提交 059f90b3 编写于 作者: C Chuck Lever 提交者: Trond Myklebust

NFS: Fix auth flavor len accounting

Previous logic in the NFS mount parsing code path assumed
auth_flavor_len was set to zero for simple authentication flavors
(like AUTH_UNIX), and 1 for compound flavors (like AUTH_GSS).

At some earlier point (maybe even before the option parsers were
merged?) specific checks for auth_flavor_len being zero were removed
from the functions that validate the mount option that sets the mount
point's authentication flavor.

Since we are populating an array for authentication flavors, the
auth_flavor_len should always be set to the number of flavors.  Let's
eliminate some cleverness here, and prepare for new logic that needs
to know the number of flavors in the auth_flavors[] array.

(auth_flavors[] is an array because at some point we want to allow a
list of acceptable authentication flavors to be specified via the sec=
mount option.  For now it remains a single element array).
Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
上级 0b524123
...@@ -904,8 +904,6 @@ static void nfs_set_mount_transport_protocol(struct nfs_parsed_mount_data *mnt) ...@@ -904,8 +904,6 @@ static void nfs_set_mount_transport_protocol(struct nfs_parsed_mount_data *mnt)
/* /*
* Parse the value of the 'sec=' option. * Parse the value of the 'sec=' option.
*
* The flavor_len setting is for v4 mounts.
*/ */
static int nfs_parse_security_flavors(char *value, static int nfs_parse_security_flavors(char *value,
struct nfs_parsed_mount_data *mnt) struct nfs_parsed_mount_data *mnt)
...@@ -916,53 +914,43 @@ static int nfs_parse_security_flavors(char *value, ...@@ -916,53 +914,43 @@ static int nfs_parse_security_flavors(char *value,
switch (match_token(value, nfs_secflavor_tokens, args)) { switch (match_token(value, nfs_secflavor_tokens, args)) {
case Opt_sec_none: case Opt_sec_none:
mnt->auth_flavor_len = 0;
mnt->auth_flavors[0] = RPC_AUTH_NULL; mnt->auth_flavors[0] = RPC_AUTH_NULL;
break; break;
case Opt_sec_sys: case Opt_sec_sys:
mnt->auth_flavor_len = 0;
mnt->auth_flavors[0] = RPC_AUTH_UNIX; mnt->auth_flavors[0] = RPC_AUTH_UNIX;
break; break;
case Opt_sec_krb5: case Opt_sec_krb5:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5; mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5;
break; break;
case Opt_sec_krb5i: case Opt_sec_krb5i:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5I; mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5I;
break; break;
case Opt_sec_krb5p: case Opt_sec_krb5p:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5P; mnt->auth_flavors[0] = RPC_AUTH_GSS_KRB5P;
break; break;
case Opt_sec_lkey: case Opt_sec_lkey:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEY; mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEY;
break; break;
case Opt_sec_lkeyi: case Opt_sec_lkeyi:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYI; mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYI;
break; break;
case Opt_sec_lkeyp: case Opt_sec_lkeyp:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYP; mnt->auth_flavors[0] = RPC_AUTH_GSS_LKEYP;
break; break;
case Opt_sec_spkm: case Opt_sec_spkm:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKM; mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKM;
break; break;
case Opt_sec_spkmi: case Opt_sec_spkmi:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMI; mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMI;
break; break;
case Opt_sec_spkmp: case Opt_sec_spkmp:
mnt->auth_flavor_len = 1;
mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMP; mnt->auth_flavors[0] = RPC_AUTH_GSS_SPKMP;
break; break;
default: default:
return 0; return 0;
} }
mnt->auth_flavor_len = 1;
return 1; return 1;
} }
...@@ -1680,6 +1668,7 @@ static int nfs_validate_mount_data(void *options, ...@@ -1680,6 +1668,7 @@ static int nfs_validate_mount_data(void *options,
args->nfs_server.port = 0; /* autobind unless user sets port */ args->nfs_server.port = 0; /* autobind unless user sets port */
args->nfs_server.protocol = XPRT_TRANSPORT_TCP; args->nfs_server.protocol = XPRT_TRANSPORT_TCP;
args->auth_flavors[0] = RPC_AUTH_UNIX; args->auth_flavors[0] = RPC_AUTH_UNIX;
args->auth_flavor_len = 1;
switch (data->version) { switch (data->version) {
case 1: case 1:
...@@ -2343,7 +2332,7 @@ static int nfs4_validate_mount_data(void *options, ...@@ -2343,7 +2332,7 @@ static int nfs4_validate_mount_data(void *options,
args->acdirmax = NFS_DEF_ACDIRMAX; args->acdirmax = NFS_DEF_ACDIRMAX;
args->nfs_server.port = NFS_PORT; /* 2049 unless user set port= */ args->nfs_server.port = NFS_PORT; /* 2049 unless user set port= */
args->auth_flavors[0] = RPC_AUTH_UNIX; args->auth_flavors[0] = RPC_AUTH_UNIX;
args->auth_flavor_len = 0; args->auth_flavor_len = 1;
args->minorversion = 0; args->minorversion = 0;
switch (data->version) { switch (data->version) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册