1. 28 1月, 2013 1 次提交
  2. 13 12月, 2012 2 次提交
    • Y
      nfs: Remove unused list nfs4_clientid_list · 48d7a576
      Yanchuan Nian 提交于
      This list was designed to store struct nfs4_client in the client side.
      But nfs4_client was obsolete and has been removed from the source code.
      So remove the unused list.
      Signed-off-by: NYanchuan Nian <ycnian@gmail.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      48d7a576
    • A
      SUNRPC handle EKEYEXPIRED in call_refreshresult · eb96d5c9
      Andy Adamson 提交于
      Currently, when an RPCSEC_GSS context has expired or is non-existent
      and the users (Kerberos) credentials have also expired or are non-existent,
      the client receives the -EKEYEXPIRED error and tries to refresh the context
      forever.  If an application is performing I/O, or other work against the share,
      the application hangs, and the user is not prompted to refresh/establish their
      credentials. This can result in a denial of service for other users.
      
      Users are expected to manage their Kerberos credential lifetimes to mitigate
      this issue.
      
      Move the -EKEYEXPIRED handling into the RPC layer. Try tk_cred_retry number
      of times to refresh the gss_context, and then return -EACCES to the application.
      Signed-off-by: NAndy Adamson <andros@netapp.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      eb96d5c9
  3. 06 12月, 2012 11 次提交
  4. 27 11月, 2012 1 次提交
  5. 21 11月, 2012 2 次提交
  6. 05 11月, 2012 1 次提交
  7. 03 10月, 2012 1 次提交
  8. 02 10月, 2012 6 次提交
  9. 29 9月, 2012 3 次提交
  10. 17 7月, 2012 2 次提交
    • C
      NFS: Clean up nfs4_proc_setclientid() and friends · 6bbb4ae8
      Chuck Lever 提交于
      Add documenting comments and appropriate debugging messages.
      Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      6bbb4ae8
    • C
      NFS: Treat NFS4ERR_CLID_INUSE as a fatal error · de734831
      Chuck Lever 提交于
      For NFSv4 minor version 0, currently the cl_id_uniquifier allows the
      Linux client to generate a unique nfs_client_id4 string whenever a
      server replies with NFS4ERR_CLID_INUSE.
      
      This implementation seems to be based on a flawed reading of RFC
      3530.  NFS4ERR_CLID_INUSE actually means that the client has presented
      this nfs_client_id4 string with a different principal at some time in
      the past, and that lease is still in use on the server.
      
      For a Linux client this might be rather difficult to achieve: the
      authentication flavor is named right in the nfs_client_id4.id
      string.  If we change flavors, we change strings automatically.
      
      So, practically speaking, NFS4ERR_CLID_INUSE means there is some other
      client using our string.  There is not much that can be done to
      recover automatically.  Let's make it a permanent error.
      
      Remove the recovery logic in nfs4_proc_setclientid(), and remove the
      cl_id_uniquifier field from the nfs_client data structure.  And,
      remove the authentication flavor from the nfs_client_id4 string.
      
      Keeping the authentication flavor in the nfs_client_id4.id string
      means that we could have a separate lease for each authentication
      flavor used by mounts on the client.  But we want just one lease for
      all the mounts on this client.
      Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
      Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
      de734831
  11. 29 6月, 2012 5 次提交
  12. 05 6月, 2012 1 次提交
  13. 29 5月, 2012 1 次提交
  14. 28 5月, 2012 3 次提交