Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 23 May 2009 00:40:17 +0000 (UTC)
From:      Rick Macklem <rmacklem@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r192616 - head/sys/fs/nfs
Message-ID:  <200905230040.n4N0eHJ7023948@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: rmacklem
Date: Sat May 23 00:40:17 2009
New Revision: 192616
URL: http://svn.freebsd.org/changeset/base/192616

Log:
  Fix the rpc_gss_secfind() call in nfs_commonkrpc.c so that
  the code will build when "options KGSSAPI" is specified
  without requiring the proposed changes that add host based
  initiator principal support. It will not handle the case where
  the client uses a host based initiator principal until those
  changes are committed. The code that uses those changes is
  #ifdef'd notyet until the krpc rpcsec_changes are committed.
  
  Approved by:	kib (mentor)

Modified:
  head/sys/fs/nfs/nfs_commonkrpc.c

Modified: head/sys/fs/nfs/nfs_commonkrpc.c
==============================================================================
--- head/sys/fs/nfs/nfs_commonkrpc.c	Sat May 23 00:07:55 2009	(r192615)
+++ head/sys/fs/nfs/nfs_commonkrpc.c	Sat May 23 00:40:17 2009	(r192616)
@@ -299,8 +299,10 @@ nfs_getauth(struct nfssockreq *nrp, int 
 #ifdef KGSSAPI
 	rpc_gss_service_t svc;
 	AUTH *auth;
+#ifdef notyet
 	rpc_gss_options_req_t req_options;
 #endif
+#endif
 
 	switch (secflavour) {
 #ifdef KGSSAPI
@@ -317,6 +319,7 @@ nfs_getauth(struct nfssockreq *nrp, int 
 			svc = rpc_gss_svc_integrity;
 		else
 			svc = rpc_gss_svc_privacy;
+#ifdef notyet
 		req_options.req_flags = GSS_C_MUTUAL_FLAG;
 		req_options.time_req = 0;
 		req_options.my_cred = GSS_C_NO_CREDENTIAL;
@@ -326,8 +329,20 @@ nfs_getauth(struct nfssockreq *nrp, int 
 		auth = rpc_gss_secfind(nrp->nr_client, cred,
 		    clnt_principal, srv_principal, mech_oid, svc,
 		    &req_options);
-		return (auth);
+#else
+		/*
+		 * Until changes to the rpcsec_gss code are committed,
+		 * there is no support for host based initiator
+		 * principals. As such, that case cannot yet be handled.
+		 */
+		if (clnt_principal == NULL)
+			auth = rpc_gss_secfind(nrp->nr_client, cred,
+			    srv_principal, mech_oid, svc);
+		else
+			auth = NULL;
 #endif
+		return (auth);
+#endif	/* KGSSAPI */
 	case AUTH_SYS:
 	default:
 		return (authunix_create(cred));

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905230040.n4N0eHJ7023948>