Date: Tue, 23 Jun 2015 11:55:33 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 201073] [nfsclient] RPCSEC_GSS principal includes inappropriate directory path Message-ID: <bug-201073-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201073 Bug ID: 201073 Summary: [nfsclient] RPCSEC_GSS principal includes inappropriate directory path Product: Base System Version: 10.1-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: masato@itc.naist.jp NFS client requests invalid principal name for RPCSEC_GSS security. The man page mount_nfs(8) explains that default principal name is nfs@<server-fqdn>, but NFS client uses nfs@<rhost>:<path> which includes inappropriate directory path. Workaround: Explicitly use principal option for mount_nfs command. Fix: =================================================================== --- sys/fs/nfsclient/nfs_clvfsops.c (revision 284717) +++ sys/fs/nfsclient/nfs_clvfsops.c (working copy) @@ -774,7 +774,7 @@ struct thread *td; char hst[MNAMELEN]; u_char nfh[NFSX_FHMAX], krbname[100], dirpath[100], srvkrbname[100]; - char *opt, *name, *secname; + char *opt, *name, *secname, *cp; int nametimeo = NFS_DEFAULT_NAMETIMEO; int negnametimeo = NFS_DEFAULT_NEGNAMETIMEO; int minvers = 0; @@ -1153,8 +1153,13 @@ if (vfs_getopt(mp->mnt_optnew, "principal", (void **)&name, NULL) == 0) strlcpy(srvkrbname, name, sizeof (srvkrbname)); - else + else { snprintf(srvkrbname, sizeof (srvkrbname), "nfs@%s", hst); + cp = strchr(srvkrbname, ':'); + if (cp != NULL) { + *cp = '\0'; + } + } srvkrbnamelen = strlen(srvkrbname); if (vfs_getopt(mp->mnt_optnew, "gssname", (void **)&name, NULL) == 0) -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-201073-8>