Make options KGSSAPI build and add it to NOTES.
rpcsec_gss_prot.c: Use kernel printf and headers. vc_rpcsec_gss.c: Use a local RPCAUTH_UNIXGIDS definition for 16 instead of using NGROUPS.
This commit is contained in:
parent
e1694bc9a6
commit
3d26cd60bf
@ -973,6 +973,7 @@ options NFSSERVER #Network File System server
|
||||
options NFSLOCKD #Network Lock Manager
|
||||
options NFSCL #experimental NFS client with NFSv4
|
||||
options NFSD #experimental NFS server with NFSv4
|
||||
options KGSSAPI #Kernel GSSAPI implementaion
|
||||
|
||||
# NT File System. Read-mostly, see mount_ntfs(8) for details.
|
||||
# For a full read-write NTFS support consider sysutils/fusefs-ntfs
|
||||
|
@ -307,7 +307,7 @@ xdr_rpc_gss_unwrap_data(struct mbuf **resultsp,
|
||||
}
|
||||
|
||||
#ifdef DEBUG
|
||||
#include <ctype.h>
|
||||
#include <machine/stdarg.h>
|
||||
|
||||
void
|
||||
rpc_gss_log_debug(const char *fmt, ...)
|
||||
@ -315,9 +315,9 @@ rpc_gss_log_debug(const char *fmt, ...)
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, fmt);
|
||||
fprintf(stderr, "rpcsec_gss: ");
|
||||
vfprintf(stderr, fmt, ap);
|
||||
fprintf(stderr, "\n");
|
||||
printf("rpcsec_gss: ");
|
||||
vprintf(fmt, ap);
|
||||
printf("\n");
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
@ -328,7 +328,7 @@ rpc_gss_log_status(const char *m, gss_OID mech, OM_uint32 maj_stat, OM_uint32 mi
|
||||
gss_buffer_desc msg;
|
||||
int msg_ctx = 0;
|
||||
|
||||
fprintf(stderr, "rpcsec_gss: %s: ", m);
|
||||
printf("rpcsec_gss: %s: ", m);
|
||||
|
||||
gss_display_status(&min, maj_stat, GSS_C_GSS_CODE, GSS_C_NULL_OID,
|
||||
&msg_ctx, &msg);
|
||||
|
@ -121,6 +121,9 @@ enum svc_rpc_gss_client_state {
|
||||
};
|
||||
|
||||
#define SVC_RPC_GSS_SEQWINDOW 128
|
||||
#ifndef RPCAUTH_UNIXGIDS
|
||||
#define RPCAUTH_UNIXGIDS 16
|
||||
#endif
|
||||
|
||||
struct svc_rpc_gss_clientid {
|
||||
unsigned long ci_hostid;
|
||||
@ -147,7 +150,7 @@ struct svc_rpc_gss_client {
|
||||
int cl_rpcflavor; /* RPC pseudo sec flavor */
|
||||
bool_t cl_done_callback; /* TRUE after call */
|
||||
void *cl_cookie; /* user cookie from callback */
|
||||
gid_t cl_gid_storage[NGROUPS];
|
||||
gid_t cl_gid_storage[RPCAUTH_UNIXGIDS];
|
||||
gss_OID cl_mech; /* mechanism */
|
||||
gss_qop_t cl_qop; /* quality of protection */
|
||||
uint32_t cl_seqlast; /* sequence window origin */
|
||||
@ -735,7 +738,7 @@ svc_rpc_gss_build_ucred(struct svc_rpc_gss_client *client,
|
||||
uc->gid = 65534;
|
||||
uc->gidlist = client->cl_gid_storage;
|
||||
|
||||
numgroups = NGROUPS;
|
||||
numgroups = RPCAUTH_UNIXGIDS;
|
||||
maj_stat = gss_pname_to_unix_cred(&min_stat, name, client->cl_mech,
|
||||
&uc->uid, &uc->gid, &numgroups, &uc->gidlist[0]);
|
||||
if (GSS_ERROR(maj_stat))
|
||||
@ -932,7 +935,7 @@ svc_rpc_gss_accept_sec_context(struct svc_rpc_gss_client *client,
|
||||
"<mech %.*s, qop %d, svc %d>",
|
||||
client->cl_rawcred.client_principal->name,
|
||||
mechname.length, (char *)mechname.value,
|
||||
client->cl_qop, client->rawcred.service);
|
||||
client->cl_qop, client->cl_rawcred.service);
|
||||
|
||||
gss_release_buffer(&min_stat, &mechname);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user