From owner-freebsd-hackers Tue Sep 14 2:26:54 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from herring.nlsystems.com (nlsys.demon.co.uk [158.152.125.33]) by hub.freebsd.org (Postfix) with ESMTP id 11DE815765 for ; Tue, 14 Sep 1999 02:26:46 -0700 (PDT) (envelope-from dfr@nlsystems.com) Received: from salmon.nlsystems.com (salmon.nlsystems.com [10.0.0.3]) by herring.nlsystems.com (8.9.3/8.8.8) with ESMTP id KAA28993; Tue, 14 Sep 1999 10:28:00 +0100 (BST) (envelope-from dfr@nlsystems.com) Date: Tue, 14 Sep 1999 10:28:00 +0100 (BST) From: Doug Rabson To: Alfred Perlstein Cc: Zhihui Zhang , freebsd-hackers@FreeBSD.ORG Subject: Re: NFS authentication In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 14 Sep 1999, Alfred Perlstein wrote: > > On Tue, 14 Sep 1999, Doug Rabson wrote: > > > On Mon, 13 Sep 1999, Zhihui Zhang wrote: > > > > > > > > I am wondering where the NFS authentication is done in FreeBSD. Is it done > > > by the NFS daemon mountd (or other daemon) or within the kernel? Can > > > anyone give me a pointer? Thanks a lot. > > > > Kerberos authentication is done by nfsd. The kernel returns ENEEDAUTH from > > the nfssvc() call and nfsd does the authentication, passing the results > > back via nfssvc(). I don't think this code is actually used by anyone so > > there is a strong possibility that it doesn't work at all. > > nfs_socket.c:#ifdef NFSKERB > nfs_socket.c- XXX > nfs_socket.c-#endif > > There is some work already there, it's just incomplete. I have a feeling that it was once complete but was ripped out for crypto-export reasons. -- Doug Rabson Mail: dfr@nlsystems.com Nonlinear Systems Ltd. Phone: +44 181 442 9037 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message