diff options
| author | rmacklem <rmacklem@FreeBSD.org> | 2014-05-08 20:52:25 +0000 |
|---|---|---|
| committer | rmacklem <rmacklem@FreeBSD.org> | 2014-05-08 20:52:25 +0000 |
| commit | 1085179b784bd3c6855a3d1144933dbe8ed5e757 (patch) | |
| tree | 93631c013a46cbeb153933fc8e93e6fc4cda7487 /sys/fs | |
| parent | 5ca6003c5c59fcbccde099c4a5acae82537f80d9 (diff) | |
| download | FreeBSD-src-1085179b784bd3c6855a3d1144933dbe8ed5e757.zip FreeBSD-src-1085179b784bd3c6855a3d1144933dbe8ed5e757.tar.gz | |
MFC: r265252
The new draft specification for NFSv4.0 specifies that a server
should either accept owner and owner_group strings that are just
the digits of the uid/gid or return NFS4ERR_BADOWNER.
This patch adds a sysctl vfs.nfsd.enable_stringtouid, which can
be set to enable the server w.r.t. accepting numeric string. It
also ensures that NFS4ERR_BADOWNER is returned if numeric uid/gid
strings are not enabled. This fixes the server for recent Linux
nfs4 clients that use numeric uid/gid strings by default.
Diffstat (limited to 'sys/fs')
| -rw-r--r-- | sys/fs/nfs/nfs_commonsubs.c | 23 | ||||
| -rw-r--r-- | sys/fs/nfsserver/nfs_nfsdport.c | 3 |
2 files changed, 20 insertions, 6 deletions
diff --git a/sys/fs/nfs/nfs_commonsubs.c b/sys/fs/nfs/nfs_commonsubs.c index 76ee9e2..5c50dfd 100644 --- a/sys/fs/nfs/nfs_commonsubs.c +++ b/sys/fs/nfs/nfs_commonsubs.c @@ -65,6 +65,7 @@ uid_t nfsrv_defaultuid; gid_t nfsrv_defaultgid; int nfsrv_lease = NFSRV_LEASE; int ncl_mbuf_mlen = MLEN; +int nfsd_enable_stringtouid = 0; NFSNAMEIDMUTEX; NFSSOCKMUTEX; @@ -2640,9 +2641,14 @@ nfsv4_strtouid(struct nfsrv_descript *nd, u_char *str, int len, uid_t *uidp, /* If a string of digits and an AUTH_SYS mount, just convert it. */ str0 = str; tuid = (uid_t)strtoul(str0, &endstr, 10); - if ((endstr - str0) == len && - (nd->nd_flag & (ND_KERBV | ND_NFSCL)) == ND_NFSCL) { - *uidp = tuid; + if ((endstr - str0) == len) { + /* A numeric string. */ + if ((nd->nd_flag & ND_KERBV) == 0 && + ((nd->nd_flag & ND_NFSCL) != 0 || + nfsd_enable_stringtouid != 0)) + *uidp = tuid; + else + error = NFSERR_BADOWNER; goto out; } /* @@ -2845,9 +2851,14 @@ nfsv4_strtogid(struct nfsrv_descript *nd, u_char *str, int len, gid_t *gidp, /* If a string of digits and an AUTH_SYS mount, just convert it. */ str0 = str; tgid = (gid_t)strtoul(str0, &endstr, 10); - if ((endstr - str0) == len && - (nd->nd_flag & (ND_KERBV | ND_NFSCL)) == ND_NFSCL) { - *gidp = tgid; + if ((endstr - str0) == len) { + /* A numeric string. */ + if ((nd->nd_flag & ND_KERBV) == 0 && + ((nd->nd_flag & ND_NFSCL) != 0 || + nfsd_enable_stringtouid != 0)) + *gidp = tgid; + else + error = NFSERR_BADOWNER; goto out; } /* diff --git a/sys/fs/nfsserver/nfs_nfsdport.c b/sys/fs/nfsserver/nfs_nfsdport.c index 4a3a011..b0c4c4d 100644 --- a/sys/fs/nfsserver/nfs_nfsdport.c +++ b/sys/fs/nfsserver/nfs_nfsdport.c @@ -80,6 +80,7 @@ static int nfs_commit_blks; static int nfs_commit_miss; extern int nfsrv_issuedelegs; extern int nfsrv_dolocallocks; +extern int nfsd_enable_stringtouid; SYSCTL_NODE(_vfs, OID_AUTO, nfsd, CTLFLAG_RW, 0, "New NFS server"); SYSCTL_INT(_vfs_nfsd, OID_AUTO, mirrormnt, CTLFLAG_RW, @@ -92,6 +93,8 @@ SYSCTL_INT(_vfs_nfsd, OID_AUTO, issue_delegations, CTLFLAG_RW, &nfsrv_issuedelegs, 0, "Enable nfsd to issue delegations"); SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_locallocks, CTLFLAG_RW, &nfsrv_dolocallocks, 0, "Enable nfsd to acquire local locks on files"); +SYSCTL_INT(_vfs_nfsd, OID_AUTO, enable_stringtouid, CTLFLAG_RW, + &nfsd_enable_stringtouid, 0, "Enable nfsd to accept numeric owner_names"); #define MAX_REORDERED_RPC 16 #define NUM_HEURISTIC 1031 |
