From 30e4d0db013ece366c5036b1d82c0150f082128a Mon Sep 17 00:00:00 2001
From: Mohammed Rafi KC <rkavunga@redhat.com>
Date: Thu, 21 Jan 2016 12:41:55 +0530
Subject: protocol/server: Race between server_reconfigure and server_setvolume

During server_reconfigure we authenticate each connected clients
against the current options. To do this authentication we store
previous values in a dictionary during the connection establishment
phase (server_setvolume). If the authentication fails during
reconfigure then we will disconnect the transport.

Here it introduce a race between server_setvolume and reconfugure.
If a reconfigure called before doing a setvolume, the transport
will be disconnected

Backport of>
>Change-Id: Icce2c28a171481327a06efd3901f8a5ee67b05ab
>BUG: 1300564
>Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
>Reviewed-on: http://review.gluster.org/13271
>Smoke: Gluster Build System <jenkins@build.gluster.com>
>Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
>CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
>Reviewed-by: Raghavendra Talur <rtalur@redhat.com>
>NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>

(cherry picked from commit 16f6579cb3e1214b1386fb530b8e16c8cbfdef33)

Change-Id: I8ab7ad4bd5d2d70bcdae7bcbc233930bcfbeb411
BUG: 1300978
Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
Reviewed-on: http://review.gluster.org/13280
Smoke: Gluster Build System <jenkins@build.gluster.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
---
 xlators/protocol/server/src/server.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'xlators/protocol')

diff --git a/xlators/protocol/server/src/server.c b/xlators/protocol/server/src/server.c
index 41832322851..81e99801112 100644
--- a/xlators/protocol/server/src/server.c
+++ b/xlators/protocol/server/src/server.c
@@ -837,6 +837,18 @@ reconfigure (xlator_t *this, dict_t *options)
                 {
                         list_for_each_entry (xprt, &conf->xprt_list, list) {
                                 /* check for client authorization */
+                                if (!xprt->clnt_options) {
+                                        /* If clnt_options dictionary is null,
+                                         * which means for this transport
+                                         * server_setvolume was not called.
+                                         *
+                                         * So here we can skip authentication
+                                         * because server_setvolume will do
+                                         * gf_authenticate.
+                                         *
+                                         */
+                                        continue;
+                                }
                                 ret = gf_authenticate (xprt->clnt_options,
                                                 options, conf->auth_modules);
                                 if (ret == AUTH_ACCEPT) {
-- 
cgit