diff options
Diffstat (limited to 'xlators/protocol/server/src')
| -rw-r--r-- | xlators/protocol/server/src/authenticate.h | 4 | ||||
| -rw-r--r-- | xlators/protocol/server/src/server-handshake.c | 2 | ||||
| -rw-r--r-- | xlators/protocol/server/src/server.c | 18 | ||||
| -rw-r--r-- | xlators/protocol/server/src/server.h | 2 |
4 files changed, 22 insertions, 4 deletions
diff --git a/xlators/protocol/server/src/authenticate.h b/xlators/protocol/server/src/authenticate.h index 3f80231ee0a..5f92183fb12 100644 --- a/xlators/protocol/server/src/authenticate.h +++ b/xlators/protocol/server/src/authenticate.h @@ -37,10 +37,8 @@ typedef struct { volume_opt_list_t *vol_opt; } auth_handle_t; -auth_result_t gf_authenticate (dict_t *input_params, - dict_t *config_params, - dict_t *auth_modules); int32_t gf_auth_init (xlator_t *xl, dict_t *auth_modules); void gf_auth_fini (dict_t *auth_modules); +auth_result_t gf_authenticate (dict_t *, dict_t *, dict_t *); #endif /* _AUTHENTICATE_H */ diff --git a/xlators/protocol/server/src/server-handshake.c b/xlators/protocol/server/src/server-handshake.c index 64267f2aef9..30b4fc46844 100644 --- a/xlators/protocol/server/src/server-handshake.c +++ b/xlators/protocol/server/src/server-handshake.c @@ -626,7 +626,7 @@ server_setvolume (rpcsvc_request_t *req) ret = dict_get_str (params, "volfile-key", &volfile_key); if (ret) - gf_msg_debug (this->name, 0, "failed to set " + gf_msg_debug (this->name, 0, "failed to get " "'volfile-key'"); ret = _validate_volfile_checksum (this, volfile_key, diff --git a/xlators/protocol/server/src/server.c b/xlators/protocol/server/src/server.c index 4739c4560a6..a478ebd666d 100644 --- a/xlators/protocol/server/src/server.c +++ b/xlators/protocol/server/src/server.c @@ -888,6 +888,10 @@ do_rpc: goto out; } + GF_OPTION_RECONF ("strict-auth-accept", conf->strict_auth_enabled, + options, bool, out); + + GF_OPTION_RECONF ("dynamic-auth", conf->dync_auth, options, bool, out); @@ -1118,6 +1122,14 @@ init (xlator_t *this) "Failed to initialize group cache."); goto out; } + + ret = dict_get_str_boolean (this->options, "strict-auth-accept", + _gf_false); + if (ret == -1) + conf->strict_auth_enabled = _gf_false; + else + conf->strict_auth_enabled = ret; + ret = dict_get_str_boolean (this->options, "dynamic-auth", _gf_true); if (ret == -1) @@ -1672,5 +1684,11 @@ struct volume_options options[] = { "transport connection immediately in response to " "*.allow | *.reject volume set options." }, + { .key = {"strict-auth-accept"}, + .type = GF_OPTION_TYPE_BOOL, + .default_value = "off", + .description = "strict-auth-accept reject connection with out" + "a valid username and password." + }, { .key = {NULL} }, }; diff --git a/xlators/protocol/server/src/server.h b/xlators/protocol/server/src/server.h index 0b37eb1414a..7eea2917ae3 100644 --- a/xlators/protocol/server/src/server.h +++ b/xlators/protocol/server/src/server.h @@ -24,6 +24,7 @@ #include "client_t.h" #include "gidcache.h" #include "defaults.h" +#include "authenticate.h" #define DEFAULT_BLOCK_SIZE 4194304 /* 4MB */ #define DEFAULT_VOLUME_FILE_PATH CONFDIR "/glusterfs.vol" @@ -105,6 +106,7 @@ struct server_conf { * false, when child is down */ gf_lock_t itable_lock; + gf_boolean_t strict_auth_enabled; }; typedef struct server_conf server_conf_t; |