adding auth_sys to cb sec types

in create_session we were sending auth_none as available security types
for the callback channel. Adding auth_sys to the list. No enforcement of
these creds happens.

daemon/nfs41_ops.c

@@ -122,6 +122,10 @@ int nfs41_create_session(nfs41_client *clnt, nfs41_session *session, bool_t try_
     ReleaseSRWLockShared(&clnt->exid_lock);
     req.csa_flags = session->flags;
     req.csa_cb_program = NFS41_RPC_CBPROGRAM;
+    req.csa_cb_secparams[0].type = 0; /* AUTH_NONE */
+    req.csa_cb_secparams[1].type = 1; /* AUTH_SYS */
+    req.csa_cb_secparams[1].u.auth_sys.machinename = clnt->rpc->server_name;
+    req.csa_cb_secparams[1].u.auth_sys.stamp = time(NULL);
 
     // ca_maxrequests should be gotten from the rpc layer
     set_fore_channel_attrs(clnt->rpc,

daemon/nfs41_ops.h

@@ -141,6 +141,24 @@ typedef struct __nfs41_exchange_id_res {
     char                    server_scope[NFS4_OPAQUE_LIMIT];
 } nfs41_exchange_id_res;
 
+typedef struct __nfs41_callback_sec_parms {
+    uint32_t type;
+    union {
+        /* case AUTH_SYS */
+        struct __authsys_parms {
+            uint32_t        stamp;
+            char            *machinename;
+        } auth_sys;
+        /* case RPCSEC_GSS */
+        struct __rpcsec_gss_parms {
+            uint32_t        gss_srv_type;
+            char            *srv_gssctx_handle;
+            uint32_t         srv_gssctx_hdle_len;
+            char            *clnt_gssctx_handle;
+            uint32_t        clnt_gssctx_hdle_len;
+        } rpcsec_gss;
+    } u;
+} nfs41_callback_secparms;
 
 /* OP_CREATE_SESSION */
 typedef struct __nfs41_create_session_args {
@@ -150,6 +168,7 @@ typedef struct __nfs41_create_session_args {
     nfs41_channel_attrs     csa_fore_chan_attrs;
     nfs41_channel_attrs     csa_back_chan_attrs;
     uint32_t                csa_cb_program;
+    nfs41_callback_secparms csa_cb_secparams[2];
 } nfs41_create_session_args;
 
 typedef struct __nfs41_create_session_res {

daemon/nfs41_xdr.c

@@ -29,7 +29,7 @@
 #include "nfs41_xdr.h"
 #include "util.h"
 #include "daemon_debug.h"
-
+#include "rpc/rpc.h"
 
 static bool_t encode_file_attrs(
     fattr4 *attrs,
@@ -775,13 +775,26 @@ static bool_t xdr_channel_attrs4(
 
 static bool_t encode_backchannel_sec_parms(
     XDR *xdr,
-    nfs41_create_session_args *args)
+    nfs41_callback_secparms *args)
 {
-    uint32_t one = 1, auth_none = 0;
+    uint32_t zero = 0;
 
-    /* encore an array with only { AUTH_NONE } */
-    return xdr_u_int32_t(xdr, &one)
-        && xdr_u_int32_t(xdr, &auth_none);
+    if (!xdr_u_int32_t(xdr, &args->type))
+        return FALSE;
+
+    switch (args->type)  {
+    case AUTH_NONE: return TRUE;
+    case AUTH_SYS:
+        if (!xdr_u_int32_t(xdr, &args->u.auth_sys.stamp))
+            return FALSE;
+        if (!xdr_string(xdr, &args->u.auth_sys.machinename, NI_MAXHOST))
+            return FALSE;
+        return xdr_u_int32_t(xdr, &zero) && xdr_u_int32_t(xdr, &zero) && 
+                xdr_u_int32_t(xdr, &zero);
+    case RPCSEC_GSS:
+    default:
+        return FALSE;
+    }
 }
 
 static bool_t encode_op_create_session(
@@ -789,6 +802,8 @@ static bool_t encode_op_create_session(
     nfs_argop4 *argop)
 {
     nfs41_create_session_args *args = (nfs41_create_session_args*)argop->arg;
+    nfs41_callback_secparms *cb_secparams = args->csa_cb_secparams;
+    uint32_t cb_count = 2;
 
     if (unexpected_op(argop->op, OP_CREATE_SESSION))
         return FALSE;
@@ -817,7 +832,8 @@ static bool_t encode_op_create_session(
     if (!xdr_u_int32_t(xdr, &args->csa_cb_program))
         return FALSE;
 
-    return encode_backchannel_sec_parms(xdr, args);
+    return xdr_array(xdr, (char **)&cb_secparams, &cb_count,
+        3, sizeof(nfs41_callback_secparms), (xdrproc_t) encode_backchannel_sec_parms);
 }
 
 static bool_t decode_op_create_session(