diff options
Diffstat (limited to 'recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch')
-rw-r--r-- | recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch | 43 |
1 files changed, 0 insertions, 43 deletions
diff --git a/recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch b/recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch deleted file mode 100644 index dcbb4350..00000000 --- a/recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch +++ /dev/null @@ -1,43 +0,0 @@ -From e79741414777c25e5c2a08e6c31619a0fbaad058 Mon Sep 17 00:00:00 2001 -From: Mohit Agrawal <moagrawa@redhat.com> -Date: Wed, 20 Jun 2018 16:13:00 +0530 -Subject: [PATCH 3/3] glusterfs: access trusted peer group via remote-host - command - -Problem: In SSL environment the user is able to access volume - via remote-host command without adding node in a trusted pool - -Solution: Change the list of rpc program in glusterd.c at the - time of initialization while SSL is enabled - -BUG: 1593232 -Change-Id: I987e433b639e68ad17b77b6452df1e22dbe0f199 -fixes: bz#1593232 -Signed-off-by: Mohit Agrawal <moagrawa@redhat.com> - -Upstream-Status: Backport -Fix CVE-2018-10841 -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - xlators/mgmt/glusterd/src/glusterd.c | 5 ----- - 1 file changed, 5 deletions(-) - -diff --git a/xlators/mgmt/glusterd/src/glusterd.c b/xlators/mgmt/glusterd/src/glusterd.c -index ef20689..5e0ed8d 100644 ---- a/xlators/mgmt/glusterd/src/glusterd.c -+++ b/xlators/mgmt/glusterd/src/glusterd.c -@@ -1646,11 +1646,6 @@ init (xlator_t *this) - goto out; - } - /* -- * With strong authentication, we can afford to allow -- * privileged operations over TCP. -- */ -- gd_inet_programs[1] = &gd_svc_cli_prog; -- /* - * This is the only place where we want secure_srvr to reflect - * the management-plane setting. - */ --- -2.7.4 - |