diff options
author | Kaushal M <kaushal@redhat.com> | 2012-04-09 12:17:16 +0530 |
---|---|---|
committer | Vijay Bellur <vijay@gluster.com> | 2012-04-13 00:55:51 -0700 |
commit | 28f373d89fba7266473c952d9c2bf6ec5f02628c (patch) | |
tree | 9ae99010e5c2d2add91f4d510d0f2a321d9cee04 /xlators/nfs/server/src | |
parent | b19a7fee17ddedfc6692deb5a8dc8df927a2cf7b (diff) |
xlator/server,xlator/nfs : Fix authentication for address lists
Fixes authentication problems when address lists are given for
auth.{allow,reject} and nfs.rpc-auth-{allow,reject}.
Change-Id: I9959ebfa6820aef52c883372e1085660560e1e73
BUG: 810179
Signed-off-by: Kaushal M <kaushal@redhat.com>
Reviewed-on: http://review.gluster.com/3104
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
Diffstat (limited to 'xlators/nfs/server/src')
-rw-r--r-- | xlators/nfs/server/src/mount3.c | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/xlators/nfs/server/src/mount3.c b/xlators/nfs/server/src/mount3.c index cebdf527065..2e482771d38 100644 --- a/xlators/nfs/server/src/mount3.c +++ b/xlators/nfs/server/src/mount3.c @@ -754,24 +754,37 @@ mnt3_check_client_net (struct mount3_state *ms, rpcsvc_request_t *req, xlator_t *targetxl) { - rpcsvc_t *svc = NULL; - int ret = -1; + rpcsvc_t *svc = NULL; + rpc_transport_t *trans = NULL; + struct sockaddr_storage sastorage = {0,}; + char peer[RPCSVC_PEER_STRLEN] = {0,}; + int ret = -1; if ((!ms) || (!req) || (!targetxl)) return -1; svc = rpcsvc_request_service (req); + + trans = rpcsvc_request_transport (req); + ret = rpcsvc_transport_peeraddr (trans, peer, RPCSVC_PEER_STRLEN, + &sastorage, sizeof (sastorage)); + if (ret != 0) { + gf_log (GF_MNT, GF_LOG_WARNING, "Failed to get peer addr: %s", + gai_strerror (ret)); + } + ret = rpcsvc_transport_peer_check (svc->options, targetxl->name, - rpcsvc_request_transport (req)); + trans); if (ret == RPCSVC_AUTH_REJECT) { - gf_log (GF_MNT, GF_LOG_TRACE, "Peer not allowed"); + gf_log (GF_MNT, GF_LOG_INFO, "Peer %s not allowed", peer); goto err; } ret = rpcsvc_transport_privport_check (svc, targetxl->name, rpcsvc_request_transport (req)); if (ret == RPCSVC_AUTH_REJECT) { - gf_log (GF_MNT, GF_LOG_TRACE, "Unprivileged port not allowed"); + gf_log (GF_MNT, GF_LOG_INFO, "Peer %s rejected. Unprivileged " + "port not allowed", peer); goto err; } |