summaryrefslogtreecommitdiffstats
path: root/xlators/protocol/server/src/server-common.h
diff options
context:
space:
mode:
authorMohammed Rafi KC <rkavunga@redhat.com>2018-04-02 12:20:47 +0530
committerShyamsundar Ranganathan <srangana@redhat.com>2018-04-24 12:52:25 +0000
commit92cc124298c068942ba049c2ccaa95b8c5b5294d (patch)
tree5b74049a686991f2bc42ee1e16c2c0125533065a /xlators/protocol/server/src/server-common.h
parentfa8e792ac3ee4b30768a3b4b1e303d8fb083eb7a (diff)
server/auth: add option for strict authenticationv4.0.2
When this option is enabled, we will check for a matching username and password, if not found then the connection will be rejected. This also does a checksum validation of volfile The option is invalid when SSL/TLS is in use, at which point the SSL/TLS certificate user name is used to validate and hence authorize the right user. This expects TLS allow rules to be setup correctly rather than the default *. This option is not settable, as a result this cannot be enabled for volumes using the CLI. This is used with the shared storage volume, to restrict access to the same in non-SSL/TLS environments to the gluster peers only. Tested: ./tests/bugs/protocol/bug-1321578.t ./tests/features/ssl-authz.t - Ran tests on volumes with and without strict auth checking (as brick vol file needed to be edited to test, or rather to enable the option) - Ran tests on volumes to ensure existing mounts are disconnected when we enable strict checking Change-Id: I2ac4f0cfa5b59cc789cc5a265358389b04556b59 fixes: bz#1570432 Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com> Signed-off-by: ShyamsundarR <srangana@redhat.com>
Diffstat (limited to 'xlators/protocol/server/src/server-common.h')
0 files changed, 0 insertions, 0 deletions