rpc: Provide an option to allow insecure ports

Signed-off-by: Pranith Kumar K <pranithk@gluster.com> Signed-off-by: Vijay Bellur <vijay@dev.gluster.com> BUG: 2582 (allow option to accept messages from insecure ports) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2582
author: Pranith K <pranithk@gluster.com> 2011-03-25 21:42:49 +0000
committer: Vijay Bellur <vijay@dev.gluster.com> 2011-03-26 08:38:55 -0700
commit: 3f37921807fc84af6d9529ae18aa8575e2458fc5 (patch)
tree: 2bf6290295f110bc66bcb3900fac0350b938e589 /rpc
parent: a9a6d95ecb86f45b197bc36d8e6a504d65367c3a (diff)
3 files changed, 30 insertions, 1 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c
index 0dac37b82..567a78a43 100644
--- a/rpc/rpc-lib/src/rpcsvc-auth.c
+++ b/rpc/rpc-lib/src/rpcsvc-auth.c
@@ -175,6 +175,32 @@ err:
 }
 
 int
+rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options)
+{
+        int             ret = -1;
+        char            *allow_insecure_str = NULL;
+        gf_boolean_t    is_allow_insecure = _gf_false;
+
+        GF_ASSERT (svc);
+        GF_ASSERT (options);
+
+        ret = dict_get_str (options, "rpc-auth-allow-insecure",
+                            &allow_insecure_str);
+        if (0 == ret) {
+                ret = gf_string2boolean (allow_insecure_str,
+                                         &is_allow_insecure);
+                if (0 == ret) {
+                        if (_gf_true == is_allow_insecure)
+                                svc->allow_insecure = 1;
+                        else
+                                svc->allow_insecure = 0;
+                }
+        }
+
+        return 0;
+}
+
+int
 rpcsvc_auth_init (rpcsvc_t *svc, dict_t *options)
 {
         int             ret = -1;
@@ -182,6 +208,7 @@ rpcsvc_auth_init (rpcsvc_t *svc, dict_t *options)
         if ((!svc) || (!options))
                 return -1;
 
+        (void) rpcsvc_set_allow_insecure (svc, options);
         ret = rpcsvc_auth_add_initers (svc);
         if (ret == -1) {
                 gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add initers");
diff --git a/rpc/rpc-lib/src/rpcsvc.c b/rpc/rpc-lib/src/rpcsvc.c
index 9d0d3d7a1..159edba53 100644
--- a/rpc/rpc-lib/src/rpcsvc.c
+++ b/rpc/rpc-lib/src/rpcsvc.c
@@ -442,7 +442,7 @@ rpcsvc_handle_rpc_call (rpcsvc_t *svc, rpc_transport_t *trans,
 
                 gf_log ("rpcsvc", GF_LOG_TRACE, "Client port: %d", (int)port);
 
-                if (port > 1024) {  //Non-privilaged user, fail request
+                if ((port > 1024) && (0 == svc->allow_insecure)) {  //Non-privileged user, fail request
                         gf_log ("glusterd", GF_LOG_ERROR, "Request received from non-"
                                 "privileged port. Failing request");
                         return -1;
diff --git a/rpc/rpc-lib/src/rpcsvc.h b/rpc/rpc-lib/src/rpcsvc.h
index 3d5abc2d4..17da800fa 100644
--- a/rpc/rpc-lib/src/rpcsvc.h
+++ b/rpc/rpc-lib/src/rpcsvc.h
@@ -540,4 +540,6 @@ int rpcsvc_callback_submit (rpcsvc_t *rpc, rpc_transport_t *trans,
 
 int
 rpcsvc_transport_unix_options_build (dict_t **options, char *filepath);
+int
+rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options);
 #endif
author	Pranith K <pranithk@gluster.com>	2011-03-25 21:42:49 +0000
committer	Vijay Bellur <vijay@dev.gluster.com>	2011-03-26 08:38:55 -0700
commit	3f37921807fc84af6d9529ae18aa8575e2458fc5 (patch)
tree	2bf6290295f110bc66bcb3900fac0350b938e589 /rpc
parent	a9a6d95ecb86f45b197bc36d8e6a504d65367c3a (diff)