d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make options KGSSAPI build and add it to NOTES.

Browse Source 
rpcsec_gss_prot.c:
  Use kernel printf and headers.

vc_rpcsec_gss.c:
  Use a local RPCAUTH_UNIXGIDS definition for 16 instead of using NGROUPS.
This commit is contained in:
Brooks Davis 2010-01-08 23:26:10 +00:00
parent e1694bc9a6
commit 3d26cd60bf
3 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sys/conf/NOTES
View File

@ -973,6 +973,7 @@ options NFSSERVER #Network File System server
options NFSLOCKD #Network Lock Manager options NFSLOCKD #Network Lock Manager
options NFSCL #experimental NFS client with NFSv4 options NFSCL #experimental NFS client with NFSv4
options NFSD #experimental NFS server with NFSv4 options NFSD #experimental NFS server with NFSv4
options KGSSAPI #Kernel GSSAPI implementaion
# NT File System. Read-mostly, see mount_ntfs(8) for details. # NT File System. Read-mostly, see mount_ntfs(8) for details.
# For a full read-write NTFS support consider sysutils/fusefs-ntfs # For a full read-write NTFS support consider sysutils/fusefs-ntfs

10
sys/rpc/rpcsec_gss/rpcsec_gss_prot.c
View File

@ -307,7 +307,7 @@ xdr_rpc_gss_unwrap_data(struct mbuf **resultsp,
} }
#ifdef DEBUG #ifdef DEBUG
#include <ctype.h> #include <machine/stdarg.h>
void void
rpc_gss_log_debug(const char *fmt, ...) rpc_gss_log_debug(const char *fmt, ...)
@ -315,9 +315,9 @@ rpc_gss_log_debug(const char *fmt, ...)
va_list ap; va_list ap;
va_start(ap, fmt); va_start(ap, fmt);
fprintf(stderr, "rpcsec_gss: "); printf("rpcsec_gss: ");
vfprintf(stderr, fmt, ap); vprintf(fmt, ap);
fprintf(stderr, "\n"); printf("\n");
va_end(ap); va_end(ap);
} }
@ -328,7 +328,7 @@ rpc_gss_log_status(const char *m, gss_OID mech, OM_uint32 maj_stat, OM_uint32 mi
gss_buffer_desc msg; gss_buffer_desc msg;
int msg_ctx = 0; int msg_ctx = 0;
fprintf(stderr, "rpcsec_gss: %s: ", m); printf("rpcsec_gss: %s: ", m);
gss_display_status(&min, maj_stat, GSS_C_GSS_CODE, GSS_C_NULL_OID, gss_display_status(&min, maj_stat, GSS_C_GSS_CODE, GSS_C_NULL_OID,
&msg_ctx, &msg); &msg_ctx, &msg);

9
sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
View File

@ -121,6 +121,9 @@ enum svc_rpc_gss_client_state {
}; };
#define SVC_RPC_GSS_SEQWINDOW 128 #define SVC_RPC_GSS_SEQWINDOW 128
#ifndef RPCAUTH_UNIXGIDS
#define RPCAUTH_UNIXGIDS 16
#endif
struct svc_rpc_gss_clientid { struct svc_rpc_gss_clientid {
unsigned long ci_hostid; unsigned long ci_hostid;
@ -147,7 +150,7 @@ struct svc_rpc_gss_client {
int cl_rpcflavor; /* RPC pseudo sec flavor */ int cl_rpcflavor; /* RPC pseudo sec flavor */
bool_t cl_done_callback; /* TRUE after call */ bool_t cl_done_callback; /* TRUE after call */
void *cl_cookie; /* user cookie from callback */ void *cl_cookie; /* user cookie from callback */
gid_t cl_gid_storage[NGROUPS]; gid_t cl_gid_storage[RPCAUTH_UNIXGIDS];
gss_OID cl_mech; /* mechanism */ gss_OID cl_mech; /* mechanism */
gss_qop_t cl_qop; /* quality of protection */ gss_qop_t cl_qop; /* quality of protection */
uint32_t cl_seqlast; /* sequence window origin */ uint32_t cl_seqlast; /* sequence window origin */
@ -735,7 +738,7 @@ svc_rpc_gss_build_ucred(struct svc_rpc_gss_client *client,
uc->gid = 65534; uc->gid = 65534;
uc->gidlist = client->cl_gid_storage; uc->gidlist = client->cl_gid_storage;
numgroups = NGROUPS; numgroups = RPCAUTH_UNIXGIDS;
maj_stat = gss_pname_to_unix_cred(&min_stat, name, client->cl_mech, maj_stat = gss_pname_to_unix_cred(&min_stat, name, client->cl_mech,
&uc->uid, &uc->gid, &numgroups, &uc->gidlist[0]); &uc->uid, &uc->gid, &numgroups, &uc->gidlist[0]);
if (GSS_ERROR(maj_stat)) if (GSS_ERROR(maj_stat))
@ -932,7 +935,7 @@ svc_rpc_gss_accept_sec_context(struct svc_rpc_gss_client *client,
"<mech %.*s, qop %d, svc %d>", "<mech %.*s, qop %d, svc %d>",
client->cl_rawcred.client_principal->name, client->cl_rawcred.client_principal->name,
mechname.length, (char *)mechname.value, mechname.length, (char *)mechname.value,
client->cl_qop, client->rawcred.service); client->cl_qop, client->cl_rawcred.service);
gss_release_buffer(&min_stat, &mechname); gss_release_buffer(&min_stat, &mechname);
} }