summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--tests/bugs/protocol/bug-1433815-auth-allow.t1
-rw-r--r--xlators/protocol/client/src/client-handshake.c3
-rw-r--r--xlators/protocol/server/src/server-handshake.c41
3 files changed, 29 insertions, 16 deletions
diff --git a/tests/bugs/protocol/bug-1433815-auth-allow.t b/tests/bugs/protocol/bug-1433815-auth-allow.t
index fa22ad8..a78c0eb 100644
--- a/tests/bugs/protocol/bug-1433815-auth-allow.t
+++ b/tests/bugs/protocol/bug-1433815-auth-allow.t
@@ -17,6 +17,7 @@ TEST $CLI volume create $V0 $H0:$B0/$V0
# Set auth.allow so it *doesn't* include ourselves.
TEST $CLI volume set $V0 auth.allow 1.2.3.4
TEST $CLI volume start $V0
+EXPECT_WITHIN $CHILD_UP_TIMEOUT "1" online_brick_count
# "System getspec" will include the username and password if the request comes
# from a server (which we are). Unfortunately, this will cause authentication
diff --git a/xlators/protocol/client/src/client-handshake.c b/xlators/protocol/client/src/client-handshake.c
index 29cfaf9..f0c5bc8 100644
--- a/xlators/protocol/client/src/client-handshake.c
+++ b/xlators/protocol/client/src/client-handshake.c
@@ -782,8 +782,7 @@ client_setvolume_cbk(struct rpc_req *req, struct iovec *iov, int count,
"SETVOLUME on remote-host failed: %s", remote_error);
errno = op_errno;
- if (remote_error &&
- (strcmp("Authentication failed", remote_error) == 0)) {
+ if (remote_error && (op_errno == EACCES)) {
auth_fail = _gf_true;
op_ret = 0;
}
diff --git a/xlators/protocol/server/src/server-handshake.c b/xlators/protocol/server/src/server-handshake.c
index 6e584a7..85c87c1 100644
--- a/xlators/protocol/server/src/server-handshake.c
+++ b/xlators/protocol/server/src/server-handshake.c
@@ -249,6 +249,7 @@ server_setvolume(rpcsvc_request_t *req)
char *subdir_mount = NULL;
char *client_name = NULL;
gf_boolean_t cleanup_starting = _gf_false;
+ gf_boolean_t xlator_in_graph = _gf_true;
params = dict_new();
reply = dict_new();
@@ -300,8 +301,10 @@ server_setvolume(rpcsvc_request_t *req)
LOCK(&ctx->volfile_lock);
{
xl = get_xlator_by_name(this, name);
- if (!xl)
+ if (!xl) {
+ xlator_in_graph = _gf_false;
xl = this;
+ }
}
UNLOCK(&ctx->volfile_lock);
if (xl == NULL) {
@@ -576,20 +579,30 @@ server_setvolume(rpcsvc_request_t *req)
"failed to set error "
"msg");
} else {
- gf_event(EVENT_CLIENT_AUTH_REJECT,
- "client_uid=%s;"
- "client_identifier=%s;server_identifier=%s;"
- "brick_path=%s",
- client->client_uid, req->trans->peerinfo.identifier,
- req->trans->myinfo.identifier, name);
- gf_msg(this->name, GF_LOG_ERROR, EACCES, PS_MSG_AUTHENTICATE_ERROR,
- "Cannot authenticate client"
- " from %s %s",
- client->client_uid, (clnt_version) ? clnt_version : "old");
-
op_ret = -1;
- op_errno = EACCES;
- ret = dict_set_str(reply, "ERROR", "Authentication failed");
+ if (!xlator_in_graph) {
+ gf_msg(this->name, GF_LOG_ERROR, ENOENT, PS_MSG_AUTHENTICATE_ERROR,
+ "Cannot authenticate client"
+ " from %s %s because brick is not attached in graph",
+ client->client_uid, (clnt_version) ? clnt_version : "old");
+
+ op_errno = ENOENT;
+ ret = dict_set_str(reply, "ERROR", "Brick not found");
+ } else {
+ gf_event(EVENT_CLIENT_AUTH_REJECT,
+ "client_uid=%s;"
+ "client_identifier=%s;server_identifier=%s;"
+ "brick_path=%s",
+ client->client_uid, req->trans->peerinfo.identifier,
+ req->trans->myinfo.identifier, name);
+ gf_msg(this->name, GF_LOG_ERROR, EACCES, PS_MSG_AUTHENTICATE_ERROR,
+ "Cannot authenticate client"
+ " from %s %s",
+ client->client_uid, (clnt_version) ? clnt_version : "old");
+
+ op_errno = EACCES;
+ ret = dict_set_str(reply, "ERROR", "Authentication failed");
+ }
if (ret < 0)
gf_msg_debug(this->name, 0,
"failed to set error "