From 5ebf298ec03bc929a4142e70ed105130cf9c58df Mon Sep 17 00:00:00 2001
From: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Date: Fri, 24 Jul 2015 17:35:16 +0530
Subject: rpc: fix binding brick issue while bind-insecure is enabled

This patch is backport of http://review.gluster.org/#/c/11512/

> problem:

> When bind-insecure is turned on (which is the default now), it may happen
> that brick is not able to bind to port assigned by Glusterd for example
> 49192-49195...
>
> It seems to occur because the rpc_clnt connections are binding to ports in
> the same range. so brick fails to bind to a port which is already used by
> someone else
>
> solution:
>
> fix for now is to  make rpc_clnt to get port numbers from 65535 in a
> descending
> order, as a result port clash is minimized
>
> other fixes:
>
> previously rdma binds to port >= 1024 if it cannot find a free port < 1024,
> even when bind insecure was turned off(ref to commit '0e3fd04e'), this patch
> add's a check for bind-insecure in gf_rdma_client_bind function
>
> This patch also re-enable bind-insecure and allow insecure by default
> which was reverted (ref: commit cef1720) previously

> Change-Id: Ia1cfa93c5454e2ae0ff57813689b75de282ebd07
> BUG: 1238661
> Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>

Change-Id: Iea55f9b2a57b5e24d3df2c5fafae12fe99e9dee0
BUG: 1246481
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Reviewed-on: http://review.gluster.org/11758
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
---
 rpc/rpc-lib/src/rpcsvc-auth.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'rpc/rpc-lib/src/rpcsvc-auth.c')

diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c
index 6b4c7937437..b7d6c2216ef 100644
--- a/rpc/rpc-lib/src/rpcsvc-auth.c
+++ b/rpc/rpc-lib/src/rpcsvc-auth.c
@@ -221,9 +221,20 @@ rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options)
                         else
                                 svc->allow_insecure = 0;
                 }
+        } else {
+                /* By default set allow-insecure to true */
+                svc->allow_insecure = 1;
+
+                /* setting in options for the sake of functions that look
+                 * configuration params for allow insecure,  eg: gf_auth
+                 */
+                ret = dict_set_str (options, "rpc-auth-allow-insecure", "on");
+                if (ret < 0)
+                        gf_log ("rpc-auth", GF_LOG_DEBUG,
+                                        "dict_set failed for 'allow-insecure'");
         }
 
-        return 0;
+        return ret;
 }
 
 int
-- 
cgit