diff options
| author | Kaushal M <kaushal@redhat.com> | 2016-05-05 14:19:55 +0530 |
|---|---|---|
| committer | Niels de Vos <ndevos@redhat.com> | 2016-09-28 07:55:34 -0700 |
| commit | 7ade01fc75e35eede7071acb4381f5580102e6c2 (patch) | |
| tree | c8924057716a660f791927c131d9cc53b1a9da76 /glusterfsd | |
| parent | a0e38b6e0ab67941d9405d4a12d63096bdb1b7a4 (diff) | |
glusterfsd: explicitly turn on encryption for volfile fetch
Problem: In case of encrypted transport RPC clients not able to
reconnect.due to this daemon(glustershd etc) not able to
fetch volfile and not started.
Solution: After turn on encryption explictly to fetch volfile
issue is resolved.
> Change-Id: I58e1fe7f5edf0abb5732432291ff677e81429b79
> BUG: 1333317
> Signed-off-by: Kaushal M <kaushal@redhat.com>
> Reviewed-on: http://review.gluster.org/14253
> Smoke: Gluster Build System <jenkins@build.gluster.com>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
> (cherry picked from commit 60d235515e582319474ba7231aad490d19240642)
Change-Id: I15193837dc692b0cd7df942843bcf27a1c47e695
BUG: 1379216
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Reviewed-on: http://review.gluster.org/15567
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Smoke: Gluster Build System <jenkins@build.gluster.org>
Diffstat (limited to 'glusterfsd')
| -rw-r--r-- | glusterfsd/src/glusterfsd-mgmt.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/glusterfsd/src/glusterfsd-mgmt.c b/glusterfsd/src/glusterfsd-mgmt.c index 61309f9fc08..d8b3ee7d9b3 100644 --- a/glusterfsd/src/glusterfsd-mgmt.c +++ b/glusterfsd/src/glusterfsd-mgmt.c @@ -2134,6 +2134,19 @@ glusterfs_mgmt_init (glusterfs_ctx_t *ctx) if (ret) goto out; + /* Explicitly turn on encrypted transport. */ + if (ctx->secure_mgmt) { + ret = dict_set_dynstr_with_alloc + (options, "transport.socket.ssl-enabled", "yes"); + if (ret) { + gf_log (THIS->name, GF_LOG_ERROR, + "failed to set 'transport.socket.ssl-enabled' " + "in options dict"); + goto out; + + } + } + rpc = rpc_clnt_new (options, THIS, THIS->name, 8); if (!rpc) { ret = -1; |