diff options
author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2008-03-12 12:12:16 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2008-03-14 13:42:32 -0400 |
commit | af093835774931de898a9baf7b4041fa0d100f77 (patch) | |
tree | f7617eb4556ead8615f6c26d8b02fcec8f64c6b3 /net/sunrpc/auth_unix.c | |
parent | 25337fdc85951dfeac944f16cb565904c619077a (diff) |
SUNRPC: Fix RPCAUTH_LOOKUP_ROOTCREDS
The current RPCAUTH_LOOKUP_ROOTCREDS flag only works for AUTH_SYS
authentication, and then only as a special case in the code. This patch
removes the auth_sys special casing, and replaces it with generic code.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net/sunrpc/auth_unix.c')
-rw-r--r-- | net/sunrpc/auth_unix.c | 56 |
1 files changed, 24 insertions, 32 deletions
diff --git a/net/sunrpc/auth_unix.c b/net/sunrpc/auth_unix.c index 5ed91e5bcee4..b763710d3dbd 100644 --- a/net/sunrpc/auth_unix.c +++ b/net/sunrpc/auth_unix.c | |||
@@ -60,7 +60,8 @@ static struct rpc_cred * | |||
60 | unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) | 60 | unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) |
61 | { | 61 | { |
62 | struct unx_cred *cred; | 62 | struct unx_cred *cred; |
63 | int i; | 63 | unsigned int groups = 0; |
64 | unsigned int i; | ||
64 | 65 | ||
65 | dprintk("RPC: allocating UNIX cred for uid %d gid %d\n", | 66 | dprintk("RPC: allocating UNIX cred for uid %d gid %d\n", |
66 | acred->uid, acred->gid); | 67 | acred->uid, acred->gid); |
@@ -70,21 +71,17 @@ unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) | |||
70 | 71 | ||
71 | rpcauth_init_cred(&cred->uc_base, acred, auth, &unix_credops); | 72 | rpcauth_init_cred(&cred->uc_base, acred, auth, &unix_credops); |
72 | cred->uc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE; | 73 | cred->uc_base.cr_flags = 1UL << RPCAUTH_CRED_UPTODATE; |
73 | if (flags & RPCAUTH_LOOKUP_ROOTCREDS) { | 74 | |
74 | cred->uc_uid = 0; | 75 | if (acred->group_info != NULL) |
75 | cred->uc_gid = 0; | 76 | groups = acred->group_info->ngroups; |
76 | cred->uc_gids[0] = NOGROUP; | 77 | if (groups > NFS_NGROUPS) |
77 | } else { | 78 | groups = NFS_NGROUPS; |
78 | int groups = acred->group_info->ngroups; | 79 | |
79 | if (groups > NFS_NGROUPS) | 80 | cred->uc_gid = acred->gid; |
80 | groups = NFS_NGROUPS; | 81 | for (i = 0; i < groups; i++) |
81 | 82 | cred->uc_gids[i] = GROUP_AT(acred->group_info, i); | |
82 | cred->uc_gid = acred->gid; | 83 | if (i < NFS_NGROUPS) |
83 | for (i = 0; i < groups; i++) | 84 | cred->uc_gids[i] = NOGROUP; |
84 | cred->uc_gids[i] = GROUP_AT(acred->group_info, i); | ||
85 | if (i < NFS_NGROUPS) | ||
86 | cred->uc_gids[i] = NOGROUP; | ||
87 | } | ||
88 | 85 | ||
89 | return &cred->uc_base; | 86 | return &cred->uc_base; |
90 | } | 87 | } |
@@ -118,26 +115,21 @@ static int | |||
118 | unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int flags) | 115 | unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int flags) |
119 | { | 116 | { |
120 | struct unx_cred *cred = container_of(rcred, struct unx_cred, uc_base); | 117 | struct unx_cred *cred = container_of(rcred, struct unx_cred, uc_base); |
121 | int i; | 118 | unsigned int groups = 0; |
119 | unsigned int i; | ||
122 | 120 | ||
123 | if (!(flags & RPCAUTH_LOOKUP_ROOTCREDS)) { | ||
124 | int groups; | ||
125 | 121 | ||
126 | if (cred->uc_uid != acred->uid | 122 | if (cred->uc_uid != acred->uid || cred->uc_gid != acred->gid) |
127 | || cred->uc_gid != acred->gid) | 123 | return 0; |
128 | return 0; | ||
129 | 124 | ||
125 | if (acred->group_info != NULL) | ||
130 | groups = acred->group_info->ngroups; | 126 | groups = acred->group_info->ngroups; |
131 | if (groups > NFS_NGROUPS) | 127 | if (groups > NFS_NGROUPS) |
132 | groups = NFS_NGROUPS; | 128 | groups = NFS_NGROUPS; |
133 | for (i = 0; i < groups ; i++) | 129 | for (i = 0; i < groups ; i++) |
134 | if (cred->uc_gids[i] != GROUP_AT(acred->group_info, i)) | 130 | if (cred->uc_gids[i] != GROUP_AT(acred->group_info, i)) |
135 | return 0; | 131 | return 0; |
136 | return 1; | 132 | return 1; |
137 | } | ||
138 | return (cred->uc_uid == 0 | ||
139 | && cred->uc_gid == 0 | ||
140 | && cred->uc_gids[0] == (gid_t) NOGROUP); | ||
141 | } | 133 | } |
142 | 134 | ||
143 | /* | 135 | /* |