From fe65668466895d33a589a4a51c45cc52fcaf14bd Mon Sep 17 00:00:00 2001
From: Rajesh Joseph <rjoseph@redhat.com>
Date: Tue, 29 Nov 2016 21:57:37 +0530
Subject: uss: snapd should enable SSL if SSL is enabled on volume

During snapd graph generation we should check if SSL is
enabled on main volume or not. This is because clients
will communicate with snapd as if it is communicating to
a brick.

> Reviewed-on: http://review.gluster.org/15979
> Smoke: Gluster Build System <jenkins@build.gluster.org>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
> Reviewed-by: Kaushal M <kaushal@redhat.com>
(cherry picked from commit 182f0d12040dab5081ca645a3f370f65cd68b528)


Change-Id: I0d7fe86c567b297a8528a48faf06161d4c3cb415
Signed-off-by: Rajesh Joseph <rjoseph@redhat.com>
BUG: 1400460
Reviewed-on: http://review.gluster.org/15987
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Avra Sengupta <asengupt@redhat.com>
Reviewed-by: Kaushal M <kaushal@redhat.com>
---
 xlators/mgmt/glusterd/src/glusterd-volgen.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'xlators')

diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c
index 52331dac302..759314f5a70 100644
--- a/xlators/mgmt/glusterd/src/glusterd-volgen.c
+++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c
@@ -5645,6 +5645,8 @@ glusterd_snapdsvc_generate_volfile (volgen_graph_t *graph,
         char           *xlator          = NULL;
         char           *value           = NULL;
         char           auth_path[]      = "auth-path";
+        char           *ssl_str         = NULL;
+        gf_boolean_t   ssl_bool         = _gf_false;
 
         set_dict = dict_copy (volinfo->dict, NULL);
         if (!set_dict)
@@ -5689,6 +5691,19 @@ glusterd_snapdsvc_generate_volfile (volgen_graph_t *graph,
         if (ret)
                 return -1;
 
+        if (dict_get_str (set_dict, "server.ssl", &ssl_str) == 0) {
+                if (gf_string2boolean (ssl_str, &ssl_bool) == 0) {
+                        if (ssl_bool) {
+                                ret = xlator_set_option(xl,
+                                        "transport.socket.ssl-enabled",
+                                        "true");
+                                if (ret) {
+                                        return -1;
+                                }
+                        }
+                }
+        }
+
         RPC_SET_OPT(xl, SSL_OWN_CERT_OPT,   "ssl-own-cert",         return -1);
         RPC_SET_OPT(xl, SSL_PRIVATE_KEY_OPT,"ssl-private-key",      return -1);
         RPC_SET_OPT(xl, SSL_CA_LIST_OPT,    "ssl-ca-list",          return -1);
-- 
cgit