evin/ms-nfs41-client
3
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

adding sec flavor to upcall

Browse source
This commit is contained in:
Olga Kornievskaia 2010-12-01 19:11:47 -05:00 committed by unknown
parent b9494c3ccc
commit 3b9f37d5a1
9 changed files with 124 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

12
daemon/daemon_debug.c
View file

@ -506,3 +506,15 @@ void print_sr_status_flags(int level, int flags)
fprintf(dlog_file, "SEQ4_STATUS_DEVID_DELETED ");
fprintf(dlog_file, "\n");
}
const char* secflavorop2name(DWORD sec_flavor)
{
switch(sec_flavor) {
case RPCSEC_AUTH_SYS: return "AUTH_SYS";
case RPCSEC_AUTHGSS_KRB5: return "AUTHGSS_KRB5";
case RPCSEC_AUTHGSS_KRB5I: return "AUTHGSS_KRB5I";
case RPCSEC_AUTHGSS_KRB5P: return "AUTHGSS_KRB5P";
}
return "UNKNOWN FLAVOR";
}

2
daemon/daemon_debug.h
View file

@ -55,7 +55,7 @@ void print_condwait_status(int level, int status);
void print_sr_status_flags(int level, int flags);
void open_log_files();
void close_log_files();
const char* secflavorop2name(DWORD sec_flavor);
/* pnfs_debug.c */
enum pnfs_status;

7
daemon/mount.c
View file

@ -41,9 +41,11 @@ static int parse_mount(unsigned char *buffer, uint32_t length, nfs41_upcall *upc
if(status) goto out;
status = get_name(&buffer, &length, &args->path);
if(status) goto out;
status = safe_read(&buffer, &length, &args->sec_flavor, sizeof(DWORD));
if (status) goto out;
dprintf(1, "parsing NFS14_MOUNT: srv_name=%s root=%s\n",
args->hostname, args->path);
dprintf(1, "parsing NFS14_MOUNT: srv_name=%s root=%s sec_flavor=%s\n",
args->hostname, args->path, secflavorop2name(args->sec_flavor));
out:
return status;
}
@ -74,6 +76,7 @@ static int handle_mount(nfs41_upcall *upcall)
// add a mount
root->uid = upcall->uid;
root->gid = upcall->gid;
root->sec_flavor = args->sec_flavor;
status = nfs41_root_mount_addrs(root, &addrs, 0, 0, &client);
if (status) {
eprintf("nfs41_root_mount() failed with %d\n", status);

2
daemon/namespace.c
View file

@ -354,7 +354,7 @@ int nfs41_root_mount_addrs(
/* create an rpc client */
status = nfs41_rpc_clnt_create(addrs, root->wsize, root->rsize, !is_data,
root->uid, root->gid, &rpc);
root->uid, root->gid, root->sec_flavor, &rpc);
if (status) {
eprintf("nfs41_rpc_clnt_create() failed %d\n", status);
goto out;

2
daemon/nfs41.h
View file

@ -184,6 +184,7 @@ typedef struct __nfs41_root {
LONG ref_count;
uint32_t uid;
uint32_t gid;
DWORD sec_flavor;
} nfs41_root;
@ -352,6 +353,7 @@ int nfs41_rpc_clnt_create(
IN bool_t needcb,
IN uint32_t uid,
IN uint32_t gid,
IN uint32_t sec_flavor,
OUT nfs41_rpc_clnt **rpc_out);
void nfs41_rpc_clnt_free(

53
daemon/nfs41_rpc.c
View file

@ -25,6 +25,7 @@
#include "daemon_debug.h"
#include "nfs41_xdr.h"
#include "nfs41_callback.h"
#include "nfs41_driver.h" /* for AUTH_SYS, AUTHGSS_KRB5s defines */
#include "rpc/rpc.h"
#define SECURITY_WIN32
@ -115,6 +116,7 @@ int nfs41_rpc_clnt_create(
bool_t needcb,
IN uint32_t uid,
IN uint32_t gid,
IN uint32_t sec_flavor,
OUT nfs41_rpc_clnt **rpc_out)
{
CLIENT *client;
@ -148,31 +150,44 @@ int nfs41_rpc_clnt_create(
status = ERROR_NETWORK_UNREACHABLE;
goto out_err_auth;
}
#if 0
// XXX Pick credentials in better manner
if (gethostname(machname, sizeof(machname)) == -1) {
eprintf("nfs41_rpc_clnt_create: gethostname failed\n");
goto out_free_rpc_clnt;
switch (sec_flavor) {
case RPCSEC_AUTH_SYS:
if (gethostname(machname, sizeof(machname)) == -1) {
eprintf("nfs41_rpc_clnt_create: gethostname failed\n");
goto out_free_rpc_clnt;
}
machname[sizeof(machname) - 1] = '\0';
client->cl_auth = authsys_create(machname, uid, gid, 0, gids);
break;
case RPCSEC_AUTHGSS_KRB5:
client->cl_auth = authsspi_create_default(client, server_name,
RPCSEC_SSPI_SVC_NONE);
break;
case RPCSEC_AUTHGSS_KRB5I:
client->cl_auth = authsspi_create_default(client, server_name,
RPCSEC_SSPI_SVC_INTEGRITY);
break;
case RPCSEC_AUTHGSS_KRB5P:
client->cl_auth = authsspi_create_default(client, server_name,
RPCSEC_SSPI_SVC_PRIVACY);
break;
default:
eprintf("nfs41_rpc_clnt_create: unknown rpcsec flavor %d\n",
sec_flavor);
client->cl_auth = NULL;
}
machname[sizeof(machname) - 1] = '\0';
client->cl_auth = authsys_create(machname, uid, gid, 0, gids);
if (client->cl_auth == NULL) {
// XXX log failure in auth creation somewhere
// XXX Better error return
eprintf("nfs41_rpc_clnt_create: failed to create AUTHSYS\n");
eprintf("nfs41_rpc_clnt_create: failed to create %s\n",
secflavorop2name(sec_flavor));
status = ERROR_NETWORK_UNREACHABLE;
goto out_err_client;
} else dprintf(1, "nfs41_rpc_clnt_create: successfully created AUTHSYS\n");
#else
client->cl_auth = authsspi_create_default(client, server_name, RPCSEC_SSPI_SVC_NONE);
#endif
if (client->cl_auth == NULL) {
// XXX log failure in auth creation somewhere
// XXX Better error return
eprintf("nfs41_rpc_clnt_create: failed to create AUTHGSS\n");
status = ERROR_NETWORK_UNREACHABLE;
goto out_err_client;
} else dprintf(1, "nfs41_rpc_clnt_create: successfully created AUTHGSS\n");
} else
dprintf(1, "nfs41_rpc_clnt_create: successfully created %s\n",
secflavorop2name(sec_flavor));
free(server_name);
rpc->rpc = client;

1
daemon/upcall.h
View file

@ -32,6 +32,7 @@ typedef struct __mount_upcall_args {
const char *hostname;
const char *path;
nfs41_root *root;
DWORD sec_flavor;
} mount_upcall_args;
typedef struct __unmount_upcall_args {