summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKaushal M <kaushal@redhat.com>2016-05-05 14:19:55 +0530
committerNiels de Vos <ndevos@redhat.com>2016-09-28 07:55:34 -0700
commit7ade01fc75e35eede7071acb4381f5580102e6c2 (patch)
treec8924057716a660f791927c131d9cc53b1a9da76
parenta0e38b6e0ab67941d9405d4a12d63096bdb1b7a4 (diff)
glusterfsd: explicitly turn on encryption for volfile fetch
Problem: In case of encrypted transport RPC clients not able to reconnect.due to this daemon(glustershd etc) not able to fetch volfile and not started. Solution: After turn on encryption explictly to fetch volfile issue is resolved. > Change-Id: I58e1fe7f5edf0abb5732432291ff677e81429b79 > BUG: 1333317 > Signed-off-by: Kaushal M <kaushal@redhat.com> > Reviewed-on: http://review.gluster.org/14253 > Smoke: Gluster Build System <jenkins@build.gluster.com> > NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> > CentOS-regression: Gluster Build System <jenkins@build.gluster.com> > Reviewed-by: Jeff Darcy <jdarcy@redhat.com> > (cherry picked from commit 60d235515e582319474ba7231aad490d19240642) Change-Id: I15193837dc692b0cd7df942843bcf27a1c47e695 BUG: 1379216 Signed-off-by: Mohit Agrawal <moagrawa@redhat.com> Reviewed-on: http://review.gluster.org/15567 CentOS-regression: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Niels de Vos <ndevos@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.org>
-rw-r--r--glusterfsd/src/glusterfsd-mgmt.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/glusterfsd/src/glusterfsd-mgmt.c b/glusterfsd/src/glusterfsd-mgmt.c
index 61309f9fc08..d8b3ee7d9b3 100644
--- a/glusterfsd/src/glusterfsd-mgmt.c
+++ b/glusterfsd/src/glusterfsd-mgmt.c
@@ -2134,6 +2134,19 @@ glusterfs_mgmt_init (glusterfs_ctx_t *ctx)
if (ret)
goto out;
+ /* Explicitly turn on encrypted transport. */
+ if (ctx->secure_mgmt) {
+ ret = dict_set_dynstr_with_alloc
+ (options, "transport.socket.ssl-enabled", "yes");
+ if (ret) {
+ gf_log (THIS->name, GF_LOG_ERROR,
+ "failed to set 'transport.socket.ssl-enabled' "
+ "in options dict");
+ goto out;
+
+ }
+ }
+
rpc = rpc_clnt_new (options, THIS, THIS->name, 8);
if (!rpc) {
ret = -1;