diff options
author | J. Bruce Fields <bfields@redhat.com> | 2012-11-05 16:01:48 -0500 |
---|---|---|
committer | J. Bruce Fields <bfields@redhat.com> | 2012-11-07 19:40:05 -0500 |
commit | 12fc3e92d4b18b4e99af624586e1696479ff36ce (patch) | |
tree | c3e43c4389da8bbbf8de90f044773fc236edfc9c | |
parent | 57725155dc1b8c78b7a96886d5cdc69dc89e9c54 (diff) | |
download | linux-12fc3e92d4b18b4e99af624586e1696479ff36ce.tar.gz linux-12fc3e92d4b18b4e99af624586e1696479ff36ce.tar.bz2 linux-12fc3e92d4b18b4e99af624586e1696479ff36ce.zip |
nfsd4: backchannel should use client-provided security flavor
For now this only adds support for AUTH_NULL. (Previously we assumed
AUTH_UNIX.) We'll also need AUTH_GSS, which is trickier.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
-rw-r--r-- | fs/nfsd/nfs4callback.c | 3 | ||||
-rw-r--r-- | fs/nfsd/nfs4xdr.c | 14 | ||||
-rw-r--r-- | fs/nfsd/state.h | 1 |
3 files changed, 13 insertions, 5 deletions
diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c index a1aa18db08fb..7bb187ac1492 100644 --- a/fs/nfsd/nfs4callback.c +++ b/fs/nfsd/nfs4callback.c @@ -692,7 +692,7 @@ static int setup_callback_client(struct nfs4_client *clp, struct nfs4_cb_conn *c args.bc_xprt = conn->cb_xprt; args.prognumber = clp->cl_cb_session->se_cb_prog; args.protocol = XPRT_TRANSPORT_BC_TCP; - args.authflavor = RPC_AUTH_UNIX; + args.authflavor = ses->se_cb_sec.flavor; } /* Create RPC client */ client = rpc_create(&args); @@ -709,7 +709,6 @@ static int setup_callback_client(struct nfs4_client *clp, struct nfs4_cb_conn *c clp->cl_cb_client = client; clp->cl_cb_cred = cred; return 0; - } static void warn_no_callback_path(struct nfs4_client *clp, int reason) diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index d7e7c110246e..406d0c4620f6 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c @@ -425,7 +425,7 @@ nfsd4_decode_access(struct nfsd4_compoundargs *argp, struct nfsd4_access *access static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_cb_sec *cbs) { DECODE_HEAD; - u32 dummy; + u32 dummy, uid, gid; char *machine_name; int i; int nr_secflavs; @@ -433,12 +433,15 @@ static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_ /* callback_sec_params4 */ READ_BUF(4); READ32(nr_secflavs); + cbs->flavor = (u32)(-1); for (i = 0; i < nr_secflavs; ++i) { READ_BUF(4); READ32(dummy); switch (dummy) { case RPC_AUTH_NULL: /* Nothing to read */ + if (cbs->flavor == (u32)(-1)) + cbs->flavor = RPC_AUTH_NULL; break; case RPC_AUTH_UNIX: READ_BUF(8); @@ -452,13 +455,18 @@ static __be32 nfsd4_decode_cb_sec(struct nfsd4_compoundargs *argp, struct nfsd4_ /* uid, gid */ READ_BUF(8); - READ32(cbs->uid); - READ32(cbs->gid); + READ32(uid); + READ32(gid); /* more gids */ READ_BUF(4); READ32(dummy); READ_BUF(dummy * 4); + if (cbs->flavor == (u32)(-1)) { + cbs->uid = uid; + cbs->gid = gid; + cbs->flavor = RPC_AUTH_UNIX; + } break; case RPC_AUTH_GSS: dprintk("RPC_AUTH_GSS callback secflavor " diff --git a/fs/nfsd/state.h b/fs/nfsd/state.h index 0fd342a2174e..0498053b8f0e 100644 --- a/fs/nfsd/state.h +++ b/fs/nfsd/state.h @@ -151,6 +151,7 @@ struct nfsd4_channel_attrs { }; struct nfsd4_cb_sec { + u32 flavor; /* (u32)(-1) used to mean "no valid flavor" */ u32 uid; u32 gid; }; |