From 351ec36e3146b7605334cb658927b447b1dbc796 Mon Sep 17 00:00:00 2001
From: Ashish Pandey <aspandey@redhat.com>
Date: Wed, 23 Mar 2016 11:26:49 +0530
Subject: glfs/heal: Use encrypted connection in shd

When management encryption is enabled, GlusterD
only allows encrypted connections for port 24007.
SHD is trying to fetch it's volfile using an
unencrypted connection.

If /var/lib/glusterd/secure-access is present , i.e.
if management ssl is enabled, use encrypted connection
fecth info from glusterd.

Change-Id: Ia41dcde1a69375379409889ec5b3a70cb95a4fd0
BUG: 1320388
Signed-off-by: Ashish Pandey <aspandey@redhat.com>
Reviewed-on: http://review.gluster.org/13815
Smoke: Gluster Build System <jenkins@build.gluster.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
---
 heal/src/glfs-heal.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/heal/src/glfs-heal.c b/heal/src/glfs-heal.c
index c6c1161b05b..076b631e636 100644
--- a/heal/src/glfs-heal.c
+++ b/heal/src/glfs-heal.c
@@ -15,6 +15,7 @@
 #include "glfs-handles.h"
 #include "glfs-internal.h"
 #include "protocol-common.h"
+#include "syscall.h"
 #include "syncop.h"
 #include "syncop-utils.h"
 #include <string.h>
@@ -911,6 +912,10 @@ main (int argc, char **argv)
                 goto out;
         }
 
+        if (sys_access(SECURE_ACCESS_FILE, F_OK) == 0) {
+                fs->ctx->secure_mgmt = 1;
+        }
+
         ret = glfs_set_volfile_server (fs, "unix", DEFAULT_GLUSTERD_SOCKFILE, 0);
         if (ret) {
                 printf("Setting the volfile server failed, %s\n", strerror (errno));
-- 
cgit