diff options
author | Chuck Lever <chuck.lever@oracle.com> | 2009-08-21 17:50:30 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2009-08-23 23:43:57 -0400 |
commit | 5eecfde615894dc1c2e3f85b515a96ae2e408fb5 (patch) | |
tree | 7bb8e5cb5b54b80181e5a433d71110f244d6037d /fs | |
parent | 405d8f8b1d936414da2093d4149ff790ff3f84a5 (diff) |
NFS: Handle a zero-length auth flavor list
Some releases of Linux rpc.mountd (nfs-utils 1.1.4 and later) return an
empty auth flavor list if no sec= was specified for the export. This is
notably broken server behavior.
The new auth flavor list checking added in a recent commit rejects this
case. The OpenSolaris client does too.
The broken mountd implementation is already widely deployed. To avoid
a behavioral regression, the kernel's mount client skips flavor checking
(ie reverts to the pre-2.6.32 behavior) if mountd returns an empty
flavor list.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/nfs/super.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/fs/nfs/super.c b/fs/nfs/super.c index 9c85cdb353aa..f3a95df4b95f 100644 --- a/fs/nfs/super.c +++ b/fs/nfs/super.c | |||
@@ -1338,6 +1338,16 @@ static int nfs_walk_authlist(struct nfs_parsed_mount_data *args, | |||
1338 | unsigned int i, j, server_authlist_len = *(request->auth_flav_len); | 1338 | unsigned int i, j, server_authlist_len = *(request->auth_flav_len); |
1339 | 1339 | ||
1340 | /* | 1340 | /* |
1341 | * Certain releases of Linux's mountd return an empty | ||
1342 | * flavor list. To prevent behavioral regression with | ||
1343 | * these servers (ie. rejecting mounts that used to | ||
1344 | * succeed), revert to pre-2.6.32 behavior (no checking) | ||
1345 | * if the returned flavor list is empty. | ||
1346 | */ | ||
1347 | if (server_authlist_len == 0) | ||
1348 | return 0; | ||
1349 | |||
1350 | /* | ||
1341 | * We avoid sophisticated negotiating here, as there are | 1351 | * We avoid sophisticated negotiating here, as there are |
1342 | * plenty of cases where we can get it wrong, providing | 1352 | * plenty of cases where we can get it wrong, providing |
1343 | * either too little or too much security. | 1353 | * either too little or too much security. |