NFS: Handle a zero-length auth flavor list

Some releases of Linux rpc.mountd (nfs-utils 1.1.4 and later) return an empty auth flavor list if no sec= was specified for the export. This is notably broken server behavior. The new auth flavor list checking added in a recent commit rejects this case. The OpenSolaris client does too. The broken mountd implementation is already widely deployed. To avoid a behavioral regression, the kernel's mount client skips flavor checking (ie reverts to the pre-2.6.32 behavior) if mountd returns an empty flavor list. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
author: Chuck Lever <chuck.lever@oracle.com> 2009-08-21 17:50:30 -0400
committer: Trond Myklebust <Trond.Myklebust@netapp.com> 2009-08-23 23:43:57 -0400
commit: 5eecfde615894dc1c2e3f85b515a96ae2e408fb5 (patch)
tree: 7bb8e5cb5b54b80181e5a433d71110f244d6037d /fs/nfs
parent: 405d8f8b1d936414da2093d4149ff790ff3f84a5 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 9c85cdb353aa..f3a95df4b95f 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -1338,6 +1338,16 @@ static int nfs_walk_authlist(struct nfs_parsed_mount_data *args,
        unsigned int i, j, server_authlist_len = *(request->auth_flav_len);
        /*
+         * Certain releases of Linux's mountd return an empty
+         * flavor list.  To prevent behavioral regression with
+         * these servers (ie. rejecting mounts that used to
+         * succeed), revert to pre-2.6.32 behavior (no checking)
+         * if the returned flavor list is empty.
+         */
+        if (server_authlist_len == 0)
+                return 0;
+        /*
         * We avoid sophisticated negotiating here, as there are
         * plenty of cases where we can get it wrong, providing
         * either too little or too much security.
author	Chuck Lever <chuck.lever@oracle.com>	2009-08-21 17:50:30 -0400
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	2009-08-23 23:43:57 -0400
commit	5eecfde615894dc1c2e3f85b515a96ae2e408fb5 (patch)
tree	7bb8e5cb5b54b80181e5a433d71110f244d6037d /fs/nfs
parent	405d8f8b1d936414da2093d4149ff790ff3f84a5 (diff)

diff --git a/fs/nfs/super.c b/fs/nfs/super.c index 9c85cdb353aa..f3a95df4b95f 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c
@@ -1338,6 +1338,16 @@ static int nfs_walk_authlist(struct nfs_parsed_mount_data *args,
1338	unsigned int i, j, server_authlist_len = *(request->auth_flav_len);	1338	unsigned int i, j, server_authlist_len = *(request->auth_flav_len);
1339		1339
1340	/*	1340	/*
		1341	* Certain releases of Linux's mountd return an empty
		1342	* flavor list. To prevent behavioral regression with
		1343	* these servers (ie. rejecting mounts that used to
		1344	* succeed), revert to pre-2.6.32 behavior (no checking)
		1345	* if the returned flavor list is empty.
		1346	*/
		1347	if (server_authlist_len == 0)
		1348	return 0;
		1349
		1350	/*
1341	* We avoid sophisticated negotiating here, as there are	1351	* We avoid sophisticated negotiating here, as there are
1342	* plenty of cases where we can get it wrong, providing	1352	* plenty of cases where we can get it wrong, providing
1343	* either too little or too much security.	1353	* either too little or too much security.