From 3d26cd60bfa536dc91348d59efde1212403eaf2d Mon Sep 17 00:00:00 2001 From: Brooks Davis Date: Fri, 8 Jan 2010 23:26:10 +0000 Subject: [PATCH] Make options KGSSAPI build and add it to NOTES. rpcsec_gss_prot.c: Use kernel printf and headers. vc_rpcsec_gss.c: Use a local RPCAUTH_UNIXGIDS definition for 16 instead of using NGROUPS. --- sys/conf/NOTES | 1 + sys/rpc/rpcsec_gss/rpcsec_gss_prot.c | 10 +++++----- sys/rpc/rpcsec_gss/svc_rpcsec_gss.c | 9 ++++++--- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/sys/conf/NOTES b/sys/conf/NOTES index 51abbf995f78..b57b50f4a9ff 100644 --- a/sys/conf/NOTES +++ b/sys/conf/NOTES @@ -973,6 +973,7 @@ options NFSSERVER #Network File System server options NFSLOCKD #Network Lock Manager options NFSCL #experimental NFS client with NFSv4 options NFSD #experimental NFS server with NFSv4 +options KGSSAPI #Kernel GSSAPI implementaion # NT File System. Read-mostly, see mount_ntfs(8) for details. # For a full read-write NTFS support consider sysutils/fusefs-ntfs diff --git a/sys/rpc/rpcsec_gss/rpcsec_gss_prot.c b/sys/rpc/rpcsec_gss/rpcsec_gss_prot.c index 0654a6e6a22c..91112a1aa675 100644 --- a/sys/rpc/rpcsec_gss/rpcsec_gss_prot.c +++ b/sys/rpc/rpcsec_gss/rpcsec_gss_prot.c @@ -307,7 +307,7 @@ xdr_rpc_gss_unwrap_data(struct mbuf **resultsp, } #ifdef DEBUG -#include +#include void rpc_gss_log_debug(const char *fmt, ...) @@ -315,9 +315,9 @@ rpc_gss_log_debug(const char *fmt, ...) va_list ap; va_start(ap, fmt); - fprintf(stderr, "rpcsec_gss: "); - vfprintf(stderr, fmt, ap); - fprintf(stderr, "\n"); + printf("rpcsec_gss: "); + vprintf(fmt, ap); + printf("\n"); va_end(ap); } @@ -328,7 +328,7 @@ rpc_gss_log_status(const char *m, gss_OID mech, OM_uint32 maj_stat, OM_uint32 mi gss_buffer_desc msg; int msg_ctx = 0; - fprintf(stderr, "rpcsec_gss: %s: ", m); + printf("rpcsec_gss: %s: ", m); gss_display_status(&min, maj_stat, GSS_C_GSS_CODE, GSS_C_NULL_OID, &msg_ctx, &msg); diff --git a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c b/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c index 55c0a8309edf..7433b79d2bbe 100644 --- a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c +++ b/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c @@ -121,6 +121,9 @@ enum svc_rpc_gss_client_state { }; #define SVC_RPC_GSS_SEQWINDOW 128 +#ifndef RPCAUTH_UNIXGIDS +#define RPCAUTH_UNIXGIDS 16 +#endif struct svc_rpc_gss_clientid { unsigned long ci_hostid; @@ -147,7 +150,7 @@ struct svc_rpc_gss_client { int cl_rpcflavor; /* RPC pseudo sec flavor */ bool_t cl_done_callback; /* TRUE after call */ void *cl_cookie; /* user cookie from callback */ - gid_t cl_gid_storage[NGROUPS]; + gid_t cl_gid_storage[RPCAUTH_UNIXGIDS]; gss_OID cl_mech; /* mechanism */ gss_qop_t cl_qop; /* quality of protection */ uint32_t cl_seqlast; /* sequence window origin */ @@ -735,7 +738,7 @@ svc_rpc_gss_build_ucred(struct svc_rpc_gss_client *client, uc->gid = 65534; uc->gidlist = client->cl_gid_storage; - numgroups = NGROUPS; + numgroups = RPCAUTH_UNIXGIDS; maj_stat = gss_pname_to_unix_cred(&min_stat, name, client->cl_mech, &uc->uid, &uc->gid, &numgroups, &uc->gidlist[0]); if (GSS_ERROR(maj_stat)) @@ -932,7 +935,7 @@ svc_rpc_gss_accept_sec_context(struct svc_rpc_gss_client *client, "", client->cl_rawcred.client_principal->name, mechname.length, (char *)mechname.value, - client->cl_qop, client->rawcred.service); + client->cl_qop, client->cl_rawcred.service); gss_release_buffer(&min_stat, &mechname); }