MFC: r298523

Allow the NFSv4 server to reply NFSERR_WRONGSEC for the SetClientID operation. It was reported via email that a Linux client couldn't do a Kerberized NFS mount when only "sec=krb5" was specified for the exports. The Linux client attempted a mount via krb5i and the server replied NFSERR_SERVERFAULT. Although NFSERR_WRONGSEC isn't listed as an error for SetClientID, I think it is the correct reply, so this patch enables that. I do not know if this fixes the mount attempt, but adding "krb5i" to the list of allowed security flavours does allow the mount to work.
author: rmacklem <rmacklem@FreeBSD.org> 2016-05-07 20:17:23 +0000
committer: rmacklem <rmacklem@FreeBSD.org> 2016-05-07 20:17:23 +0000
commit: 2896a257180eedb682efef6d421b860208065553 (patch)
tree: 4f76206a86d846299f12a7f8de5aededd3a8f6d0
parent: 2051c9b023f12da3a8b40342d4484f3cf8069b83 (diff)
download: FreeBSD-src-2896a257180eedb682efef6d421b860208065553.zip
FreeBSD-src-2896a257180eedb682efef6d421b860208065553.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/fs/nfsserver/nfs_nfsdsubs.c b/sys/fs/nfsserver/nfs_nfsdsubs.c
index 986a0f4..0fb1cda 100644
--- a/sys/fs/nfsserver/nfs_nfsdsubs.c
+++ b/sys/fs/nfsserver/nfs_nfsdsubs.c
@@ -1144,6 +1144,7 @@ static short nfsv4err_setclientid[] = {
 	NFSERR_INVAL,
 	NFSERR_RESOURCE,
 	NFSERR_SERVERFAULT,
+	NFSERR_WRONGSEC,
 	0,
 };
author	rmacklem <rmacklem@FreeBSD.org>	2016-05-07 20:17:23 +0000
committer	rmacklem <rmacklem@FreeBSD.org>	2016-05-07 20:17:23 +0000
commit	2896a257180eedb682efef6d421b860208065553 (patch)
tree	4f76206a86d846299f12a7f8de5aededd3a8f6d0
parent	2051c9b023f12da3a8b40342d4484f3cf8069b83 (diff)
download	FreeBSD-src-2896a257180eedb682efef6d421b860208065553.zip FreeBSD-src-2896a257180eedb682efef6d421b860208065553.tar.gz