コード例 #1
0
ファイル: option-file.c プロジェクト: AsherBond/glusterfs
#include "xlator.h"
#include "defaults.h"

#include "meta-mem-types.h"
#include "meta.h"
#include "meta-hooks.h"


static int
option_file_fill (xlator_t *this, inode_t *inode, strfd_t *strfd)
{
	data_t *data = NULL;

	data = meta_ctx_get (inode, this);

	strprintf (strfd, "%s\n", data_to_str (data));

	return strfd->size;
}


static struct meta_ops option_file_ops = {
	.file_fill = option_file_fill
};


int
meta_option_file_hook (call_frame_t *frame, xlator_t *this, loc_t *loc,
		       dict_t *xdata)
{
	xlator_t *xl = NULL;
コード例 #2
0
ファイル: diskscan.c プロジェクト: jdn06/diskscan
static bool disk_scan_part(disk_t *disk, uint64_t offset, void *data, int data_size, struct scan_state *state)
{
	ssize_t ret;
	struct timespec t_start;
	struct timespec t_end;
	uint64_t t;
	int error = 0;
	io_result_t io_res;

	clock_gettime(CLOCK_MONOTONIC, &t_start);
	ret = disk_dev_read(&disk->dev, offset, data_size, data, &io_res);
	clock_gettime(CLOCK_MONOTONIC, &t_end);

	t = (t_end.tv_sec - t_start.tv_sec) * 1000000000 +
		t_end.tv_nsec - t_start.tv_nsec;
	const uint64_t t_msec = t / 1000000;

	// Perform logging
	data_log_raw(&disk->data_raw, offset/disk->sector_size, data_size/disk->sector_size, &io_res, t);
	data_log(&disk->data_log, offset/disk->sector_size, data_size/disk->sector_size, &io_res, t);

	// Handle error or incomplete data
	if (io_res.data != DATA_FULL || io_res.error != ERROR_NONE) {
		int s_errno = errno;
		ERROR("Error when reading at offset %" PRIu64 " size %d read %zd, errno=%d: %s", offset, data_size, ret, errno, strerror(errno));
		ERROR("Details: error=%s data=%s %02X/%02X/%02X", error_to_str(io_res.error), data_to_str(io_res.data),
				io_res.info.sense_key, io_res.info.asc, io_res.info.ascq);
		report_scan_error(disk, offset, data_size, t);
		disk->num_errors++;
		error = 1;
		if (io_res.error == ERROR_FATAL) {
			ERROR("Fatal error occurred, bailing out.");
			return false;
		}
		if (io_res.error == ERROR_UNKNOWN) {
			if (state->num_unknown_errors++ > 500) {
				ERROR("%u unknown errors occurred, assuming fatal issue.", state->num_unknown_errors);
				return false;
			}
			ERROR("Unknown error occurred, possibly untranslated error by storage layers, trying to continue.");

		}

		if (s_errno != EIO && s_errno != 0)
			abort();
		// TODO: What to do when no everything was read but errno is zero?
	}
	else {
		state->num_unknown_errors = 0; // Clear non-consecutive unknown errors
		report_scan_success(disk, offset, data_size, t);
	}

	hdr_record_value(disk->histogram, t / 1000);
	latency_bucket_add(disk, t_msec, state);

	if (t_msec > 1000) {
		VERBOSE("Scanning at offset %" PRIu64 " took %"PRIu64" msec", offset, t_msec);
	}

	if (disk->fix && (t_msec > 3000 || error)) {
		if (io_res.error != ERROR_UNCORRECTED) {
			INFO("Fixing region by rewriting, offset=%"PRIu64" size=%d", offset, data_size);
			ret = disk_dev_write(&disk->dev, offset, data_size, data, &io_res);
			if (ret != data_size) {
				ERROR("Error while attempting to rewrite the data! ret=%zd errno=%d: %s", ret, errno, strerror(errno));
			}
		} else {
			// When we correct uncorrectable errors we want to zero it out, this should reduce any confusion later on when the data is read
			unsigned fix_offset = 0;
			int fix_size = 4096;

			if (data_size < fix_size)
				fix_size = data_size;

			for (; data_size >= (int)(fix_offset + fix_size); fix_offset += fix_size) {
				disk_dev_read(&disk->dev, offset+fix_offset, fix_size, data, &io_res);
				if (io_res.error == ERROR_UNCORRECTED) {
					INFO("Fixing uncorrectable region by writing zeros, offset=%"PRIu64" size=%d", offset+fix_offset, fix_size);
					memset(data, 0, fix_size);
					ret = disk_dev_write(&disk->dev, offset+fix_offset, fix_size, data, &io_res);
					if (ret != data_size) {
						ERROR("Error while attempting to overwrite uncorrectable data! ret=%zd errno=%d: %s", ret, errno, strerror(errno));
					}
				}
			}
		}
	}

	return true;
}
コード例 #3
0
ファイル: login.c プロジェクト: gluster/glusterfs
auth_result_t
gf_auth(dict_t *input_params, dict_t *config_params)
{
    auth_result_t result = AUTH_DONT_CARE;
    int ret = 0;
    data_t *allow_user = NULL;
    data_t *username_data = NULL;
    data_t *passwd_data = NULL;
    data_t *password_data = NULL;
    char *username = NULL;
    char *password = NULL;
    char *brick_name = NULL;
    char *searchstr = NULL;
    char *username_str = NULL;
    char *tmp = NULL;
    char *username_cpy = NULL;
    gf_boolean_t using_ssl = _gf_false;
    gf_boolean_t strict_auth = _gf_false;

    username_data = dict_get(input_params, "ssl-name");
    if (username_data) {
        gf_log("auth/login", GF_LOG_INFO, "connecting user name: %s",
               username_data->data);
        using_ssl = _gf_true;
    } else {
        ret = dict_get_str_boolean(config_params, "strict-auth-accept",
                                   _gf_false);
        if (ret == -1)
            strict_auth = _gf_false;
        else
            strict_auth = ret;

        username_data = dict_get(input_params, "username");
        if (!username_data) {
            if (strict_auth) {
                gf_log("auth/login", GF_LOG_DEBUG,
                       "username not found, strict auth"
                       " configured returning REJECT");
                result = AUTH_REJECT;
            } else {
                gf_log("auth/login", GF_LOG_DEBUG,
                       "username not found, returning"
                       " DONT-CARE");
            }
            goto out;
        }
        password_data = dict_get(input_params, "password");
        if (!password_data) {
            if (strict_auth) {
                gf_log("auth/login", GF_LOG_DEBUG,
                       "password not found, strict auth"
                       " configured returning REJECT");
                result = AUTH_REJECT;
            } else {
                gf_log("auth/login", GF_LOG_WARNING,
                       "password not found, returning"
                       " DONT-CARE");
            }
            goto out;
        }
        password = data_to_str(password_data);
    }
    username = data_to_str(username_data);

    brick_name = data_to_str(dict_get(input_params, "remote-subvolume"));
    if (!brick_name) {
        gf_log("auth/login", GF_LOG_ERROR, "remote-subvolume not specified");
        result = AUTH_REJECT;
        goto out;
    }

    ret = gf_asprintf(&searchstr, "auth.login.%s.%s", brick_name,
                      using_ssl ? "ssl-allow" : "allow");
    if (-1 == ret) {
        gf_log("auth/login", GF_LOG_ERROR,
               "asprintf failed while setting search string, "
               "returning REJECT");
        result = AUTH_REJECT;
        goto out;
    }

    allow_user = dict_get(config_params, searchstr);
    GF_FREE(searchstr);

    if (allow_user) {
        gf_log("auth/login", GF_LOG_INFO, "allowed user names: %s",
               allow_user->data);
        /*
         * There's a subtle difference between SSL and non-SSL behavior
         * if we can't match anything in the "while" loop below.
         * Intuitively, we should AUTH_REJECT if there's no match.
         * However, existing code depends on allowing untrusted users
         * to connect with *no credentials at all* by falling through
         * the loop.  They're still distinguished from trusted users
         * who do provide a valid username and password (in fact that's
         * pretty much the only thing we use non-SSL login auth for),
         * but they are allowed to connect.  It's wrong, but it's not
         * worth changing elsewhere.  Therefore, we do the sane thing
         * only for SSL here.
         *
         * For SSL, if there's a list *you must be on it*.  Note that
         * if there's no list we don't care.  In that case (and the
         * ssl-allow=* case as well) authorization is effectively
         * disabled, though authentication and encryption are still
         * active.
         *
         * Read NOTE on strict_auth above.
         */
        if (using_ssl || strict_auth) {
            result = AUTH_REJECT;
        }
        username_cpy = gf_strdup(allow_user->data);
        if (!username_cpy)
            goto out;

        username_str = strtok_r(username_cpy, " ,", &tmp);

        /*
         * We have to match a user's *authenticated* name to one in the
         * list.  If we're using SSL, they're already authenticated.
         * Otherwise, they need a matching password to complete the
         * process.
         */
        while (username_str) {
            if (!fnmatch(username_str, username, 0)) {
                if (using_ssl) {
                    result = AUTH_ACCEPT;
                    break;
                }
                ret = gf_asprintf(&searchstr, "auth.login.%s.password",
                                  username);
                if (-1 == ret) {
                    gf_log("auth/login", GF_LOG_WARNING,
                           "asprintf failed while setting search string");
                    goto out;
                }
                passwd_data = dict_get(config_params, searchstr);
                GF_FREE(searchstr);

                if (!passwd_data) {
                    gf_log("auth/login", GF_LOG_ERROR,
                           "wrong username/password combination");
                    result = AUTH_REJECT;
                    goto out;
                }

                result = !((strcmp(data_to_str(passwd_data), password))
                               ? AUTH_ACCEPT
                               : AUTH_REJECT);
                if (result == AUTH_REJECT)
                    gf_log("auth/login", GF_LOG_ERROR,
                           "wrong password for user %s", username);

                break;
            }
            username_str = strtok_r(NULL, " ,", &tmp);
        }
    }

out:
    GF_FREE(username_cpy);

    return result;
}
コード例 #4
0
ファイル: addr.c プロジェクト: alexbers/glusterfs_experiments
auth_result_t
gf_auth (dict_t *input_params, dict_t *config_params)
{
        auth_result_t  result         = AUTH_DONT_CARE;
        int            ret            = 0;
        char          *name           = NULL;
        char          *searchstr      = NULL;
        peer_info_t   *peer_info      = NULL;
        data_t        *peer_info_data = NULL;
        data_t        *allow_addr     = NULL;
        data_t        *reject_addr    = NULL;
        char          *addr_str       = NULL;
        char          *tmp            = NULL;
        char          *addr_cpy       = NULL;
        char          *service        = NULL;
        uint16_t       peer_port      = 0;
        char           is_inet_sdp    = 0;
        char           negate         = 0;
        char           match          = 0;
        char           peer_addr[UNIX_PATH_MAX];
        char          *type           = NULL;
        gf_boolean_t   allow_insecure = _gf_false;

        name = data_to_str (dict_get (input_params, "remote-subvolume"));
        if (!name) {
                gf_log ("authenticate/addr", GF_LOG_DEBUG,
                        "remote-subvolume not specified");
                goto out;
        }

        ret = gf_asprintf (&searchstr, "auth.addr.%s.allow", name);
        if (-1 == ret) {
                gf_log ("auth/addr", GF_LOG_DEBUG,
                        "asprintf failed while setting search string");
                goto out;
        }

        allow_addr = dict_get (config_params, searchstr);
        GF_FREE (searchstr);

        ret = gf_asprintf (&searchstr, "auth.addr.%s.reject", name);
        if (-1 == ret) {
                gf_log ("auth/addr", GF_LOG_ERROR,
                        "asprintf failed while setting search string");
                goto out;
        }
        reject_addr = dict_get (config_params, searchstr);
        GF_FREE (searchstr);

        if (!allow_addr) {
                /* TODO: backword compatibility */
                ret = gf_asprintf (&searchstr, "auth.ip.%s.allow", name);
                if (-1 == ret) {
                        gf_log ("auth/addr", GF_LOG_ERROR,
                                "asprintf failed while setting search string");
                        goto out;
                }
                allow_addr = dict_get (config_params, searchstr);
                GF_FREE (searchstr);
        }

        if (!(allow_addr || reject_addr)) {
                gf_log ("auth/addr",  GF_LOG_DEBUG,
                        "none of the options auth.addr.%s.allow or "
                        "auth.addr.%s.reject specified, returning auth_dont_care",
                        name, name);
                goto out;
        }

        peer_info_data = dict_get (input_params, "peer-info");
        if (!peer_info_data) {
                gf_log ("auth/addr", GF_LOG_ERROR,
                        "peer-info not present");
                goto out;
        }

        peer_info = data_to_ptr (peer_info_data);

        switch (((struct sockaddr *) &peer_info->sockaddr)->sa_family)
        {
        case AF_INET_SDP:
                is_inet_sdp = 1;
                ((struct sockaddr *) &peer_info->sockaddr)->sa_family = AF_INET;

        case AF_INET:
        case AF_INET6:
        {
                strcpy (peer_addr, peer_info->identifier);
                service = strrchr (peer_addr, ':');
                *service = '\0';
                service ++;

                if (is_inet_sdp) {
                        ((struct sockaddr *) &peer_info->sockaddr)->sa_family = AF_INET_SDP;
                }

                ret = dict_get_str (config_params, "rpc-auth-allow-insecure",
                                    &type);
                if (ret == 0) {
                        ret = gf_string2boolean (type, &allow_insecure);
                        if (ret < 0) {
                                gf_log ("auth/addr", GF_LOG_WARNING,
                                        "rpc-auth-allow-insecure option %s "
                                        "is not a valid bool option", type);
                                goto out;
                        }
                }

                peer_port = atoi (service);
                if (peer_port >= PRIVILEGED_PORT_CEILING && !allow_insecure) {
                        gf_log ("auth/addr", GF_LOG_ERROR,
                                "client is bound to port %d which is not privileged",
                                peer_port);
                        goto out;
                }
                break;

        case AF_UNIX:
                strcpy (peer_addr, peer_info->identifier);
                break;

        default:
                gf_log ("authenticate/addr", GF_LOG_ERROR,
                        "unknown address family %d",
                        ((struct sockaddr *) &peer_info->sockaddr)->sa_family);
                goto out;
        }
        }

        if (reject_addr) {
                addr_cpy = gf_strdup (reject_addr->data);
                if (!addr_cpy)
                        goto out;

                addr_str = strtok_r (addr_cpy, ADDR_DELIMITER, &tmp);

                while (addr_str) {
                        gf_log (name,  GF_LOG_DEBUG,
                                "rejected = \"%s\", received addr = \"%s\"",
                                addr_str, peer_addr);
                        if (addr_str[0] == '!') {
                                negate = 1;
                                addr_str++;
                        }

                        match = fnmatch (addr_str, peer_addr, 0);
                        if (negate ? match : !match) {
                                result = AUTH_REJECT;
                                goto out;
                        }
                        addr_str = strtok_r (NULL, ADDR_DELIMITER, &tmp);
                }
                GF_FREE (addr_cpy);
        }

        if (allow_addr) {
                addr_cpy = gf_strdup (allow_addr->data);
                if (!addr_cpy)
                        goto out;

                addr_str = strtok_r (addr_cpy, ADDR_DELIMITER, &tmp);

                while (addr_str) {
                        gf_log (name,  GF_LOG_DEBUG,
                                "allowed = \"%s\", received addr = \"%s\"",
                                addr_str, peer_addr);
                        if (addr_str[0] == '!') {
                                negate = 1;
                                addr_str++;
                        }

                        match = fnmatch (addr_str, peer_addr, 0);
                        if (negate ? match : !match) {
                                result = AUTH_ACCEPT;
                                goto out;
                        }
                        addr_str = strtok_r (NULL, ADDR_DELIMITER, &tmp);
                }
        }

out:
        if (addr_cpy)
                GF_FREE (addr_cpy);

        return result;
}
コード例 #5
0
ファイル: addr.c プロジェクト: raghavendrabhat/glusterfs
auth_result_t
gf_auth (dict_t *input_params, dict_t *config_params)
{
        auth_result_t  result         = AUTH_DONT_CARE;
        int            ret            = 0;
        char          *name           = NULL;
        char          *searchstr      = NULL;
        peer_info_t   *peer_info      = NULL;
        data_t        *peer_info_data = NULL;
        data_t        *allow_addr     = NULL;
        data_t        *reject_addr    = NULL;
        char          *service        = NULL;
        uint16_t       peer_port      = 0;
        char           peer_addr[UNIX_PATH_MAX] = {0,};
        char          *type           = NULL;
        gf_boolean_t   allow_insecure = _gf_false;
        char          *subdir         = NULL;

        name = data_to_str (dict_get (input_params, "remote-subvolume"));
        if (!name) {
                gf_log ("authenticate/addr", GF_LOG_DEBUG,
                        "remote-subvolume not specified");
                goto out;
        }

        ret = gf_asprintf (&searchstr, "auth.addr.%s.allow", name);
        if (-1 == ret) {
                gf_log ("auth/addr", GF_LOG_DEBUG,
                        "asprintf failed while setting search string");
                goto out;
        }

        allow_addr = dict_get (config_params, searchstr);
        GF_FREE (searchstr);

        ret = gf_asprintf (&searchstr, "auth.addr.%s.reject", name);
        if (-1 == ret) {
                gf_log ("auth/addr", GF_LOG_ERROR,
                        "asprintf failed while setting search string");
                goto out;
        }
        reject_addr = dict_get (config_params, searchstr);
        GF_FREE (searchstr);

        if (!allow_addr) {
                /* TODO: backward compatibility */
                ret = gf_asprintf (&searchstr, "auth.ip.%s.allow", name);
                if (-1 == ret) {
                        gf_log ("auth/addr", GF_LOG_ERROR,
                                "asprintf failed while setting search string");
                        goto out;
                }
                allow_addr = dict_get (config_params, searchstr);
                GF_FREE (searchstr);
        }

        if (!(allow_addr || reject_addr)) {
                gf_log ("auth/addr",  GF_LOG_DEBUG,
                        "none of the options auth.addr.%s.allow or "
                        "auth.addr.%s.reject specified, returning auth_dont_care",
                        name, name);
                goto out;
        }

        peer_info_data = dict_get (input_params, "peer-info");
        if (!peer_info_data) {
                gf_log ("auth/addr", GF_LOG_ERROR,
                        "peer-info not present");
                goto out;
        }


        ret = dict_get_str (input_params, "subdir-mount", &subdir);
        if (ret) {
                subdir = "/";
        }

        peer_info = data_to_ptr (peer_info_data);

        switch (((struct sockaddr *) &peer_info->sockaddr)->sa_family) {
        case AF_INET_SDP:
        case AF_INET:
        case AF_INET6:
                strcpy (peer_addr, peer_info->identifier);
                service = strrchr (peer_addr, ':');
                *service = '\0';
                service++;

                ret = dict_get_str (config_params, "rpc-auth-allow-insecure",
                                    &type);
                if (ret == 0) {
                        ret = gf_string2boolean (type, &allow_insecure);
                        if (ret < 0) {
                                gf_log ("auth/addr", GF_LOG_WARNING,
                                        "rpc-auth-allow-insecure option %s "
                                        "is not a valid bool option", type);
                                goto out;
                        }
                }

                peer_port = atoi (service);
                if (peer_port >= PRIVILEGED_PORT_CEILING && !allow_insecure) {
                        gf_log ("auth/addr", GF_LOG_ERROR,
                                "client is bound to port %d which is not privileged",
                                peer_port);
                        result = AUTH_REJECT;
                        goto out;
                }
                break;

        case AF_UNIX:
                strcpy (peer_addr, peer_info->identifier);
                break;

        default:
                gf_log ("authenticate/addr", GF_LOG_ERROR,
                        "unknown address family %d",
                        ((struct sockaddr *) &peer_info->sockaddr)->sa_family);
                goto out;
        }

        if (reject_addr) {
                parse_entries_and_compare (reject_addr->data, peer_addr, name,
                                           subdir, &result, AUTH_REJECT);
                if (result == AUTH_REJECT)
                        goto out;
        }

        if (allow_addr) {
                parse_entries_and_compare (allow_addr->data, peer_addr, name,
                                           subdir, &result, AUTH_ACCEPT);
        }

out:
        return result;
}
コード例 #6
0
ファイル: diskscan.c プロジェクト: Mc128k/diskscan
static bool disk_scan_part(disk_t *disk, uint64_t offset, void *data, int data_size, struct scan_state *state)
{
	ssize_t ret;
	struct timespec t_start;
	struct timespec t_end;
	uint64_t t;
	int error = 0;
	io_result_t io_res;

	clock_gettime(CLOCK_MONOTONIC, &t_start);
	ret = disk_dev_read(&disk->dev, offset, data_size, data, &io_res);
	clock_gettime(CLOCK_MONOTONIC, &t_end);

	t = (t_end.tv_sec - t_start.tv_sec) * 1000000000 +
		t_end.tv_nsec - t_start.tv_nsec;
	const uint64_t t_msec = t / 1000000;

	// Perform logging
	data_log_raw(&disk->data_raw, offset/disk->sector_size, data_size/disk->sector_size, &io_res, t);
	data_log(&disk->data_log, offset/disk->sector_size, data_size/disk->sector_size, &io_res, t);

	// Handle error or incomplete data
	if (io_res.data != DATA_FULL || io_res.error != ERROR_NONE) {
		int s_errno = errno;
		ERROR("Error when reading at offset %" PRIu64 " size %d read %zd: %m", offset, data_size, ret);
		ERROR("Details: error=%s data=%s %02X/%02X/%02X", error_to_str(io_res.error), data_to_str(io_res.data),
				io_res.info.sense_key, io_res.info.asc, io_res.info.ascq);
		report_scan_error(disk, offset, data_size, t);
		disk->num_errors++;
		error = 1;
		if (io_res.error == ERROR_FATAL) {
			ERROR("Fatal error occurred, bailing out.");
			return false;
		}
		if (io_res.error == ERROR_UNKNOWN) {
			if (state->num_unknown_errors++ > 500) {
				ERROR("%u unknown errors occurred, assuming fatal issue.", state->num_unknown_errors);
				return false;
			}
			ERROR("Unknown error occurred, possibly untranslated error by storage layers, trying to continue.");

		}

		if (s_errno != EIO && s_errno != 0)
			abort();
		// TODO: What to do when no everything was read but errno is zero?
	}
	else {
		state->num_unknown_errors = 0; // Clear non-consecutive unknown errors
		report_scan_success(disk, offset, data_size, t);
	}

	unsigned hist_idx = 0;
	while (t_msec >= histogram_time[hist_idx].top_val && hist_idx < ARRAY_SIZE(disk->histogram) - 1) {
		hist_idx++;
	}
	disk->histogram[hist_idx]++;

	latency_bucket_add(disk, t_msec, state);

	if (t_msec > 1000) {
		VERBOSE("Scanning at offset %" PRIu64 " took %"PRIu64" msec", offset, t_msec);
	}

	if (disk->fix && (t_msec > 3000 || error)) {
		INFO("Fixing region by rewriting, offset=%"PRIu64" size=%d", offset, data_size);
		ret = disk_dev_write(&disk->dev, offset, data_size, data, &io_res);
		if (ret != data_size) {
			ERROR("Error while attempting to rewrite the data! ret=%zd errno=%d: %m", ret, errno);
		}
	}

	return true;
}
コード例 #7
0
ファイル: transport.c プロジェクト: NeilW/deb-glusterfs
transport_t *
transport_load (dict_t *options,
		xlator_t *xl,
		event_notify_fn_t notify)
{
  struct transport *trans = calloc (1, sizeof (struct transport));
  data_t *type_data;
  char *name = NULL;
  void *handle = NULL;
  char *type = "ERROR";

  if (!options) {
    freee (trans);
    gf_log ("transport", GF_LOG_ERROR, "options is NULL");
    return NULL;
  }
  if (!xl) {
    freee (trans);
    gf_log ("transport", GF_LOG_ERROR, "xl is NULL");
    return NULL;
  }
  if (!notify) {
    freee (trans);
    gf_log ("transport", GF_LOG_ERROR, "notify is NULL");
    return NULL;
  }

  type_data = dict_get (options, "transport-type"); // transport type, e.g., "tcp"
  trans->xl = xl;

  trans->notify = notify;


  if (type_data) {
    type = data_to_str (type_data);
  } else {
    freee (trans);
    gf_log ("transport", GF_LOG_ERROR,
	    "'option transport-type <xxxx/_____>' missing in specification");
    return NULL;
  }

  asprintf (&name, "%s/%s.so", TRANSPORTDIR, type);
  gf_log ("transport", GF_LOG_DEBUG,
	  "attempt to load file %s", name);

  handle = dlopen (name, RTLD_NOW|RTLD_GLOBAL);

  if (!handle) {
    gf_log ("transport", GF_LOG_ERROR,
	    "dlopen (%s): %s", name, dlerror ());
    freee (name);
    freee (trans);
    return NULL;
  };
  freee (name);

  if (!(trans->ops = dlsym (handle, "transport_ops"))) {
    gf_log ("transport", GF_LOG_ERROR,
	    "dlsym (transport_ops) on %s", dlerror ());
    freee (trans);
    return NULL;
  }

  if (!(trans->init = dlsym (handle, "gf_transport_init"))) {
    gf_log ("transport", GF_LOG_ERROR,
	    "dlsym (gf_transport_init) on %s", dlerror ());
    freee (trans);
    return NULL;
  }

  if (!(trans->fini = dlsym (handle, "gf_transport_fini"))) {
    gf_log ("transport", GF_LOG_ERROR,
	    "dlsym (gf_transport_fini) on %s", dlerror ());
    freee (trans);
    return NULL;
  }

  if (trans->init (trans, options, notify) != 0) {
    gf_log ("transport", GF_LOG_ERROR,
	    "'%s' initialization failed", type);
    freee (trans);
    return NULL;
  }

  pthread_mutex_init (&trans->lock, NULL);

  return trans;
}
コード例 #8
0
ファイル: login.c プロジェクト: NeilW/deb-glusterfs
auth_result_t gf_auth (dict_t *input_params, dict_t *config_params)
{
  char *username = NULL, *password = NULL;
  data_t *allow_user = NULL, *username_data = NULL, *password_data = NULL;
  int32_t result = AUTH_DONT_CARE;
  char *brick_name = NULL, *searchstr = NULL;
  
  username_data = dict_get (input_params, "username");
  if (!username_data) 
    return AUTH_DONT_CARE;

  username = data_to_str (username_data);

  password_data = dict_get (input_params, "password");
  if (!password_data)
    return AUTH_DONT_CARE;

  password = data_to_str (password_data);

  brick_name = data_to_str (dict_get (input_params, "remote-subvolume"));
  if (!brick_name) {
    gf_log ("auth/login",
	    GF_LOG_ERROR,
	    "remote-subvolume not specified");
    return AUTH_REJECT;
  }

  asprintf (&searchstr, "auth.login.%s.allow", brick_name);
  allow_user = dict_get (config_params,
			 searchstr);
  free (searchstr);

  if (allow_user) {
    char *username_str = NULL;
    char *tmp;
    char *username_cpy = strdup (allow_user->data);
    
    username_str = strtok_r (username_cpy, " ,", &tmp);
      
    while (username_str) {
      data_t *passwd_data = NULL;
      if (!fnmatch (username_str,
		    username,
		    0)) {
	asprintf (&searchstr, "auth.login.%s.password", username);
	passwd_data = dict_get (config_params, searchstr);
	if (!passwd_data) {
	  gf_log ("auth/login",
		  GF_LOG_DEBUG,
		  "wrong username/password combination");
	  result = AUTH_REJECT;
	}
	else 
	  result = !strcmp (data_to_str (passwd_data), password) ? AUTH_ACCEPT : AUTH_REJECT;
	break;
      }
      username_str = strtok_r (NULL, " ,", &tmp);  
    }
    free (username_cpy);
  }

  return result;
}
コード例 #9
0
ファイル: login.c プロジェクト: BillTheBest/glusterfs
auth_result_t gf_auth (dict_t *input_params, dict_t *config_params)
{
        auth_result_t  result  = AUTH_DONT_CARE;
        int      ret           = 0;
        data_t  *allow_user    = NULL;
        data_t  *username_data = NULL;
        data_t  *passwd_data   = NULL;
        data_t  *password_data = NULL;
        char    *username      = NULL;
        char    *password      = NULL;
        char    *brick_name    = NULL;
        char    *searchstr     = NULL;
        char    *username_str  = NULL;
        char    *tmp           = NULL;
        char    *username_cpy  = NULL;

        username_data = dict_get (input_params, "username");
        if (!username_data) {
                gf_log ("auth/login", GF_LOG_DEBUG,
                        "username not found, returning DONT-CARE");
                goto out;
        }

        username = data_to_str (username_data);

        password_data = dict_get (input_params, "password");
        if (!password_data) {
                gf_log ("auth/login", GF_LOG_WARNING,
                        "password not found, returning DONT-CARE");
                goto out;
        }

        password = data_to_str (password_data);

        brick_name = data_to_str (dict_get (input_params, "remote-subvolume"));
        if (!brick_name) {
                gf_log ("auth/login", GF_LOG_ERROR,
                        "remote-subvolume not specified");
                result = AUTH_REJECT;
                goto out;
        }

        ret = gf_asprintf (&searchstr, "auth.login.%s.allow", brick_name);
        if (-1 == ret) {
                gf_log ("auth/login", GF_LOG_WARNING,
                        "asprintf failed while setting search string, "
                        "returning DONT-CARE");
                goto out;
        }

        allow_user = dict_get (config_params, searchstr);
        GF_FREE (searchstr);

        if (allow_user) {
                username_cpy = gf_strdup (allow_user->data);
                if (!username_cpy)
                        goto out;

                username_str = strtok_r (username_cpy, " ,", &tmp);

                while (username_str) {
                        if (!fnmatch (username_str, username, 0)) {
                                ret = gf_asprintf (&searchstr,
                                                   "auth.login.%s.password",
                                                   username);
                                if (-1 == ret) {
                                        gf_log ("auth/login", GF_LOG_WARNING,
                                                "asprintf failed while setting search string");
                                        goto out;
                                }
                                passwd_data = dict_get (config_params, searchstr);
                                GF_FREE (searchstr);

                                if (!passwd_data) {
                                        gf_log ("auth/login", GF_LOG_ERROR,
                                                "wrong username/password combination");
                                        result = AUTH_REJECT;
                                        goto out;
                                }

                                result = !((strcmp (data_to_str (passwd_data),
                                                    password)) ?
                                           AUTH_ACCEPT :
                                           AUTH_REJECT);
                                if (result == AUTH_REJECT)
                                        gf_log ("auth/login", GF_LOG_ERROR,
                                                "wrong password for user %s",
                                                username);

                                break;
                        }
                        username_str = strtok_r (NULL, " ,", &tmp);
                }
        }

out:
        if (username_cpy)
                GF_FREE (username_cpy);

        return result;
}