From eff98516684b4d488e785e8d1b06f2876849f551 Mon Sep 17 00:00:00 2001 From: Sunny Kumar Date: Fri, 17 Jan 2020 11:03:46 +0000 Subject: geo-rep: Fix ssh-port validation If non-standard ssh-port is used, Geo-rep can be configured to use ssh port by using config option, the value should be in allowed port range and non negative. At present it can accept negative value and outside allowed port range which is incorrect. Many Linux kernels use the port range 32768 to 61000. IANA suggests it should be in the range 1 to 2^16 - 1, so keeping the same. $ gluster volume geo-replication master 127.0.0.1::slave config ssh-port -22 geo-replication config updated successfully $ gluster volume geo-replication master 127.0.0.1::slave config ssh-port 22222222 geo-replication config updated successfully This patch fixes the above issue and have added few validations around this in test cases. Upstream Patch: https://review.gluster.org/#/c/glusterfs/+/24035/ Backport of: > Change-Id: I9875ab3f00d7257370fbac6f5ed4356d2fed3f3c > Fixes: bz#1792276 > Signed-off-by: Sunny Kumar > (cherry picked from commit 485212e858bddd97573a3b2b811357b0d822005a) Change-Id: I9875ab3f00d7257370fbac6f5ed4356d2fed3f3c Fixes: bz#1793412 Signed-off-by: Sunny Kumar --- geo-replication/gsyncd.conf.in | 4 +++- tests/00-geo-rep/00-georep-verify-non-root-setup.t | 16 ++++++++++++++++ tests/00-geo-rep/georep-basic-dr-rsync.t | 13 +++++++++++++ 3 files changed, 32 insertions(+), 1 deletion(-) diff --git a/geo-replication/gsyncd.conf.in b/geo-replication/gsyncd.conf.in index 9155cd87bbe..11e57fdf54f 100644 --- a/geo-replication/gsyncd.conf.in +++ b/geo-replication/gsyncd.conf.in @@ -266,7 +266,9 @@ allowed_values=ERROR,INFO,WARNING,DEBUG [ssh-port] value=22 -validation=int +validation=minmax +min=1 +max=65535 help=Set SSH port type=int diff --git a/tests/00-geo-rep/00-georep-verify-non-root-setup.t b/tests/00-geo-rep/00-georep-verify-non-root-setup.t index ed7e589101d..27ed82732c9 100644 --- a/tests/00-geo-rep/00-georep-verify-non-root-setup.t +++ b/tests/00-geo-rep/00-georep-verify-non-root-setup.t @@ -223,6 +223,22 @@ TEST $GEOREP_CLI $master $slave_url resume #Validate failure of volume stop when geo-rep is running TEST ! $CLI volume stop $GMV0 +#Negative test for ssh-port +#Port should be integer and between 1-65535 range + +TEST ! $GEOREP_CLI $master $slave_url config ssh-port -22 + +TEST ! $GEOREP_CLI $master $slave_url config ssh-port abc + +TEST ! $GEOREP_CLI $master $slave_url config ssh-port 6875943 + +TEST ! $GEOREP_CLI $master $slave_url config ssh-port 4.5 + +TEST ! $GEOREP_CLI $master $slave_url config ssh-port 22a + +#Config Set ssh-port to validate int validation +TEST $GEOREP_CLI $master $slave config ssh-port 22 + #Hybrid directory rename test BZ#1763439 TEST $GEOREP_CLI $master $slave_url config change_detector xsync mkdir ${master_mnt}/dir1 diff --git a/tests/00-geo-rep/georep-basic-dr-rsync.t b/tests/00-geo-rep/georep-basic-dr-rsync.t index b6fbf1875f0..d785aa59fc9 100644 --- a/tests/00-geo-rep/georep-basic-dr-rsync.t +++ b/tests/00-geo-rep/georep-basic-dr-rsync.t @@ -71,6 +71,19 @@ EXPECT_WITHIN $GEO_REP_TIMEOUT 4 check_status_num_rows "Created" #Config gluster-command-dir TEST $GEOREP_CLI $master $slave config gluster-command-dir ${GLUSTER_CMD_DIR} +#Negative test for ssh-port +#Port should be integer and between 1-65535 range + +TEST ! $GEOREP_CLI $master $slave config ssh-port -22 + +TEST ! $GEOREP_CLI $master $slave config ssh-port abc + +TEST ! $GEOREP_CLI $master $slave config ssh-port 6875943 + +TEST ! $GEOREP_CLI $master $slave config ssh-port 4.5 + +TEST ! $GEOREP_CLI $master $slave config ssh-port 22a + #Config Set ssh-port to validate int validation TEST $GEOREP_CLI $master $slave config ssh-port 22 -- cgit