diff options
author | rmacklem <rmacklem@FreeBSD.org> | 2009-05-23 00:40:17 +0000 |
---|---|---|
committer | rmacklem <rmacklem@FreeBSD.org> | 2009-05-23 00:40:17 +0000 |
commit | e4503afc8fe8d45c4af7beee9b57dc8e6fa5f0d0 (patch) | |
tree | ab670702610e314e600fdad18d8a68fc56d5e3bf /sys/fs/nfs/nfs_commonkrpc.c | |
parent | 8fc598097ff95cd9bd49e98ae0b30fc15ee228bc (diff) | |
download | FreeBSD-src-e4503afc8fe8d45c4af7beee9b57dc8e6fa5f0d0.zip FreeBSD-src-e4503afc8fe8d45c4af7beee9b57dc8e6fa5f0d0.tar.gz |
Fix the rpc_gss_secfind() call in nfs_commonkrpc.c so that
the code will build when "options KGSSAPI" is specified
without requiring the proposed changes that add host based
initiator principal support. It will not handle the case where
the client uses a host based initiator principal until those
changes are committed. The code that uses those changes is
#ifdef'd notyet until the krpc rpcsec_changes are committed.
Approved by: kib (mentor)
Diffstat (limited to 'sys/fs/nfs/nfs_commonkrpc.c')
-rw-r--r-- | sys/fs/nfs/nfs_commonkrpc.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/sys/fs/nfs/nfs_commonkrpc.c b/sys/fs/nfs/nfs_commonkrpc.c index 4b37802..7abff32 100644 --- a/sys/fs/nfs/nfs_commonkrpc.c +++ b/sys/fs/nfs/nfs_commonkrpc.c @@ -299,8 +299,10 @@ nfs_getauth(struct nfssockreq *nrp, int secflavour, char *clnt_principal, #ifdef KGSSAPI rpc_gss_service_t svc; AUTH *auth; +#ifdef notyet rpc_gss_options_req_t req_options; #endif +#endif switch (secflavour) { #ifdef KGSSAPI @@ -317,6 +319,7 @@ nfs_getauth(struct nfssockreq *nrp, int secflavour, char *clnt_principal, svc = rpc_gss_svc_integrity; else svc = rpc_gss_svc_privacy; +#ifdef notyet req_options.req_flags = GSS_C_MUTUAL_FLAG; req_options.time_req = 0; req_options.my_cred = GSS_C_NO_CREDENTIAL; @@ -326,8 +329,20 @@ nfs_getauth(struct nfssockreq *nrp, int secflavour, char *clnt_principal, auth = rpc_gss_secfind(nrp->nr_client, cred, clnt_principal, srv_principal, mech_oid, svc, &req_options); - return (auth); +#else + /* + * Until changes to the rpcsec_gss code are committed, + * there is no support for host based initiator + * principals. As such, that case cannot yet be handled. + */ + if (clnt_principal == NULL) + auth = rpc_gss_secfind(nrp->nr_client, cred, + srv_principal, mech_oid, svc); + else + auth = NULL; #endif + return (auth); +#endif /* KGSSAPI */ case AUTH_SYS: default: return (authunix_create(cred)); |