diff options
Diffstat (limited to 'libglusterfs')
-rw-r--r-- | libglusterfs/src/glusterfs.h | 6 | ||||
-rw-r--r-- | libglusterfs/src/graph.c | 42 | ||||
-rw-r--r-- | libglusterfs/src/libglusterfs.sym | 3 |
3 files changed, 49 insertions, 2 deletions
diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h index 6b0df533e69..250d8e69a4f 100644 --- a/libglusterfs/src/glusterfs.h +++ b/libglusterfs/src/glusterfs.h @@ -593,6 +593,11 @@ struct _glusterfs_ctx { */ int secure_mgmt; + /* The option is use to set cert_depth while management connection + use SSL + */ + int ssl_cert_depth; + /* * Should *our* server/inbound connections use SSL? This is only true * if we're glusterd and secure_mgmt is set, or if we're glusterfsd @@ -700,4 +705,5 @@ int glusterfs_graph_parent_up (glusterfs_graph_t *graph); void gf_free_mig_locks (lock_migration_info_t *locks); +int glusterfs_read_secure_access_file (void); #endif /* _GLUSTERFS_H */ diff --git a/libglusterfs/src/graph.c b/libglusterfs/src/graph.c index db80e21272a..d36cf7b3da5 100644 --- a/libglusterfs/src/graph.c +++ b/libglusterfs/src/graph.c @@ -16,7 +16,7 @@ #include "defaults.h" #include <unistd.h> #include "syscall.h" - +#include <regex.h> #include "libglusterfs-messages.h" #if 0 @@ -68,7 +68,47 @@ _gf_dump_details (int argc, char **argv) } #endif +int +glusterfs_read_secure_access_file (void) +{ + FILE *fp = NULL; + char line[100] = {0,}; + int cert_depth = 1; /* Default SSL CERT DEPTH */ + regex_t regcmpl; + char *key = {"^option transport.socket.ssl-cert-depth"}; + char keyval[50] = {0,}; + int start = 0, end = 0, copy_len = 0; + regmatch_t result[1] = {{0} }; + + fp = fopen (SECURE_ACCESS_FILE, "r"); + if (!fp) + goto out; + /* Check if any line matches with key */ + while (fgets(line, sizeof(line), fp) != NULL) { + if (regcomp (®cmpl, key, REG_EXTENDED)) { + goto out; + } + if (!regexec (®cmpl, line, 1, result, 0)) { + start = result[0].rm_so; + end = result[0].rm_eo; + copy_len = end - start; + strcpy (keyval, line+copy_len); + if (keyval[0]) { + cert_depth = atoi(keyval); + if (cert_depth == 0) + cert_depth = 1; /* Default SSL CERT DEPTH */ + break; + } + } + regfree(®cmpl); + } + +out: + if (fp) + fclose (fp); + return cert_depth; +} int glusterfs_xlator_link (xlator_t *pxl, xlator_t *cxl) diff --git a/libglusterfs/src/libglusterfs.sym b/libglusterfs/src/libglusterfs.sym index df97a7fd89a..6340bc8a3a2 100644 --- a/libglusterfs/src/libglusterfs.sym +++ b/libglusterfs/src/libglusterfs.sym @@ -733,6 +733,7 @@ glusterfs_graph_deactivate glusterfs_graph_destroy glusterfs_graph_destroy_residual glusterfs_graph_prepare +glusterfs_read_secure_access_file glusterfs_graph_print_file glusterfs_graph_set_first glusterfs_is_local_pathinfo @@ -1107,4 +1108,4 @@ use_spinlocks dump_options glusterfs_leaseid_buf_get gf_replace_old_iatt_in_dict -gf_replace_new_iatt_in_dict
\ No newline at end of file +gf_replace_new_iatt_in_dict |