Make options KGSSAPI build and add it to NOTES.

rpcsec_gss_prot.c:
  Use kernel printf and headers.

vc_rpcsec_gss.c:
  Use a local RPCAUTH_UNIXGIDS definition for 16 instead of using NGROUPS.
This commit is contained in:
Brooks Davis 2010-01-08 23:26:10 +00:00
parent e1694bc9a6
commit 3d26cd60bf
3 changed files with 12 additions and 8 deletions

View File

@ -973,6 +973,7 @@ options NFSSERVER #Network File System server
options NFSLOCKD #Network Lock Manager
options NFSCL #experimental NFS client with NFSv4
options NFSD #experimental NFS server with NFSv4
options KGSSAPI #Kernel GSSAPI implementaion
# NT File System. Read-mostly, see mount_ntfs(8) for details.
# For a full read-write NTFS support consider sysutils/fusefs-ntfs

View File

@ -307,7 +307,7 @@ xdr_rpc_gss_unwrap_data(struct mbuf **resultsp,
}
#ifdef DEBUG
#include <ctype.h>
#include <machine/stdarg.h>
void
rpc_gss_log_debug(const char *fmt, ...)
@ -315,9 +315,9 @@ rpc_gss_log_debug(const char *fmt, ...)
va_list ap;
va_start(ap, fmt);
fprintf(stderr, "rpcsec_gss: ");
vfprintf(stderr, fmt, ap);
fprintf(stderr, "\n");
printf("rpcsec_gss: ");
vprintf(fmt, ap);
printf("\n");
va_end(ap);
}
@ -328,7 +328,7 @@ rpc_gss_log_status(const char *m, gss_OID mech, OM_uint32 maj_stat, OM_uint32 mi
gss_buffer_desc msg;
int msg_ctx = 0;
fprintf(stderr, "rpcsec_gss: %s: ", m);
printf("rpcsec_gss: %s: ", m);
gss_display_status(&min, maj_stat, GSS_C_GSS_CODE, GSS_C_NULL_OID,
&msg_ctx, &msg);

View File

@ -121,6 +121,9 @@ enum svc_rpc_gss_client_state {
};
#define SVC_RPC_GSS_SEQWINDOW 128
#ifndef RPCAUTH_UNIXGIDS
#define RPCAUTH_UNIXGIDS 16
#endif
struct svc_rpc_gss_clientid {
unsigned long ci_hostid;
@ -147,7 +150,7 @@ struct svc_rpc_gss_client {
int cl_rpcflavor; /* RPC pseudo sec flavor */
bool_t cl_done_callback; /* TRUE after call */
void *cl_cookie; /* user cookie from callback */
gid_t cl_gid_storage[NGROUPS];
gid_t cl_gid_storage[RPCAUTH_UNIXGIDS];
gss_OID cl_mech; /* mechanism */
gss_qop_t cl_qop; /* quality of protection */
uint32_t cl_seqlast; /* sequence window origin */
@ -735,7 +738,7 @@ svc_rpc_gss_build_ucred(struct svc_rpc_gss_client *client,
uc->gid = 65534;
uc->gidlist = client->cl_gid_storage;
numgroups = NGROUPS;
numgroups = RPCAUTH_UNIXGIDS;
maj_stat = gss_pname_to_unix_cred(&min_stat, name, client->cl_mech,
&uc->uid, &uc->gid, &numgroups, &uc->gidlist[0]);
if (GSS_ERROR(maj_stat))
@ -932,7 +935,7 @@ svc_rpc_gss_accept_sec_context(struct svc_rpc_gss_client *client,
"<mech %.*s, qop %d, svc %d>",
client->cl_rawcred.client_principal->name,
mechname.length, (char *)mechname.value,
client->cl_qop, client->rawcred.service);
client->cl_qop, client->cl_rawcred.service);
gss_release_buffer(&min_stat, &mechname);
}