d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add NFSv4 root export checks to the DelegPurge, Renew and

Browse Source 
ReleaseLockOwner operations analagous to what is already
in place for SetClientID and SetClientIDConfirm. These are
the five NFSv4 operations that do not use file handle(s),
so the checks are done using the NFSv4 root export entries
in /etc/exports.

Approved by:	kib (mentor)
This commit is contained in:
Rick Macklem 2009-05-25 01:00:09 +00:00
parent 767fb36c3a
commit b1cfc0d961
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
sys/fs/nfsserver/nfs_nfsdserv.c
View File

@ -2830,6 +2830,11 @@ nfsrvd_delegpurge(struct nfsrv_descript *nd, __unused int isdgram,
int error = 0;
nfsquad_t clientid;
if ((!nfs_rootfhset && !nfsv4root_set) ||
nfsd_checkrootexp(nd)) {
nd->nd_repstat = NFSERR_WRONGSEC;
return (0);
}
NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
clientid.lval[0] = *tl++;
clientid.lval[1] = *tl;
@ -3024,6 +3029,11 @@ nfsrvd_renew(struct nfsrv_descript *nd, __unused int isdgram,
int error = 0;
nfsquad_t clientid;
if ((!nfs_rootfhset && !nfsv4root_set) ||
nfsd_checkrootexp(nd)) {
nd->nd_repstat = NFSERR_WRONGSEC;
return (0);
}
NFSM_DISSECT(tl, u_int32_t *, NFSX_HYPER);
clientid.lval[0] = *tl++;
clientid.lval[1] = *tl;
@ -3355,6 +3365,11 @@ nfsrvd_releaselckown(struct nfsrv_descript *nd, __unused int isdgram,
int error = 0, len;
nfsquad_t clientid;
if ((!nfs_rootfhset && !nfsv4root_set) ||
nfsd_checkrootexp(nd)) {
nd->nd_repstat = NFSERR_WRONGSEC;
return (0);
}
NFSM_DISSECT(tl, u_int32_t *, 3 * NFSX_UNSIGNED);
len = fxdr_unsigned(int, *(tl + 2));
MALLOC(stp, struct nfsstate *, sizeof (struct nfsstate) + len,