diff options
| author | rmacklem <rmacklem@FreeBSD.org> | 2011-06-19 22:08:55 +0000 |
|---|---|---|
| committer | rmacklem <rmacklem@FreeBSD.org> | 2011-06-19 22:08:55 +0000 |
| commit | be57e75b00c1ba88332a570e83564f6cae5dba45 (patch) | |
| tree | 1748b2392bad991b60d72c1a5c4c795f329b87ca /sys/fs/nfsserver | |
| parent | f3c935589780909d53003a34a63975a197937374 (diff) | |
| download | FreeBSD-src-be57e75b00c1ba88332a570e83564f6cae5dba45.zip FreeBSD-src-be57e75b00c1ba88332a570e83564f6cae5dba45.tar.gz | |
Fix the kgssapi so that it can be loaded as a module. Currently
the NFS subsystems use five of the rpcsec_gss/kgssapi entry points,
but since it was not obvious which others might be useful, all
nineteen were included. Basically the nineteen entry points are
set in a structure called rpc_gss_entries and inline functions
defined in sys/rpc/rpcsec_gss.h check for the entry points being
non-NULL and then call them. A default value is returned otherwise.
Requested by rwatson.
Reviewed by: jhb
MFC after: 2 weeks
Diffstat (limited to 'sys/fs/nfsserver')
| -rw-r--r-- | sys/fs/nfsserver/nfs_nfsdkrpc.c | 37 |
1 files changed, 12 insertions, 25 deletions
diff --git a/sys/fs/nfsserver/nfs_nfsdkrpc.c b/sys/fs/nfsserver/nfs_nfsdkrpc.c index 8ce70fa..2484919 100644 --- a/sys/fs/nfsserver/nfs_nfsdkrpc.c +++ b/sys/fs/nfsserver/nfs_nfsdkrpc.c @@ -386,18 +386,14 @@ nfsrvd_addsock(struct file *fp) int nfsrvd_nfsd(struct thread *td, struct nfsd_nfsd_args *args) { -#ifdef KGSSAPI char principal[MAXHOSTNAMELEN + 5]; int error; bool_t ret2, ret3, ret4; -#endif -#ifdef KGSSAPI error = copyinstr(args->principal, principal, sizeof (principal), NULL); if (error) return (error); -#endif /* * Only the first nfsd actually does any work. The RPC code @@ -412,38 +408,29 @@ nfsrvd_nfsd(struct thread *td, struct nfsd_nfsd_args *args) NFSD_UNLOCK(); -#ifdef KGSSAPI /* An empty string implies AUTH_SYS only. */ if (principal[0] != '\0') { - ret2 = rpc_gss_set_svc_name(principal, "kerberosv5", - GSS_C_INDEFINITE, NFS_PROG, NFS_VER2); - ret3 = rpc_gss_set_svc_name(principal, "kerberosv5", - GSS_C_INDEFINITE, NFS_PROG, NFS_VER3); - ret4 = rpc_gss_set_svc_name(principal, "kerberosv5", - GSS_C_INDEFINITE, NFS_PROG, NFS_VER4); - - if (!ret2 || !ret3 || !ret4) { - NFSD_LOCK(); - newnfs_numnfsd--; - nfsrvd_init(1); - NFSD_UNLOCK(); - return (EAUTH); - } + ret2 = rpc_gss_set_svc_name_call(principal, + "kerberosv5", GSS_C_INDEFINITE, NFS_PROG, NFS_VER2); + ret3 = rpc_gss_set_svc_name_call(principal, + "kerberosv5", GSS_C_INDEFINITE, NFS_PROG, NFS_VER3); + ret4 = rpc_gss_set_svc_name_call(principal, + "kerberosv5", GSS_C_INDEFINITE, NFS_PROG, NFS_VER4); + + if (!ret2 || !ret3 || !ret4) + printf("nfsd: can't register svc name\n"); } -#endif nfsrvd_pool->sp_minthreads = args->minthreads; nfsrvd_pool->sp_maxthreads = args->maxthreads; svc_run(nfsrvd_pool); -#ifdef KGSSAPI if (principal[0] != '\0') { - rpc_gss_clear_svc_name(NFS_PROG, NFS_VER2); - rpc_gss_clear_svc_name(NFS_PROG, NFS_VER3); - rpc_gss_clear_svc_name(NFS_PROG, NFS_VER4); + rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER2); + rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER3); + rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER4); } -#endif NFSD_LOCK(); newnfs_numnfsd--; |
