diff options
Diffstat (limited to 'libglusterfs/src/glusterfs.h')
-rw-r--r-- | libglusterfs/src/glusterfs.h | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h index 4867da42aff..3b0cc4b4eaa 100644 --- a/libglusterfs/src/glusterfs.h +++ b/libglusterfs/src/glusterfs.h @@ -414,6 +414,9 @@ struct _cmd_args { int brick_port; char *brick_name; int brick_port2; + + /* Should management connections use SSL? */ + int secure_mgmt; }; typedef struct _cmd_args cmd_args_t; @@ -435,6 +438,13 @@ typedef struct _glusterfs_graph glusterfs_graph_t; typedef int32_t (*glusterfsd_mgmt_event_notify_fn_t) (int32_t event, void *data, ...); + +typedef enum { + MGMT_SSL_NEVER = 0, + MGMT_SSL_COPY_IO, + MGMT_SSL_ALWAYS +} mgmt_ssl_t; + struct _glusterfs_ctx { cmd_args_t cmd_args; char *process_uuid; @@ -483,6 +493,26 @@ struct _glusterfs_ctx { int daemon_pipe[2]; struct clienttable *clienttable; + + /* + * Should management connections use SSL? This is the only place we + * can put it where both daemon-startup and socket code will see it. + * + * Why is it an int? Because we're included before common-utils.h, + * which defines gf_boolean_t (what we really want). It doesn't make + * any sense, but it's not worth turning the codebase upside-down to + * fix it. Thus, an int. + */ + int secure_mgmt; + + /* + * Should *our* server/inbound connections use SSL? This is only true + * if we're glusterd and secure_mgmt is set, or if we're glusterfsd + * and SSL is set on the I/O path. It should never be set e.g. for + * NFS. + */ + mgmt_ssl_t secure_srvr; + }; typedef struct _glusterfs_ctx glusterfs_ctx_t; @@ -528,6 +558,26 @@ struct gf_flock { */ #define GF_UNUSED __attribute__((unused)) +/* + * If present, this has the following effects: + * + * glusterd enables privileged commands over TCP + * + * all code enables SSL for outbound connections to management port + * + * glusterd enables SSL for inbound connections + * + * Servers and clients enable/disable SSL among themselves by other means. + * Making secure management connections conditional on a file is a bit of a + * hack, but we don't have any other place for such global settings across + * all of the affected components. Making it a compile-time option would + * reduce functionality, both for users and for testing (which can now be + * done using secure connections for all tests without change elsewhere). + * + * Nonetheless, TBD: define in terms of build-time PREFIX + */ +#define SECURE_ACCESS_FILE "/var/lib/glusterd/secure-access" + int glusterfs_graph_prepare (glusterfs_graph_t *graph, glusterfs_ctx_t *ctx); int glusterfs_graph_destroy (glusterfs_graph_t *graph); int glusterfs_graph_activate (glusterfs_graph_t *graph, glusterfs_ctx_t *ctx); |