nfsd4: move rq_flavor into svc_cred
Move the rq_flavor into struct svc_cred, and use it in setclientid and exchange_id comparisons as well. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
This commit is contained in:
J. Bruce Fields
Родитель
8fbba96e5b
Коммит
d5497fc693
|
|
@ -10,7 +10,7 @@ int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
|
|||
struct exp_flavor_info *end = exp->ex_flavors + exp->ex_nflavors;
|
||||
|
||||
for (f = exp->ex_flavors; f < end; f++) {
|
||||
if (f->pseudoflavor == rqstp->rq_flavor)
|
||||
if (f->pseudoflavor == rqstp->rq_cred.cr_flavor)
|
||||
return f->flags;
|
||||
}
|
||||
return exp->ex_flags;
|
||||
|
|
|
|||
|
|
@ -904,13 +904,13 @@ __be32 check_nfsd_access(struct svc_export *exp, struct svc_rqst *rqstp)
|
|||
return 0;
|
||||
/* ip-address based client; check sec= export option: */
|
||||
for (f = exp->ex_flavors; f < end; f++) {
|
||||
if (f->pseudoflavor == rqstp->rq_flavor)
|
||||
if (f->pseudoflavor == rqstp->rq_cred.cr_flavor)
|
||||
return 0;
|
||||
}
|
||||
/* defaults in absence of sec= options: */
|
||||
if (exp->ex_nflavors == 0) {
|
||||
if (rqstp->rq_flavor == RPC_AUTH_NULL ||
|
||||
rqstp->rq_flavor == RPC_AUTH_UNIX)
|
||||
if (rqstp->rq_cred.cr_flavor == RPC_AUTH_NULL ||
|
||||
rqstp->rq_cred.cr_flavor == RPC_AUTH_UNIX)
|
||||
return 0;
|
||||
}
|
||||
return nfserr_wrongsec;
|
||||
|
|
|
|||
|
|
@ -605,7 +605,7 @@ numeric_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namel
|
|||
static __be32
|
||||
do_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, uid_t *id)
|
||||
{
|
||||
if (nfs4_disable_idmapping && rqstp->rq_flavor < RPC_AUTH_GSS)
|
||||
if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
|
||||
if (numeric_name_to_id(rqstp, type, name, namelen, id))
|
||||
return 0;
|
||||
/*
|
||||
|
|
@ -618,7 +618,7 @@ do_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, u
|
|||
static int
|
||||
do_id_to_name(struct svc_rqst *rqstp, int type, uid_t id, char *name)
|
||||
{
|
||||
if (nfs4_disable_idmapping && rqstp->rq_flavor < RPC_AUTH_GSS)
|
||||
if (nfs4_disable_idmapping && rqstp->rq_cred.cr_flavor < RPC_AUTH_GSS)
|
||||
return sprintf(name, "%u", id);
|
||||
return idmap_id_to_name(rqstp, type, id, name);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1177,6 +1177,7 @@ static int copy_cred(struct svc_cred *target, struct svc_cred *source)
|
|||
return -ENOMEM;
|
||||
} else
|
||||
target->cr_principal = NULL;
|
||||
target->cr_flavor = source->cr_flavor;
|
||||
target->cr_uid = source->cr_uid;
|
||||
target->cr_gid = source->cr_gid;
|
||||
target->cr_group_info = source->cr_group_info;
|
||||
|
|
@ -1213,11 +1214,11 @@ static bool groups_equal(struct group_info *g1, struct group_info *g2)
|
|||
return true;
|
||||
}
|
||||
|
||||
/* XXX what about NGROUP */
|
||||
static int
|
||||
same_creds(struct svc_cred *cr1, struct svc_cred *cr2)
|
||||
{
|
||||
if ((cr1->cr_uid != cr2->cr_uid)
|
||||
if ((cr1->cr_flavor != cr2->cr_flavor)
|
||||
|| (cr1->cr_uid != cr2->cr_uid)
|
||||
|| (cr1->cr_gid != cr2->cr_gid)
|
||||
|| !groups_equal(cr1->cr_group_info, cr2->cr_group_info))
|
||||
return false;
|
||||
|
|
@ -1299,7 +1300,6 @@ static struct nfs4_client *create_client(struct xdr_netobj name, char *recdir,
|
|||
rpc_init_wait_queue(&clp->cl_cb_waitq, "Backchannel slot table");
|
||||
copy_verf(clp, verf);
|
||||
rpc_copy_addr((struct sockaddr *) &clp->cl_addr, sa);
|
||||
clp->cl_flavor = rqstp->rq_flavor;
|
||||
gen_confirm(clp);
|
||||
clp->cl_cb_session = NULL;
|
||||
return clp;
|
||||
|
|
|
|||
|
|
@ -232,7 +232,6 @@ struct svc_rqst {
|
|||
struct svc_pool * rq_pool; /* thread pool */
|
||||
struct svc_procedure * rq_procinfo; /* procedure info */
|
||||
struct auth_ops * rq_authop; /* authentication flavour */
|
||||
u32 rq_flavor; /* pseudoflavor */
|
||||
struct svc_cred rq_cred; /* auth info */
|
||||
void * rq_xprt_ctxt; /* transport specific context ptr */
|
||||
struct svc_deferred_req*rq_deferred; /* deferred request we are replaying */
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ struct svc_cred {
|
|||
uid_t cr_uid;
|
||||
gid_t cr_gid;
|
||||
struct group_info *cr_group_info;
|
||||
u32 cr_flavor; /* pseudoflavor */
|
||||
char *cr_principal; /* for gss */
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1202,7 +1202,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
|
|||
}
|
||||
svcdata->rsci = rsci;
|
||||
cache_get(&rsci->h);
|
||||
rqstp->rq_flavor = gss_svc_to_pseudoflavor(
|
||||
rqstp->rq_cred.cr_flavor = gss_svc_to_pseudoflavor(
|
||||
rsci->mechctx->mech_type, gc->gc_svc);
|
||||
ret = SVC_OK;
|
||||
goto out;
|
||||
|
|
|
|||
|
|
@ -768,7 +768,7 @@ svcauth_null_accept(struct svc_rqst *rqstp, __be32 *authp)
|
|||
svc_putnl(resv, RPC_AUTH_NULL);
|
||||
svc_putnl(resv, 0);
|
||||
|
||||
rqstp->rq_flavor = RPC_AUTH_NULL;
|
||||
rqstp->rq_cred.cr_flavor = RPC_AUTH_NULL;
|
||||
return SVC_OK;
|
||||
}
|
||||
|
||||
|
|
@ -839,7 +839,7 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp)
|
|||
svc_putnl(resv, RPC_AUTH_NULL);
|
||||
svc_putnl(resv, 0);
|
||||
|
||||
rqstp->rq_flavor = RPC_AUTH_UNIX;
|
||||
rqstp->rq_cred.cr_flavor = RPC_AUTH_UNIX;
|
||||
return SVC_OK;
|
||||
|
||||
badcred:
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче