From 3d26cd60bfa536dc91348d59efde1212403eaf2d Mon Sep 17 00:00:00 2001
From: Brooks Davis <brooks@FreeBSD.org>
Date: Fri, 8 Jan 2010 23:26:10 +0000
Subject: [PATCH] Make options KGSSAPI build and add it to NOTES.
rpcsec_gss_prot.c:
Use kernel printf and headers.
vc_rpcsec_gss.c:
Use a local RPCAUTH_UNIXGIDS definition for 16 instead of using NGROUPS.
---
sys/conf/NOTES | 1 +
sys/rpc/rpcsec_gss/rpcsec_gss_prot.c | 10 +++++-----
sys/rpc/rpcsec_gss/svc_rpcsec_gss.c | 9 ++++++---
3 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/sys/conf/NOTES b/sys/conf/NOTES
index 51abbf995f78..b57b50f4a9ff 100644
--- a/sys/conf/NOTES
+++ b/sys/conf/NOTES
@@ -973,6 +973,7 @@ options NFSSERVER #Network File System server
options NFSLOCKD #Network Lock Manager
options NFSCL #experimental NFS client with NFSv4
options NFSD #experimental NFS server with NFSv4
+options KGSSAPI #Kernel GSSAPI implementaion
# NT File System. Read-mostly, see mount_ntfs(8) for details.
# For a full read-write NTFS support consider sysutils/fusefs-ntfs
diff --git a/sys/rpc/rpcsec_gss/rpcsec_gss_prot.c b/sys/rpc/rpcsec_gss/rpcsec_gss_prot.c
index 0654a6e6a22c..91112a1aa675 100644
--- a/sys/rpc/rpcsec_gss/rpcsec_gss_prot.c
+++ b/sys/rpc/rpcsec_gss/rpcsec_gss_prot.c
@@ -307,7 +307,7 @@ xdr_rpc_gss_unwrap_data(struct mbuf **resultsp,
}
#ifdef DEBUG
-#include <ctype.h>
+#include <machine/stdarg.h>
void
rpc_gss_log_debug(const char *fmt, ...)
@@ -315,9 +315,9 @@ rpc_gss_log_debug(const char *fmt, ...)
va_list ap;
va_start(ap, fmt);
- fprintf(stderr, "rpcsec_gss: ");
- vfprintf(stderr, fmt, ap);
- fprintf(stderr, "\n");
+ printf("rpcsec_gss: ");
+ vprintf(fmt, ap);
+ printf("\n");
va_end(ap);
}
@@ -328,7 +328,7 @@ rpc_gss_log_status(const char *m, gss_OID mech, OM_uint32 maj_stat, OM_uint32 mi
gss_buffer_desc msg;
int msg_ctx = 0;
- fprintf(stderr, "rpcsec_gss: %s: ", m);
+ printf("rpcsec_gss: %s: ", m);
gss_display_status(&min, maj_stat, GSS_C_GSS_CODE, GSS_C_NULL_OID,
&msg_ctx, &msg);
diff --git a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c b/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
index 55c0a8309edf..7433b79d2bbe 100644
--- a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
+++ b/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
@@ -121,6 +121,9 @@ enum svc_rpc_gss_client_state {
};
#define SVC_RPC_GSS_SEQWINDOW 128
+#ifndef RPCAUTH_UNIXGIDS
+#define RPCAUTH_UNIXGIDS 16
+#endif
struct svc_rpc_gss_clientid {
unsigned long ci_hostid;
@@ -147,7 +150,7 @@ struct svc_rpc_gss_client {
int cl_rpcflavor; /* RPC pseudo sec flavor */
bool_t cl_done_callback; /* TRUE after call */
void *cl_cookie; /* user cookie from callback */
- gid_t cl_gid_storage[NGROUPS];
+ gid_t cl_gid_storage[RPCAUTH_UNIXGIDS];
gss_OID cl_mech; /* mechanism */
gss_qop_t cl_qop; /* quality of protection */
uint32_t cl_seqlast; /* sequence window origin */
@@ -735,7 +738,7 @@ svc_rpc_gss_build_ucred(struct svc_rpc_gss_client *client,
uc->gid = 65534;
uc->gidlist = client->cl_gid_storage;
- numgroups = NGROUPS;
+ numgroups = RPCAUTH_UNIXGIDS;
maj_stat = gss_pname_to_unix_cred(&min_stat, name, client->cl_mech,
&uc->uid, &uc->gid, &numgroups, &uc->gidlist[0]);
if (GSS_ERROR(maj_stat))
@@ -932,7 +935,7 @@ svc_rpc_gss_accept_sec_context(struct svc_rpc_gss_client *client,
"<mech %.*s, qop %d, svc %d>",
client->cl_rawcred.client_principal->name,
mechname.length, (char *)mechname.value,
- client->cl_qop, client->rawcred.service);
+ client->cl_qop, client->cl_rawcred.service);
gss_release_buffer(&min_stat, &mechname);
}