aboutsummaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/auth_gss.c26
1 files changed, 16 insertions, 10 deletions
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 1e8cced55ff7..e630b38a6047 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -369,7 +369,7 @@ static void gss_encode_v0_msg(struct gss_upcall_msg *gss_msg)
369} 369}
370 370
371static void gss_encode_v1_msg(struct gss_upcall_msg *gss_msg, 371static void gss_encode_v1_msg(struct gss_upcall_msg *gss_msg,
372 struct rpc_clnt *clnt) 372 struct rpc_clnt *clnt, int machine_cred)
373{ 373{
374 char *p = gss_msg->databuf; 374 char *p = gss_msg->databuf;
375 int len = 0; 375 int len = 0;
@@ -383,6 +383,15 @@ static void gss_encode_v1_msg(struct gss_upcall_msg *gss_msg,
383 p += len; 383 p += len;
384 gss_msg->msg.len += len; 384 gss_msg->msg.len += len;
385 } 385 }
386 if (machine_cred) {
387 len = sprintf(p, "service=* ");
388 p += len;
389 gss_msg->msg.len += len;
390 } else if (!strcmp(clnt->cl_program->name, "nfs4_cb")) {
391 len = sprintf(p, "service=nfs ");
392 p += len;
393 gss_msg->msg.len += len;
394 }
386 len = sprintf(p, "\n"); 395 len = sprintf(p, "\n");
387 gss_msg->msg.len += len; 396 gss_msg->msg.len += len;
388 397
@@ -391,16 +400,17 @@ static void gss_encode_v1_msg(struct gss_upcall_msg *gss_msg,
391} 400}
392 401
393static void gss_encode_msg(struct gss_upcall_msg *gss_msg, 402static void gss_encode_msg(struct gss_upcall_msg *gss_msg,
394 struct rpc_clnt *clnt) 403 struct rpc_clnt *clnt, int machine_cred)
395{ 404{
396 if (pipe_version == 0) 405 if (pipe_version == 0)
397 gss_encode_v0_msg(gss_msg); 406 gss_encode_v0_msg(gss_msg);
398 else /* pipe_version == 1 */ 407 else /* pipe_version == 1 */
399 gss_encode_v1_msg(gss_msg, clnt); 408 gss_encode_v1_msg(gss_msg, clnt, machine_cred);
400} 409}
401 410
402static inline struct gss_upcall_msg * 411static inline struct gss_upcall_msg *
403gss_alloc_msg(struct gss_auth *gss_auth, uid_t uid, struct rpc_clnt *clnt) 412gss_alloc_msg(struct gss_auth *gss_auth, uid_t uid, struct rpc_clnt *clnt,
413 int machine_cred)
404{ 414{
405 struct gss_upcall_msg *gss_msg; 415 struct gss_upcall_msg *gss_msg;
406 int vers; 416 int vers;
@@ -420,7 +430,7 @@ gss_alloc_msg(struct gss_auth *gss_auth, uid_t uid, struct rpc_clnt *clnt)
420 atomic_set(&gss_msg->count, 1); 430 atomic_set(&gss_msg->count, 1);
421 gss_msg->uid = uid; 431 gss_msg->uid = uid;
422 gss_msg->auth = gss_auth; 432 gss_msg->auth = gss_auth;
423 gss_encode_msg(gss_msg, clnt); 433 gss_encode_msg(gss_msg, clnt, machine_cred);
424 return gss_msg; 434 return gss_msg;
425} 435}
426 436
@@ -432,11 +442,7 @@ gss_setup_upcall(struct rpc_clnt *clnt, struct gss_auth *gss_auth, struct rpc_cr
432 struct gss_upcall_msg *gss_new, *gss_msg; 442 struct gss_upcall_msg *gss_new, *gss_msg;
433 uid_t uid = cred->cr_uid; 443 uid_t uid = cred->cr_uid;
434 444
435 /* Special case: rpc.gssd assumes that uid == 0 implies machine creds */ 445 gss_new = gss_alloc_msg(gss_auth, uid, clnt, gss_cred->gc_machine_cred);
436 if (gss_cred->gc_machine_cred != 0)
437 uid = 0;
438
439 gss_new = gss_alloc_msg(gss_auth, uid, clnt);
440 if (IS_ERR(gss_new)) 446 if (IS_ERR(gss_new))
441 return gss_new; 447 return gss_new;
442 gss_msg = gss_add_msg(gss_auth, gss_new); 448 gss_msg = gss_add_msg(gss_auth, gss_new);