Commit 3c36df6c authored by Neil Brown's avatar Neil Brown Committed by Linus Torvalds

[PATCH] knfsd: svcrpc: auth_null fixes

Fix some discrepencies between the server-side auth_null and auth_unix rpc
code: in particular, make sure we return an auth error in the auth_null case
instead of dropping when we fail to match an export entry, and make sure such
responses are encoded correctly.
Signed-off-by: default avatarJ. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: default avatarNeil Brown <neilb@cse.unsw.edu.au>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent a900aeb7
...@@ -335,9 +335,13 @@ svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp) ...@@ -335,9 +335,13 @@ svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp)
{ {
struct kvec *argv = &rqstp->rq_arg.head[0]; struct kvec *argv = &rqstp->rq_arg.head[0];
struct kvec *resv = &rqstp->rq_res.head[0]; struct kvec *resv = &rqstp->rq_res.head[0];
struct svc_cred *cred = &rqstp->rq_cred;
int rv=0; int rv=0;
struct ip_map key, *ipm; struct ip_map key, *ipm;
cred->cr_group_info = NULL;
rqstp->rq_client = NULL;
if (argv->iov_len < 3*4) if (argv->iov_len < 3*4)
return SVC_GARBAGE; return SVC_GARBAGE;
...@@ -353,23 +357,17 @@ svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp) ...@@ -353,23 +357,17 @@ svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp)
} }
/* Signal that mapping to nobody uid/gid is required */ /* Signal that mapping to nobody uid/gid is required */
rqstp->rq_cred.cr_uid = (uid_t) -1; cred->cr_uid = (uid_t) -1;
rqstp->rq_cred.cr_gid = (gid_t) -1; cred->cr_gid = (gid_t) -1;
rqstp->rq_cred.cr_group_info = groups_alloc(0); cred->cr_group_info = groups_alloc(0);
if (rqstp->rq_cred.cr_group_info == NULL) if (cred->cr_group_info == NULL)
return SVC_DROP; /* kmalloc failure - client must retry */ return SVC_DROP; /* kmalloc failure - client must retry */
/* Put NULL verifier */
svc_putu32(resv, RPC_AUTH_NULL);
svc_putu32(resv, 0);
strcpy(key.m_class, rqstp->rq_server->sv_program->pg_class); strcpy(key.m_class, rqstp->rq_server->sv_program->pg_class);
key.m_addr = rqstp->rq_addr.sin_addr; key.m_addr = rqstp->rq_addr.sin_addr;
ipm = ip_map_lookup(&key, 0); ipm = ip_map_lookup(&key, 0);
rqstp->rq_client = NULL;
if (ipm) if (ipm)
switch (cache_check(&ip_map_cache, &ipm->h, &rqstp->rq_chandle)) { switch (cache_check(&ip_map_cache, &ipm->h, &rqstp->rq_chandle)) {
case -EAGAIN: case -EAGAIN:
...@@ -388,10 +386,18 @@ svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp) ...@@ -388,10 +386,18 @@ svcauth_null_accept(struct svc_rqst *rqstp, u32 *authp)
} }
else rv = SVC_DROP; else rv = SVC_DROP;
if (rqstp->rq_client == NULL && rqstp->rq_proc != 0) if (rv == SVC_OK && rqstp->rq_client == NULL && rqstp->rq_proc != 0)
*authp = rpc_autherr_badcred; goto badcred;
/* Put NULL verifier */
svc_putu32(resv, RPC_AUTH_NULL);
svc_putu32(resv, 0);
return rv; return rv;
badcred:
*authp = rpc_autherr_badcred;
return SVC_DENIED;
} }
static int static int
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment