first stab at SECINFO

handling receiving WRONGSEC error in compound_encode_decode function by sending either SECINFO or SECINFO_NONAME op to find out available security flavors from the server. then try to establish new security context given the ordered list returned by the server. Not handling if parent directory doesn't permit a security flavor of its child directory. Example "/" exported with only auth_sys and "/sec" exported with only "gss".
2011-06-30 12:21:07 -04:00 · 2011-06-30 12:21:07 -04:00 · c570ba2383
commit c570ba2383
parent 939db9c80b
3 changed files with 189 additions and 7 deletions
--- a/daemon/nfs41_ops.c
+++ b/daemon/nfs41_ops.c
@ -1682,15 +1682,19 @@ int nfs41_secinfo(
    if (status)
        goto out;

-    compound_add_op(&compound, OP_PUTFH, &putfh_args, &putfh_res);
-    putfh_args.file = file;
-    putfh_args.in_recovery = 0;
+    if (file == NULL) 
+        compound_add_op(&compound, OP_PUTROOTFH, NULL, &putfh_res);
+    else {
+        compound_add_op(&compound, OP_PUTFH, &putfh_args, &putfh_res);
+        putfh_args.file = file;
+        putfh_args.in_recovery = 0;
+    }

    compound_add_op(&compound, OP_SECINFO, &secinfo_args, &secinfo_res);
    secinfo_args.name = name;
    secinfo_res.secinfo = secinfo;

-    status = compound_encode_send_decode(session, &compound, TRUE);
+    status = compound_encode_send_decode(session, &compound, FALSE);
    if (status)
        goto out;

@ -1701,6 +1705,7 @@ out:

 int nfs41_secinfo_noname(
    IN nfs41_session *session,
+    IN nfs41_path_fh *file,
    OUT nfs41_secinfo_info *secinfo)
 {
    int status;
@ -1709,6 +1714,7 @@ int nfs41_secinfo_noname(
    nfs_resop4 resops[3];
    nfs41_sequence_args sequence_args;
    nfs41_sequence_res sequence_res;
+    nfs41_putfh_args putfh_args;
    nfs41_putfh_res putfh_res;
    nfs41_secinfo_noname_args noname_args;
    nfs41_secinfo_noname_res noname_res;
@ -1720,13 +1726,19 @@ int nfs41_secinfo_noname(
    if (status)
        goto out;

-    compound_add_op(&compound, OP_PUTROOTFH, NULL, &putfh_res);
+    if (file == NULL) 
+        compound_add_op(&compound, OP_PUTROOTFH, NULL, &putfh_res);
+    else {
+        compound_add_op(&compound, OP_PUTFH, &putfh_args, &putfh_res);
+        putfh_args.file = file;
+        putfh_args.in_recovery = 0;
+    }

    compound_add_op(&compound, OP_SECINFO_NO_NAME, &noname_args, &noname_res);
    noname_args.type = SECINFO_STYLE4_CURRENT_FH;
    noname_res.secinfo = secinfo;

-    status = compound_encode_send_decode(session, &compound, TRUE);
+    status = compound_encode_send_decode(session, &compound, FALSE);
    if (status)
        goto out;