diff options
| -rw-r--r-- | xlators/nfs/server/src/mount3.c | 36 | ||||
| -rw-r--r-- | xlators/nfs/server/src/nfs.c | 60 | ||||
| -rw-r--r-- | xlators/nfs/server/src/nfs.h | 1 |
3 files changed, 97 insertions, 0 deletions
diff --git a/xlators/nfs/server/src/mount3.c b/xlators/nfs/server/src/mount3.c index 76b96e71303..ff9037ccf2a 100644 --- a/xlators/nfs/server/src/mount3.c +++ b/xlators/nfs/server/src/mount3.c @@ -1803,6 +1803,24 @@ mnt3svc_init (xlator_t *nfsx) if (ret == -1) goto err; ret = dict_set_str (options, "transport-type", "socket"); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "dict_set_str error"); + goto err; + } + + if (nfs->allow_insecure) { + ret = dict_set_str (options, "rpc-auth-allow-insecure", "on"); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "dict_set_str error"); + goto err; + } + ret = dict_set_str (options, "rpc-auth.ports.insecure", "on"); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "dict_set_str error"); + goto err; + } + } + rpcsvc_create_listeners (nfs->rpcsvc, options, nfsx->name); if (ret == -1) { gf_log (GF_NFS, GF_LOG_ERROR, "Unable to create listeners"); @@ -1869,6 +1887,24 @@ mnt1svc_init (xlator_t *nfsx) if (ret == -1) goto err; ret = dict_set_str (options, "transport-type", "socket"); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "dict_set_str error"); + goto err; + } + + if (nfs->allow_insecure) { + ret = dict_set_str (options, "rpc-auth-allow-insecure", "on"); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "dict_set_str error"); + goto err; + } + ret = dict_set_str (options, "rpc-auth.ports.insecure", "on"); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "dict_set_str error"); + goto err; + } + } + rpcsvc_create_listeners (nfs->rpcsvc, options, nfsx->name); if (ret == -1) { gf_log (GF_NFS, GF_LOG_ERROR, "Unable to create listeners"); diff --git a/xlators/nfs/server/src/nfs.c b/xlators/nfs/server/src/nfs.c index 804fedb8622..1c38237fd24 100644 --- a/xlators/nfs/server/src/nfs.c +++ b/xlators/nfs/server/src/nfs.c @@ -609,6 +609,66 @@ nfs_init_state (xlator_t *this) goto free_foppool; } } + + /* support both options rpc-auth.ports.insecure and + * rpc-auth-allow-insecure for backward compatibility + */ + nfs->allow_insecure = 1; + if (dict_get(this->options, "rpc-auth.ports.insecure")) { + ret = dict_get_str (this->options, "rpc-auth.ports.insecure", + &optstr); + if (ret < 0) { + gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse dict"); + goto free_foppool; + } + + ret = gf_string2boolean (optstr, &boolt); + if (ret < 0) { + gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse bool " + "string"); + goto free_foppool; + } + + if (boolt == _gf_false) + nfs->allow_insecure = 0; + } + + if (dict_get(this->options, "rpc-auth-allow-insecure")) { + ret = dict_get_str (this->options, "rpc-auth-allow-insecure", + &optstr); + if (ret < 0) { + gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse dict"); + goto free_foppool; + } + + ret = gf_string2boolean (optstr, &boolt); + if (ret < 0) { + gf_log (GF_NFS, GF_LOG_ERROR, "Failed to parse bool " + "string"); + goto free_foppool; + } + + if (boolt == _gf_false) + nfs->allow_insecure = 0; + } + + if (nfs->allow_insecure) { + /* blindly set both the options */ + dict_del(this->options, "rpc-auth-allow-insecure"); + ret = dict_set_str (this->options, + "rpc-auth-allow-insecure", "on"); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "dict_set_str error"); + goto free_foppool; + } + dict_del(this->options, "rpc-auth.ports.insecure"); + ret = dict_set_str (this->options, + "rpc-auth.ports.insecure", "on"); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "dict_set_str error"); + goto free_foppool; + } + } this->private = (void *)nfs; INIT_LIST_HEAD (&nfs->versions); diff --git a/xlators/nfs/server/src/nfs.h b/xlators/nfs/server/src/nfs.h index d1ff3ba2800..a174ef13b4a 100644 --- a/xlators/nfs/server/src/nfs.h +++ b/xlators/nfs/server/src/nfs.h @@ -75,6 +75,7 @@ struct nfs_state { int dynamicvolumes; int enable_ino32; unsigned int override_portnum; + int allow_insecure; }; #define gf_nfs_dvm_on(nfsstt) (((struct nfs_state *)nfsstt)->dynamicvolumes == GF_NFS_DVM_ON) |