diff options
| author | J. Bruce Fields <bfields@redhat.com> | 2012-11-05 16:01:48 -0500 |
|---|---|---|
| committer | J. Bruce Fields <bfields@redhat.com> | 2012-11-07 19:40:05 -0500 |
| commit | 12fc3e92d4b18b4e99af624586e1696479ff36ce (patch) | |
| tree | c3e43c4389da8bbbf8de90f044773fc236edfc9c /fs/nfsd | |
| parent | 57725155dc1b8c78b7a96886d5cdc69dc89e9c54 (diff) | |
nfsd4: backchannel should use client-provided security flavor
For now this only adds support for AUTH_NULL. (Previously we assumed
AUTH_UNIX.) We'll also need AUTH_GSS, which is trickier.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd')
| -rw-r--r-- | fs/nfsd/nfs4callback.c | 3 | ||||
| -rw-r--r-- | fs/nfsd/nfs4xdr.c | 14 | ||||
| -rw-r--r-- | fs/nfsd/state.h | 1 |
3 files changed, 13 insertions, 5 deletions
diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c index a1aa18db08fb..7bb187ac1492 100644 --- a/fs/nfsd/nfs4callback.c +++ b/fs/nfsd/nfs4callback.c | |||
| @@ -692,7 +692,7 @@ static int setup_callback_client(struct nfs4_client *clp, struct nfs4_cb_conn *c | |||
| 692 | args.bc_xprt = conn->cb_xprt; | 692 | args.bc_xprt = conn->cb_xprt; |
| 693 | args.prognumber = clp->cl_cb_session->se_cb_prog; | 693 | args.prognumber = clp->cl_cb_session->se_cb_prog; |
| 694 | args.protocol = XPRT_TRANSPORT_BC_TCP; | 694 | args.protocol = XPRT_TRANSPORT_BC_TCP; |
| 695 | args.authflavor = RPC_AUTH_UNIX; | 695 | args.authflavor = ses->se_cb_sec.flavor; |
| 696 | } | 696 | } |
| 697 | /* Create RPC client */ | 697 | /* Create RPC client */ |
| 698 | client = rpc_create(&args); | 698 | client = rpc_create(&args); |
| @@ -709,7 +709,6 @@ static int setup_callback_client(struct nfs4_client *clp, struct nfs4_cb_conn *c | |||
| 709 | clp->cl_cb_client = client; | 709 | clp->cl_cb_client = client; |
| 710 | clp->cl_cb_cred = cred; | 710 | clp->cl_cb_cred = cred; |
| 711 | return 0; | 711 | return 0; |
| 712 | |||
| 713 | } | 712 | } |
| 714 | 713 | ||
| 715 | static void warn_no_callback_path(struct nfs4_client *clp, int reason) | 714 | static void warn_no_callback_path(struct nfs4_client *clp, int reason) |
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index d7e7c110246e..406d0c4620f6 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c | |||
| @@ -425,7 +425,7 @@ nfsd4_decode_access(struct nfsd4_compoundargs *argp, struct nfsd4_access *access | |||
| 425 | static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs) | 425 | static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs) |
| 426 | { | 426 | { |
| 427 | DECODE_HEAD; | 427 | DECODE_HEAD; |
| 428 | u32 dummy; | 428 | u32 dummy, uid, gid; |
| 429 | char *machine_name; | 429 | char *machine_name; |
| 430 | int i; | 430 | int i; |
| 431 | int nr_secflavs; | 431 | int nr_secflavs; |
| @@ -433,12 +433,15 @@ static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_ | |||
| 433 | /* callback_sec_params4 */ | 433 | /* callback_sec_params4 */ |
| 434 | READ_BUF(4); | 434 | READ_BUF(4); |
| 435 | READ32(nr_secflavs); | 435 | READ32(nr_secflavs); |
| 436 | cbs->flavor = (u32)(-1); | ||
| 436 | for (i = 0; i < nr_secflavs; ++i) { | 437 | for (i = 0; i < nr_secflavs; ++i) { |
| 437 | READ_BUF(4); | 438 | READ_BUF(4); |
| 438 | READ32(dummy); | 439 | READ32(dummy); |
| 439 | switch (dummy) { | 440 | switch (dummy) { |
| 440 | case RPC_AUTH_NULL: | 441 | case RPC_AUTH_NULL: |
| 441 | /* Nothing to read */ | 442 | /* Nothing to read */ |
| 443 | if (cbs->flavor == (u32)(-1)) | ||
| 444 | cbs->flavor = RPC_AUTH_NULL; | ||
| 442 | break; | 445 | break; |
| 443 | case RPC_AUTH_UNIX: | 446 | case RPC_AUTH_UNIX: |
| 444 | READ_BUF(8); | 447 | READ_BUF(8); |
| @@ -452,13 +455,18 @@ static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_ | |||
| 452 | 455 | ||
| 453 | /* uid, gid */ | 456 | /* uid, gid */ |
| 454 | READ_BUF(8); | 457 | READ_BUF(8); |
| 455 | READ32(cbs->uid); | 458 | READ32(uid); |
| 456 | READ32(cbs->gid); | 459 | READ32(gid); |
| 457 | 460 | ||
| 458 | /* more gids */ | 461 | /* more gids */ |
| 459 | READ_BUF(4); | 462 | READ_BUF(4); |
| 460 | READ32(dummy); | 463 | READ32(dummy); |
| 461 | READ_BUF(dummy * 4); | 464 | READ_BUF(dummy * 4); |
| 465 | if (cbs->flavor == (u32)(-1)) { | ||
| 466 | cbs->uid = uid; | ||
| 467 | cbs->gid = gid; | ||
| 468 | cbs->flavor = RPC_AUTH_UNIX; | ||
| 469 | } | ||
| 462 | break; | 470 | break; |
| 463 | case RPC_AUTH_GSS: | 471 | case RPC_AUTH_GSS: |
| 464 | dprintk("RPC_AUTH_GSS callback secflavor " | 472 | dprintk("RPC_AUTH_GSS callback secflavor " |
diff --git a/fs/nfsd/state.h b/fs/nfsd/state.h index 0fd342a2174e..0498053b8f0e 100644 --- a/fs/nfsd/state.h +++ b/fs/nfsd/state.h | |||
| @@ -151,6 +151,7 @@ struct nfsd4_channel_attrs { | |||
| 151 | }; | 151 | }; |
| 152 | 152 | ||
| 153 | struct nfsd4_cb_sec { | 153 | struct nfsd4_cb_sec { |
| 154 | u32 flavor; /* (u32)(-1) used to mean "no valid flavor" */ | ||
| 154 | u32 uid; | 155 | u32 uid; |
| 155 | u32 gid; | 156 | u32 gid; |
| 156 | }; | 157 | }; |