Print this page
*** NO COMMENTS ***
*** 123,133 ****
#define NFS_ARGS_EXTB_secdata(args, secdata) \
{ (args)->nfs_args_ext = NFS_ARGS_EXTB, \
(args)->nfs_ext_u.nfs_extB.secdata = secdata; }
! extern int __clnt_bindresvport();
extern char *nfs_get_qop_name();
extern AUTH * nfs_create_ah();
extern enum snego_stat nfs_sec_nego();
static void usage(void);
--- 123,133 ----
#define NFS_ARGS_EXTB_secdata(args, secdata) \
{ (args)->nfs_args_ext = NFS_ARGS_EXTB, \
(args)->nfs_ext_u.nfs_extB.secdata = secdata; }
! extern int __clnt_bindresvport(CLIENT *);
extern char *nfs_get_qop_name();
extern AUTH * nfs_create_ah();
extern enum snego_stat nfs_sec_nego();
static void usage(void);
*** 1250,1260 ****
* we will set stronger security service as the default NFS
* security mode.
*
*/
if (nfs_getseconfig_default(&nfs_sec)) {
! pr_err(gettext("error getting default security entry\n"));
return (-1);
}
args->flags |= NFSMNT_SECDEFAULT;
}
--- 1250,1261 ----
* we will set stronger security service as the default NFS
* security mode.
*
*/
if (nfs_getseconfig_default(&nfs_sec)) {
! pr_err(gettext("error getting default"
! " security entry\n"));
return (-1);
}
args->flags |= NFSMNT_SECDEFAULT;
}
*** 1313,1324 ****
*/
if (vers == NFS_V4 && syncaddr &&
host2netname(netname, hostname, NULL)) {
args->syncaddr = malloc(sizeof (struct netbuf));
args->syncaddr->buf = malloc(syncaddr->len);
! (void) memcpy(args->syncaddr->buf, syncaddr->buf,
! syncaddr->len);
args->syncaddr->len = syncaddr->len;
args->syncaddr->maxlen = syncaddr->maxlen;
args->netname = strdup(netname);
args->flags |= NFSMNT_SECURE;
}
--- 1314,1325 ----
*/
if (vers == NFS_V4 && syncaddr &&
host2netname(netname, hostname, NULL)) {
args->syncaddr = malloc(sizeof (struct netbuf));
args->syncaddr->buf = malloc(syncaddr->len);
! (void) memcpy(args->syncaddr->buf,
! syncaddr->buf, syncaddr->len);
args->syncaddr->len = syncaddr->len;
args->syncaddr->maxlen = syncaddr->maxlen;
args->netname = strdup(netname);
args->flags |= NFSMNT_SECURE;
}
*** 1443,1453 ****
((struct sockaddr_in *)tbind->addr.buf)->sin_port
= port;
else if (strcmp(nconf->nc_protofmly, NC_INET6) == 0)
((struct sockaddr_in6 *)tbind->addr.buf)->sin6_port
= port;
-
}
cl = clnt_tli_create(fd, nconf, &tbind->addr, prog, vers, 0, 0);
if (cl == NULL) {
/*
--- 1444,1453 ----
*** 1481,1501 ****
if (!snego_done) {
/*
* negotiate sec flavor.
*/
snego.cnt = 0;
! if ((sec = nfs_sec_nego(vers, cl, fspath, &snego)) ==
! SNEGO_SUCCESS) {
int jj;
/*
* check if server supports the one
* specified in the sec= option.
*/
if (sec_opt) {
for (jj = 0; jj < snego.cnt; jj++) {
! if (snego.array[jj] == nfs_sec.sc_nfsnum) {
snego_done = TRUE;
break;
}
}
}
--- 1481,1502 ----
if (!snego_done) {
/*
* negotiate sec flavor.
*/
snego.cnt = 0;
! if ((sec = nfs_sec_nego(vers, cl,
! fspath, &snego)) == SNEGO_SUCCESS) {
int jj;
/*
* check if server supports the one
* specified in the sec= option.
*/
if (sec_opt) {
for (jj = 0; jj < snego.cnt; jj++) {
! if (snego.array[jj] ==
! nfs_sec.sc_nfsnum) {
snego_done = TRUE;
break;
}
}
}
*** 1504,1549 ****
* find a common sec flavor
*/
if (!snego_done) {
if (sec_opt) {
pr_err(gettext(
! "Server does not support the security"
" flavor specified.\n"));
}
for (jj = 0; jj < snego.cnt; jj++) {
! if (!nfs_getseconfig_bynumber(snego.array[jj],
&nfs_sec)) {
snego_done = TRUE;
if (sec_opt) {
pr_err(gettext(
! "Security flavor %d was negotiated and"
! " will be used.\n"),
! nfs_sec.sc_nfsnum);
}
break;
}
}
! }
if (!snego_done)
return (NULL);
/*
* Now that the flavor has been
* negotiated, get the fh.
*
! * First, create an auth handle using the negotiated
! * sec flavor in the next lookup to
! * fetch the filehandle.
*/
new_ah = nfs_create_ah(cl, hostname, &nfs_sec);
if (new_ah == NULL)
goto done;
cl->cl_auth = new_ah;
} else if (sec == SNEGO_ARRAY_TOO_SMALL || sec ==
SNEGO_FAILURE) {
goto done;
}
/*
* Note that if sec == SNEGO_DEF_VALID
* default sec flavor is acceptable.
* Use it to get the filehandle.
*/
--- 1505,1556 ----
* find a common sec flavor
*/
if (!snego_done) {
if (sec_opt) {
pr_err(gettext(
! "Server does not support"
! " the security"
" flavor specified.\n"));
}
+
for (jj = 0; jj < snego.cnt; jj++) {
! if (!nfs_getseconfig_bynumber(
! snego.array[jj],
&nfs_sec)) {
snego_done = TRUE;
if (sec_opt) {
pr_err(gettext(
! "Security flavor %d was negotiated and will be used.\n"),
! nfs_sec.
! sc_nfsnum);
}
+
break;
}
}
!
if (!snego_done)
return (NULL);
+ }
/*
* Now that the flavor has been
* negotiated, get the fh.
*
! * First, create an auth handle using
! * the negotiated sec flavor in the
! * next lookup to fetch the filehandle.
*/
new_ah = nfs_create_ah(cl, hostname, &nfs_sec);
if (new_ah == NULL)
goto done;
cl->cl_auth = new_ah;
} else if (sec == SNEGO_ARRAY_TOO_SMALL || sec ==
SNEGO_FAILURE) {
goto done;
}
+
/*
* Note that if sec == SNEGO_DEF_VALID
* default sec flavor is acceptable.
* Use it to get the filehandle.
*/
*** 1583,1593 ****
fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p));
if (fh3p == NULL) {
pr_err(gettext("no memory\n"));
! CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, (char *)res);
goto done;
}
fh3p->fh3_length =
res->WNL_LOOKUP3res_u.res_ok.object.data.data_len;
--- 1590,1601 ----
fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p));
if (fh3p == NULL) {
pr_err(gettext("no memory\n"));
! CLNT_FREERES(cl, xdr_WNL_LOOKUP3res,
! (char *)res);
goto done;
}
fh3p->fh3_length =
res->WNL_LOOKUP3res_u.res_ok.object.data.data_len;
*** 1740,1754 ****
if ((port != 0) &&
((strcmp(nconf->nc_protofmly, NC_INET) == 0 ||
strcmp(nconf->nc_protofmly, NC_INET6) == 0) &&
(strcmp(nconf->nc_proto, NC_TCP) != 0 &&
! strcmp(nconf->nc_proto, NC_UDP) != 0)))
!
continue;
!
! else {
nb = get_the_addr(hostname, prog,
vers, nconf, port, tinfo,
fhp, get_pubfh, fspath, error);
if (nb != NULL)
--- 1748,1760 ----
if ((port != 0) &&
((strcmp(nconf->nc_protofmly, NC_INET) == 0 ||
strcmp(nconf->nc_protofmly, NC_INET6) == 0) &&
(strcmp(nconf->nc_proto, NC_TCP) != 0 &&
! strcmp(nconf->nc_proto, NC_UDP) != 0))) {
continue;
! } else {
nb = get_the_addr(hostname, prog,
vers, nconf, port, tinfo,
fhp, get_pubfh, fspath, error);
if (nb != NULL)
*** 1777,1788 ****
goto done;
if ((nb = get_the_addr(hostname, prog, vers, nconf, port,
tinfo, fhp, get_pubfh, fspath, error)) == NULL)
goto done;
-
-
} else {
retry:
SET_ERR_RET(error, ERR_NETPATH, 0);
while (nconf = getnetpath(nc)) {
SET_ERR_RET(error, ERR_PROTO_NONE, 0);
--- 1783,1792 ----
*** 1796,1811 ****
if (port == 0)
break;
if ((strcmp(nconf->nc_protofmly,
NC_INET) == 0 ||
! strcmp(nconf->
! nc_protofmly,
NC_INET6) == 0) &&
(strcmp(nconf->nc_proto,
NC_TCP) == 0))
-
break;
}
}
if (nthtry == SECOND_TRY) {
if (nconf->nc_semantics ==
--- 1800,1813 ----
if (port == 0)
break;
if ((strcmp(nconf->nc_protofmly,
NC_INET) == 0 ||
! strcmp(nconf->nc_protofmly,
NC_INET6) == 0) &&
(strcmp(nconf->nc_proto,
NC_TCP) == 0))
break;
}
}
if (nthtry == SECOND_TRY) {
if (nconf->nc_semantics ==
*** 1812,1832 ****
NC_TPI_CLTS) {
if (port == 0)
break;
if ((strcmp(nconf->nc_protofmly,
NC_INET) == 0 ||
! strcmp(nconf->
! nc_protofmly, NC_INET6)
! == 0) &&
! (strcmp(
! nconf->nc_proto,
NC_UDP) == 0))
break;
}
}
}
} /* while */
if (nconf == NULL) {
if (++nthtry <= MNT_PREF_LISTLEN) {
endnetpath(nc);
if ((nc = setnetpath()) == NULL)
goto done;
--- 1814,1833 ----
NC_TPI_CLTS) {
if (port == 0)
break;
if ((strcmp(nconf->nc_protofmly,
NC_INET) == 0 ||
! strcmp(nconf->nc_protofmly,
! NC_INET6) == 0) &&
! (strcmp(nconf->nc_proto,
NC_UDP) == 0))
break;
}
}
}
} /* while */
+
if (nconf == NULL) {
if (++nthtry <= MNT_PREF_LISTLEN) {
endnetpath(nc);
if ((nc = setnetpath()) == NULL)
goto done;
*** 1835,1844 ****
--- 1836,1846 ----
goto done;
} else {
if ((nb = get_the_addr(hostname, prog, vers, nconf,
port, tinfo, fhp, get_pubfh, fspath, error))
== NULL) {
+
/* nb is NULL - deal with errors */
if (error) {
if (error->error_type == ERR_NOHOST)
SET_ERR_RET(&errsave_nohost,
error->error_type,
*** 2039,2050 ****
int retval;
SET_ERR_RET(&error, ERR_PROTO_NONE, 0);
/* Let's hope for the best */
nfsvers_to_use = NFS_V4;
! retval =
! getaddr_nfs(args, fshost, nconfp, FALSE,
fspath, port, &error, vers_min == NFS_V4);
if (retval == RET_OK) {
*versp = nfsvers_to_use = NFS_V4;
fstype = MNTTYPE_NFS4;
--- 2041,2051 ----
int retval;
SET_ERR_RET(&error, ERR_PROTO_NONE, 0);
/* Let's hope for the best */
nfsvers_to_use = NFS_V4;
! retval = getaddr_nfs(args, fshost, nconfp, FALSE,
fspath, port, &error, vers_min == NFS_V4);
if (retval == RET_OK) {
*versp = nfsvers_to_use = NFS_V4;
fstype = MNTTYPE_NFS4;
*** 2157,2171 ****
}
if ((errno = fhs.fhs_status) != MNT_OK) {
if (loud_on_mnt_err) {
if (errno == EACCES) {
! pr_err(gettext("%s:%s: access denied\n"),
fshost, fspath);
} else {
! pr_err(gettext("%s:%s: %s\n"), fshost, fspath,
! strerror(errno));
}
}
clnt_destroy(cl);
return (RET_MNTERR);
}
--- 2158,2173 ----
}
if ((errno = fhs.fhs_status) != MNT_OK) {
if (loud_on_mnt_err) {
if (errno == EACCES) {
! pr_err(gettext(
! "%s:%s: access denied\n"),
fshost, fspath);
} else {
! pr_err(gettext("%s:%s: %s\n"),
! fshost, fspath, strerror(errno));
}
}
clnt_destroy(cl);
return (RET_MNTERR);
}
*** 2210,2221 ****
break;
case MOUNTVERS3:
*versp = nfsvers_to_use = NFS_V3;
rpc_stat = clnt_call(cl, MOUNTPROC_MNT, xdr_dirpath,
! (caddr_t)&fspath,
! xdr_mountres3, (caddr_t)&mountres3, timeout);
if (rpc_stat != RPC_SUCCESS) {
pr_err(gettext("%s:%s: server not responding %s\n"),
fshost, fspath, clnt_sperror(cl, ""));
clnt_destroy(cl);
return (RET_RETRY);
--- 2212,2223 ----
break;
case MOUNTVERS3:
*versp = nfsvers_to_use = NFS_V3;
rpc_stat = clnt_call(cl, MOUNTPROC_MNT, xdr_dirpath,
! (caddr_t)&fspath, xdr_mountres3,
! (caddr_t)&mountres3, timeout);
if (rpc_stat != RPC_SUCCESS) {
pr_err(gettext("%s:%s: server not responding %s\n"),
fshost, fspath, clnt_sperror(cl, ""));
clnt_destroy(cl);
return (RET_RETRY);
*** 2239,2250 ****
break;
default:
msg = strerror(errno);
break;
}
! pr_err(gettext("%s:%s: %s\n"), fshost, fspath, msg);
}
clnt_destroy(cl);
return (RET_MNTERR);
}
fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p));
--- 2241,2255 ----
break;
default:
msg = strerror(errno);
break;
}
!
! pr_err(gettext("%s:%s: %s\n"),
! fshost, fspath, msg);
}
+
clnt_destroy(cl);
return (RET_MNTERR);
}
fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p));
*** 2272,2306 ****
* security flavor (by the client) in the auth list returned
* from the server.
*
*/
auths =
! mountres3.mountres3_u.mountinfo.auth_flavors.auth_flavors_val;
count =
! mountres3.mountres3_u.mountinfo.auth_flavors.auth_flavors_len;
if (sec_opt) {
for (i = 0; i < count; i++) {
if (auths[i] == nfs_sec.sc_nfsnum)
break;
}
! if (i >= count) {
goto autherr;
- }
} else {
if (count > 0) {
for (i = 0; i < count; i++) {
! if (!nfs_getseconfig_bynumber(auths[i], &nfs_sec)) {
sec_opt++;
break;
}
}
! if (i >= count) {
goto autherr;
}
}
- }
break;
default:
pr_err(gettext("%s:%s: Unknown MOUNT version %d\n"),
fshost, fspath, outvers);
clnt_destroy(cl);
--- 2277,2313 ----
* security flavor (by the client) in the auth list returned
* from the server.
*
*/
auths =
! mountres3.mountres3_u.mountinfo.auth_flavors.
! auth_flavors_val;
count =
! mountres3.mountres3_u.mountinfo.auth_flavors.
! auth_flavors_len;
if (sec_opt) {
for (i = 0; i < count; i++) {
if (auths[i] == nfs_sec.sc_nfsnum)
break;
}
! if (i >= count)
goto autherr;
} else {
if (count > 0) {
for (i = 0; i < count; i++) {
! if (!nfs_getseconfig_bynumber(auths[i],
! &nfs_sec)) {
sec_opt++;
break;
}
}
!
! if (i >= count)
goto autherr;
}
}
break;
default:
pr_err(gettext("%s:%s: Unknown MOUNT version %d\n"),
fshost, fspath, outvers);
clnt_destroy(cl);
*** 2382,2393 ****
switch (addr_error.error_type) {
case 0:
printed = 1;
break;
case ERR_RPCERROR:
- if (!print_rpcerror)
/* no error print at this time */
break;
pr_err(gettext("%s NFS service not"
" available %s\n"), fshost,
clnt_sperrno(addr_error.error_value));
printed = 1;
--- 2389,2400 ----
switch (addr_error.error_type) {
case 0:
printed = 1;
break;
case ERR_RPCERROR:
/* no error print at this time */
+ if (!print_rpcerror)
break;
pr_err(gettext("%s NFS service not"
" available %s\n"), fshost,
clnt_sperrno(addr_error.error_value));
printed = 1;
*** 2437,2446 ****
--- 2444,2454 ----
"\n"), fshost);
printed = 1;
break;
}
}
+
SET_ERR_RET(error,
addr_error.error_type, addr_error.error_value);
if (addr_error.error_type == ERR_PROTO_NONE)
return (RET_RETRY);
else if (addr_error.error_type == ERR_RPCERROR &&