From owner-svn-src-head@FreeBSD.ORG Sat May 23 00:40:17 2009 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B0A5106564A; Sat, 23 May 2009 00:40:17 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 5F4428FC13; Sat, 23 May 2009 00:40:17 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n4N0eHYi023951; Sat, 23 May 2009 00:40:17 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n4N0eHJ7023948; Sat, 23 May 2009 00:40:17 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <200905230040.n4N0eHJ7023948@svn.freebsd.org> From: Rick Macklem Date: Sat, 23 May 2009 00:40:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r192616 - head/sys/fs/nfs X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 May 2009 00:40:18 -0000 Author: rmacklem Date: Sat May 23 00:40:17 2009 New Revision: 192616 URL: http://svn.freebsd.org/changeset/base/192616 Log: Fix the rpc_gss_secfind() call in nfs_commonkrpc.c so that the code will build when "options KGSSAPI" is specified without requiring the proposed changes that add host based initiator principal support. It will not handle the case where the client uses a host based initiator principal until those changes are committed. The code that uses those changes is #ifdef'd notyet until the krpc rpcsec_changes are committed. Approved by: kib (mentor) Modified: head/sys/fs/nfs/nfs_commonkrpc.c Modified: head/sys/fs/nfs/nfs_commonkrpc.c ============================================================================== --- head/sys/fs/nfs/nfs_commonkrpc.c Sat May 23 00:07:55 2009 (r192615) +++ head/sys/fs/nfs/nfs_commonkrpc.c Sat May 23 00:40:17 2009 (r192616) @@ -299,8 +299,10 @@ nfs_getauth(struct nfssockreq *nrp, int #ifdef KGSSAPI rpc_gss_service_t svc; AUTH *auth; +#ifdef notyet rpc_gss_options_req_t req_options; #endif +#endif switch (secflavour) { #ifdef KGSSAPI @@ -317,6 +319,7 @@ nfs_getauth(struct nfssockreq *nrp, int svc = rpc_gss_svc_integrity; else svc = rpc_gss_svc_privacy; +#ifdef notyet req_options.req_flags = GSS_C_MUTUAL_FLAG; req_options.time_req = 0; req_options.my_cred = GSS_C_NO_CREDENTIAL; @@ -326,8 +329,20 @@ nfs_getauth(struct nfssockreq *nrp, int auth = rpc_gss_secfind(nrp->nr_client, cred, clnt_principal, srv_principal, mech_oid, svc, &req_options); - return (auth); +#else + /* + * Until changes to the rpcsec_gss code are committed, + * there is no support for host based initiator + * principals. As such, that case cannot yet be handled. + */ + if (clnt_principal == NULL) + auth = rpc_gss_secfind(nrp->nr_client, cred, + srv_principal, mech_oid, svc); + else + auth = NULL; #endif + return (auth); +#endif /* KGSSAPI */ case AUTH_SYS: default: return (authunix_create(cred));