tested-by: Raghavendra G <rgowdapp@redhat.com>

4 files changed, 21 insertions, 52 deletions

diff --git a/rpc/rpc-lib/src/rpc-transport.c b/rpc/rpc-lib/src/rpc-transport.c
index 0a791abfddd..23fbf37360d 100644
--- a/rpc/rpc-lib/src/rpc-transport.c
+++ b/rpc/rpc-lib/src/rpc-transport.c
@@ -267,8 +267,7 @@ rpc_transport_load (glusterfs_ctx_t *ctx, dict_t *options, char *trans_name)
                 else
                         trans->bind_insecure = 0;
         } else {
-                /* By default allow bind insecure */
-                trans->bind_insecure = 1;
+                trans->bind_insecure = 0;
         }
 
 	ret = dict_get_str (options, "transport-type", &type);
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c
index b7d6c2216ef..6b4c7937437 100644
--- a/rpc/rpc-lib/src/rpcsvc-auth.c
+++ b/rpc/rpc-lib/src/rpcsvc-auth.c
@@ -221,20 +221,9 @@ rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options)
                         else
                                 svc->allow_insecure = 0;
                 }
-        } else {
-                /* By default set allow-insecure to true */
-                svc->allow_insecure = 1;
-
-                /* setting in options for the sake of functions that look
-                 * configuration params for allow insecure,  eg: gf_auth
-                 */
-                ret = dict_set_str (options, "rpc-auth-allow-insecure", "on");
-                if (ret < 0)
-                        gf_log ("rpc-auth", GF_LOG_DEBUG,
-                                        "dict_set failed for 'allow-insecure'");
         }
 
-        return ret;
+        return 0;
 }
 
 int
diff --git a/rpc/rpc-lib/src/rpcsvc.c b/rpc/rpc-lib/src/rpcsvc.c
index 8eb38ed8eff..be95d25b1b1 100644
--- a/rpc/rpc-lib/src/rpcsvc.c
+++ b/rpc/rpc-lib/src/rpcsvc.c
@@ -636,10 +636,8 @@ rpcsvc_handle_rpc_call (rpcsvc_t *svc, rpc_transport_t *trans,
                         gf_log (GF_RPCSVC, GF_LOG_ERROR,
                                 "Request received from non-"
                                 "privileged port. Failing request");
-                        req->rpc_status = MSG_DENIED;
-                        req->rpc_err = AUTH_ERROR;
-                        req->auth_err = RPCSVC_AUTH_REJECT;
-                        goto err_reply;
+                        rpcsvc_request_destroy (req);
+                        return -1;
         }
 
         /* DRC */
diff --git a/rpc/rpc-transport/socket/src/name.c b/rpc/rpc-transport/socket/src/name.c
index 93cb3c461f2..f731bab4b0a 100644
--- a/rpc/rpc-transport/socket/src/name.c
+++ b/rpc/rpc-transport/socket/src/name.c
@@ -23,21 +23,6 @@
 #include "socket.h"
 #include "common-utils.h"
 
-static void
-_assign_port (struct sockaddr *sockaddr, uint16_t port)
-{
-        switch (sockaddr->sa_family) {
-        case AF_INET6:
-                ((struct sockaddr_in6 *)sockaddr)->sin6_port = htons (port);
-                break;
-
-        case AF_INET_SDP:
-        case AF_INET:
-                ((struct sockaddr_in *)sockaddr)->sin_port = htons (port);
-                break;
-        }
-}
-
 static int32_t
 af_inet_bind_to_port_lt_ceiling (int fd, struct sockaddr *sockaddr,
                                  socklen_t sockaddr_len, int ceiling)
@@ -56,7 +41,17 @@ af_inet_bind_to_port_lt_ceiling (int fd, struct sockaddr *sockaddr,
 
         while (port)
         {
-                _assign_port (sockaddr, port);
+                switch (sockaddr->sa_family)
+                {
+                case AF_INET6:
+                        ((struct sockaddr_in6 *)sockaddr)->sin6_port = htons (port);
+                        break;
+
+                case AF_INET_SDP:
+                case AF_INET:
+                        ((struct sockaddr_in *)sockaddr)->sin_port = htons (port);
+                        break;
+                }
                 // ignore the reserved ports
                 if (ports[port] == _gf_true) {
                         port--;
@@ -445,24 +440,12 @@ client_bind (rpc_transport_t *this,
                 if (!this->bind_insecure) {
                         ret = af_inet_bind_to_port_lt_ceiling (sock, sockaddr,
                                                        *sockaddr_len, GF_CLIENT_PORT_CEILING);
-                        if (ret == -1) {
-                                gf_log (this->name, GF_LOG_DEBUG,
-                                        "cannot bind inet socket (%d) to port less than %d (%s)",
-                                        sock, GF_CLIENT_PORT_CEILING, strerror (errno));
-                                ret = 0;
-                        }
-                } else {
-                        /* A port number of zero will let the bind function to
-                         * pick any available local port dynamically
-                         */
-                        _assign_port (sockaddr, 0);
-                        ret = bind (sock, sockaddr, *sockaddr_len);
-                        if (ret == -1) {
-                                gf_log (this->name, GF_LOG_DEBUG,
-                                        "failed while binding to available ports (%s)",
-                                        strerror (errno));
-                                ret = 0;
-                        }
+                }
+                if (ret == -1) {
+                        gf_log (this->name, GF_LOG_DEBUG,
+                                "cannot bind inet socket (%d) to port less than %d (%s)",
+                                sock, GF_CLIENT_PORT_CEILING, strerror (errno));
+                        ret = 0;
                 }
                 break;