diff options
author | Kaushal M <kaushal@gluster.com> | 2011-09-12 15:14:26 +0530 |
---|---|---|
committer | Vijay Bellur <vijay@gluster.com> | 2012-02-03 07:41:51 -0800 |
commit | 08041c321229bdfb2cbe1b638fb4fabb0b9da013 (patch) | |
tree | 7aa13f5afc4d712b82a80857fa0502d5e6534acd | |
parent | 3ec7680a70bcace6b195ae412362b7e1b072eaeb (diff) |
protocol/client : prevent client from reconnecting when server
authentication fails
This prevents the client from trying to reconnect on server
authentication failure. Reconnecting on authentcation failure causes hung
mounts on unauthorised clients. This patch fixes this problem.
Also, mount.glusterfs script unmounts mount-point on mount failure to
prevent hung mounts.
Change-Id: I5615074d27948077bad491a38cecae1b7f5159fb
BUG: 765240
Signed-off-by: Kaushal M <kaushal@redhat.com>
Reviewed-on: http://review.gluster.com/398
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amar@gluster.com>
-rw-r--r-- | libglusterfs/src/defaults.c | 3 | ||||
-rw-r--r-- | libglusterfs/src/globals.c | 1 | ||||
-rw-r--r-- | libglusterfs/src/glusterfs.h | 1 | ||||
-rw-r--r-- | xlators/mount/fuse/src/fuse-bridge.c | 14 | ||||
-rwxr-xr-x | xlators/mount/fuse/utils/mount.glusterfs.in | 1 | ||||
-rw-r--r-- | xlators/protocol/client/src/client-handshake.c | 24 |
6 files changed, 40 insertions, 4 deletions
diff --git a/libglusterfs/src/defaults.c b/libglusterfs/src/defaults.c index df208c880..be2c9c55f 100644 --- a/libglusterfs/src/defaults.c +++ b/libglusterfs/src/defaults.c @@ -1248,9 +1248,10 @@ default_notify (xlator_t *this, int32_t event, void *data, ...) case GF_EVENT_CHILD_MODIFIED: case GF_EVENT_CHILD_DOWN: case GF_EVENT_CHILD_UP: + case GF_EVENT_AUTH_FAILED: { xlator_list_t *parent = this->parents; - /* Handle case of CHILD_* event specially, send it to fuse */ + /* Handle case of CHILD_* & AUTH_FAILED event specially, send it to fuse */ if (!parent && this->ctx && this->ctx->master) xlator_notify (this->ctx->master, event, this->graph, NULL); diff --git a/libglusterfs/src/globals.c b/libglusterfs/src/globals.c index 8b641123f..9355a3a46 100644 --- a/libglusterfs/src/globals.c +++ b/libglusterfs/src/globals.c @@ -396,6 +396,7 @@ char eventstring[GF_EVENT_MAXVAL+1][64] = { "New Volfile", "Translator Info", "Trigger Volume Heal", + "Authentication Failed", "Invalid event", }; diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h index 0642973cb..680f0de98 100644 --- a/libglusterfs/src/glusterfs.h +++ b/libglusterfs/src/glusterfs.h @@ -379,6 +379,7 @@ typedef enum { GF_EVENT_GRAPH_NEW, GF_EVENT_TRANSLATOR_INFO, GF_EVENT_TRIGGER_HEAL, + GF_EVENT_AUTH_FAILED, GF_EVENT_MAXVAL, } glusterfs_event_t; diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c index 7ced17831..72bb1b157 100644 --- a/xlators/mount/fuse/src/fuse-bridge.c +++ b/xlators/mount/fuse/src/fuse-bridge.c @@ -22,6 +22,8 @@ static int gf_fuse_conn_err_log; static int gf_fuse_xattr_enotsup_log; +void fini (xlator_t *this_xl); + fuse_fd_ctx_t * __fuse_fd_ctx_check_n_create (fd_t *fd, xlator_t *this) { @@ -3885,6 +3887,14 @@ notify (xlator_t *this, int32_t event, void *data, ...) break; } + case GF_EVENT_AUTH_FAILED: + { + /* Authentication failure is an error and glusterfs should stop */ + gf_log (this->name, GF_LOG_ERROR, "Server authenication failed. Shutting down."); + fini (this); + break; + } + default: break; } @@ -4249,6 +4259,10 @@ fini (xlator_t *this_xl) gf_fuse_unmount (mount_point, priv->fd); close (priv->fuse_dump_fd); } + /* Process should terminate once fuse xlator is finished. + * Required for AUTH_FAILED event. + */ + raise (SIGTERM); } struct xlator_fops fops = { diff --git a/xlators/mount/fuse/utils/mount.glusterfs.in b/xlators/mount/fuse/utils/mount.glusterfs.in index daf8ba92b..40bf48150 100755 --- a/xlators/mount/fuse/utils/mount.glusterfs.in +++ b/xlators/mount/fuse/utils/mount.glusterfs.in @@ -162,6 +162,7 @@ start_glusterfs () if [ $err -eq "1" ]; then echo "Mount failed. Please check the log file for more details." + umount $mount_point > /dev/null 2>&1; exit 1; fi } diff --git a/xlators/protocol/client/src/client-handshake.c b/xlators/protocol/client/src/client-handshake.c index 85e10cb0b..be114f740 100644 --- a/xlators/protocol/client/src/client-handshake.c +++ b/xlators/protocol/client/src/client-handshake.c @@ -814,7 +814,8 @@ client_setvolume_cbk (struct rpc_req *req, struct iovec *iov, int count, void *m gf_setvolume_rsp rsp = {0,}; int ret = 0; int32_t op_ret = 0; - int32_t op_errno = 0; + int32_t op_errno = 0; + gf_boolean_t auth_fail = _gf_false; frame = myframe; this = frame->this; @@ -872,6 +873,12 @@ client_setvolume_cbk (struct rpc_req *req, struct iovec *iov, int count, void *m "SETVOLUME on remote-host failed: %s", remote_error ? remote_error : strerror (op_errno)); errno = op_errno; + if (remote_error && + (strncmp ("Authentication failed",remote_error, + sizeof (remote_error)) == 0)) { + auth_fail = _gf_true; + op_ret = 0; + } if (op_errno == ESTALE) { ret = default_notify (this, GF_EVENT_VOLFILE_MODIFIED, NULL); if (ret) @@ -929,7 +936,17 @@ client_setvolume_cbk (struct rpc_req *req, struct iovec *iov, int count, void *m client_post_handshake (frame, frame->this); out: - + if (auth_fail) { + gf_log (this->name, GF_LOG_INFO, "sending AUTH_FAILED event"); + ret = default_notify (this, GF_EVENT_AUTH_FAILED, NULL); + if (ret) + gf_log (this->name, GF_LOG_INFO, + "notify of AUTH_FAILED failed"); + conf->connecting = 0; + conf->connected = 0; + conf->last_sent_event = GF_EVENT_AUTH_FAILED; + ret = -1; + } if (-1 == op_ret) { /* Let the connection/re-connection happen in * background, for now, don't hang here, @@ -942,6 +959,7 @@ out: "notify of CHILD_CONNECTING failed"); conf->last_sent_event = GF_EVENT_CHILD_CONNECTING; conf->connecting= 1; + ret = 0; } if (rsp.dict.dict_val) @@ -952,7 +970,7 @@ out: if (reply) dict_unref (reply); - return 0; + return ret; } int |