diff options
author | Rajesh Joseph <rjoseph@redhat.com> | 2016-11-29 21:57:37 +0530 |
---|---|---|
committer | Kaushal M <kaushal@redhat.com> | 2016-12-01 01:27:07 -0800 |
commit | 182f0d12040dab5081ca645a3f370f65cd68b528 (patch) | |
tree | a207f9ab961d079ab2f8bd1bbafd1dec66379172 /xlators/mgmt/glusterd/src | |
parent | 5b809fa434368b7395b180c41b46bce1a38e0cf9 (diff) |
uss: snapd should enable SSL if SSL is enabled on volume
During snapd graph generation we should check if SSL is
enabled on main volume or not. This is because clients
will communicate with snapd as if it is communicating to
a brick.
Change-Id: I0d7fe86c567b297a8528a48faf06161d4c3cb415
Signed-off-by: Rajesh Joseph <rjoseph@redhat.com>
BUG: 1400013
Reviewed-on: http://review.gluster.org/15979
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Kaushal M <kaushal@redhat.com>
Diffstat (limited to 'xlators/mgmt/glusterd/src')
-rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-volgen.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c index 4625297e61d..a270f136c92 100644 --- a/xlators/mgmt/glusterd/src/glusterd-volgen.c +++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c @@ -5619,6 +5619,8 @@ glusterd_snapdsvc_generate_volfile (volgen_graph_t *graph, char *loglevel = NULL; char *xlator = NULL; char auth_path[] = "auth-path"; + char *ssl_str = NULL; + gf_boolean_t ssl_bool = _gf_false; set_dict = dict_copy (volinfo->dict, NULL); if (!set_dict) @@ -5663,6 +5665,19 @@ glusterd_snapdsvc_generate_volfile (volgen_graph_t *graph, if (ret) return -1; + if (dict_get_str (set_dict, "server.ssl", &ssl_str) == 0) { + if (gf_string2boolean (ssl_str, &ssl_bool) == 0) { + if (ssl_bool) { + ret = xlator_set_option(xl, + "transport.socket.ssl-enabled", + "true"); + if (ret) { + return -1; + } + } + } + } + RPC_SET_OPT(xl, SSL_OWN_CERT_OPT, "ssl-own-cert", return -1); RPC_SET_OPT(xl, SSL_PRIVATE_KEY_OPT,"ssl-private-key", return -1); RPC_SET_OPT(xl, SSL_CA_LIST_OPT, "ssl-ca-list", return -1); |