Print this page
*** NO COMMENTS ***

*** 123,133 **** #define NFS_ARGS_EXTB_secdata(args, secdata) \ { (args)->nfs_args_ext = NFS_ARGS_EXTB, \ (args)->nfs_ext_u.nfs_extB.secdata = secdata; } ! extern int __clnt_bindresvport(); extern char *nfs_get_qop_name(); extern AUTH * nfs_create_ah(); extern enum snego_stat nfs_sec_nego(); static void usage(void); --- 123,133 ---- #define NFS_ARGS_EXTB_secdata(args, secdata) \ { (args)->nfs_args_ext = NFS_ARGS_EXTB, \ (args)->nfs_ext_u.nfs_extB.secdata = secdata; } ! extern int __clnt_bindresvport(CLIENT *); extern char *nfs_get_qop_name(); extern AUTH * nfs_create_ah(); extern enum snego_stat nfs_sec_nego(); static void usage(void);
*** 1250,1260 **** * we will set stronger security service as the default NFS * security mode. * */ if (nfs_getseconfig_default(&nfs_sec)) { ! pr_err(gettext("error getting default security entry\n")); return (-1); } args->flags |= NFSMNT_SECDEFAULT; } --- 1250,1261 ---- * we will set stronger security service as the default NFS * security mode. * */ if (nfs_getseconfig_default(&nfs_sec)) { ! pr_err(gettext("error getting default" ! " security entry\n")); return (-1); } args->flags |= NFSMNT_SECDEFAULT; }
*** 1313,1324 **** */ if (vers == NFS_V4 && syncaddr && host2netname(netname, hostname, NULL)) { args->syncaddr = malloc(sizeof (struct netbuf)); args->syncaddr->buf = malloc(syncaddr->len); ! (void) memcpy(args->syncaddr->buf, syncaddr->buf, ! syncaddr->len); args->syncaddr->len = syncaddr->len; args->syncaddr->maxlen = syncaddr->maxlen; args->netname = strdup(netname); args->flags |= NFSMNT_SECURE; } --- 1314,1325 ---- */ if (vers == NFS_V4 && syncaddr && host2netname(netname, hostname, NULL)) { args->syncaddr = malloc(sizeof (struct netbuf)); args->syncaddr->buf = malloc(syncaddr->len); ! (void) memcpy(args->syncaddr->buf, ! syncaddr->buf, syncaddr->len); args->syncaddr->len = syncaddr->len; args->syncaddr->maxlen = syncaddr->maxlen; args->netname = strdup(netname); args->flags |= NFSMNT_SECURE; }
*** 1443,1453 **** ((struct sockaddr_in *)tbind->addr.buf)->sin_port = port; else if (strcmp(nconf->nc_protofmly, NC_INET6) == 0) ((struct sockaddr_in6 *)tbind->addr.buf)->sin6_port = port; - } cl = clnt_tli_create(fd, nconf, &tbind->addr, prog, vers, 0, 0); if (cl == NULL) { /* --- 1444,1453 ----
*** 1481,1501 **** if (!snego_done) { /* * negotiate sec flavor. */ snego.cnt = 0; ! if ((sec = nfs_sec_nego(vers, cl, fspath, &snego)) == ! SNEGO_SUCCESS) { int jj; /* * check if server supports the one * specified in the sec= option. */ if (sec_opt) { for (jj = 0; jj < snego.cnt; jj++) { ! if (snego.array[jj] == nfs_sec.sc_nfsnum) { snego_done = TRUE; break; } } } --- 1481,1502 ---- if (!snego_done) { /* * negotiate sec flavor. */ snego.cnt = 0; ! if ((sec = nfs_sec_nego(vers, cl, ! fspath, &snego)) == SNEGO_SUCCESS) { int jj; /* * check if server supports the one * specified in the sec= option. */ if (sec_opt) { for (jj = 0; jj < snego.cnt; jj++) { ! if (snego.array[jj] == ! nfs_sec.sc_nfsnum) { snego_done = TRUE; break; } } }
*** 1504,1549 **** * find a common sec flavor */ if (!snego_done) { if (sec_opt) { pr_err(gettext( ! "Server does not support the security" " flavor specified.\n")); } for (jj = 0; jj < snego.cnt; jj++) { ! if (!nfs_getseconfig_bynumber(snego.array[jj], &nfs_sec)) { snego_done = TRUE; if (sec_opt) { pr_err(gettext( ! "Security flavor %d was negotiated and" ! " will be used.\n"), ! nfs_sec.sc_nfsnum); } break; } } ! } if (!snego_done) return (NULL); /* * Now that the flavor has been * negotiated, get the fh. * ! * First, create an auth handle using the negotiated ! * sec flavor in the next lookup to ! * fetch the filehandle. */ new_ah = nfs_create_ah(cl, hostname, &nfs_sec); if (new_ah == NULL) goto done; cl->cl_auth = new_ah; } else if (sec == SNEGO_ARRAY_TOO_SMALL || sec == SNEGO_FAILURE) { goto done; } /* * Note that if sec == SNEGO_DEF_VALID * default sec flavor is acceptable. * Use it to get the filehandle. */ --- 1505,1556 ---- * find a common sec flavor */ if (!snego_done) { if (sec_opt) { pr_err(gettext( ! "Server does not support" ! " the security" " flavor specified.\n")); } + for (jj = 0; jj < snego.cnt; jj++) { ! if (!nfs_getseconfig_bynumber( ! snego.array[jj], &nfs_sec)) { snego_done = TRUE; if (sec_opt) { pr_err(gettext( ! "Security flavor %d was negotiated and will be used.\n"), ! nfs_sec. ! sc_nfsnum); } + break; } } ! if (!snego_done) return (NULL); + } /* * Now that the flavor has been * negotiated, get the fh. * ! * First, create an auth handle using ! * the negotiated sec flavor in the ! * next lookup to fetch the filehandle. */ new_ah = nfs_create_ah(cl, hostname, &nfs_sec); if (new_ah == NULL) goto done; cl->cl_auth = new_ah; } else if (sec == SNEGO_ARRAY_TOO_SMALL || sec == SNEGO_FAILURE) { goto done; } + /* * Note that if sec == SNEGO_DEF_VALID * default sec flavor is acceptable. * Use it to get the filehandle. */
*** 1583,1593 **** fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p)); if (fh3p == NULL) { pr_err(gettext("no memory\n")); ! CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, (char *)res); goto done; } fh3p->fh3_length = res->WNL_LOOKUP3res_u.res_ok.object.data.data_len; --- 1590,1601 ---- fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p)); if (fh3p == NULL) { pr_err(gettext("no memory\n")); ! CLNT_FREERES(cl, xdr_WNL_LOOKUP3res, ! (char *)res); goto done; } fh3p->fh3_length = res->WNL_LOOKUP3res_u.res_ok.object.data.data_len;
*** 1740,1754 **** if ((port != 0) && ((strcmp(nconf->nc_protofmly, NC_INET) == 0 || strcmp(nconf->nc_protofmly, NC_INET6) == 0) && (strcmp(nconf->nc_proto, NC_TCP) != 0 && ! strcmp(nconf->nc_proto, NC_UDP) != 0))) ! continue; ! ! else { nb = get_the_addr(hostname, prog, vers, nconf, port, tinfo, fhp, get_pubfh, fspath, error); if (nb != NULL) --- 1748,1760 ---- if ((port != 0) && ((strcmp(nconf->nc_protofmly, NC_INET) == 0 || strcmp(nconf->nc_protofmly, NC_INET6) == 0) && (strcmp(nconf->nc_proto, NC_TCP) != 0 && ! strcmp(nconf->nc_proto, NC_UDP) != 0))) { continue; ! } else { nb = get_the_addr(hostname, prog, vers, nconf, port, tinfo, fhp, get_pubfh, fspath, error); if (nb != NULL)
*** 1777,1788 **** goto done; if ((nb = get_the_addr(hostname, prog, vers, nconf, port, tinfo, fhp, get_pubfh, fspath, error)) == NULL) goto done; - - } else { retry: SET_ERR_RET(error, ERR_NETPATH, 0); while (nconf = getnetpath(nc)) { SET_ERR_RET(error, ERR_PROTO_NONE, 0); --- 1783,1792 ----
*** 1796,1811 **** if (port == 0) break; if ((strcmp(nconf->nc_protofmly, NC_INET) == 0 || ! strcmp(nconf-> ! nc_protofmly, NC_INET6) == 0) && (strcmp(nconf->nc_proto, NC_TCP) == 0)) - break; } } if (nthtry == SECOND_TRY) { if (nconf->nc_semantics == --- 1800,1813 ---- if (port == 0) break; if ((strcmp(nconf->nc_protofmly, NC_INET) == 0 || ! strcmp(nconf->nc_protofmly, NC_INET6) == 0) && (strcmp(nconf->nc_proto, NC_TCP) == 0)) break; } } if (nthtry == SECOND_TRY) { if (nconf->nc_semantics ==
*** 1812,1832 **** NC_TPI_CLTS) { if (port == 0) break; if ((strcmp(nconf->nc_protofmly, NC_INET) == 0 || ! strcmp(nconf-> ! nc_protofmly, NC_INET6) ! == 0) && ! (strcmp( ! nconf->nc_proto, NC_UDP) == 0)) break; } } } } /* while */ if (nconf == NULL) { if (++nthtry <= MNT_PREF_LISTLEN) { endnetpath(nc); if ((nc = setnetpath()) == NULL) goto done; --- 1814,1833 ---- NC_TPI_CLTS) { if (port == 0) break; if ((strcmp(nconf->nc_protofmly, NC_INET) == 0 || ! strcmp(nconf->nc_protofmly, ! NC_INET6) == 0) && ! (strcmp(nconf->nc_proto, NC_UDP) == 0)) break; } } } } /* while */ + if (nconf == NULL) { if (++nthtry <= MNT_PREF_LISTLEN) { endnetpath(nc); if ((nc = setnetpath()) == NULL) goto done;
*** 1835,1844 **** --- 1836,1846 ---- goto done; } else { if ((nb = get_the_addr(hostname, prog, vers, nconf, port, tinfo, fhp, get_pubfh, fspath, error)) == NULL) { + /* nb is NULL - deal with errors */ if (error) { if (error->error_type == ERR_NOHOST) SET_ERR_RET(&errsave_nohost, error->error_type,
*** 2039,2050 **** int retval; SET_ERR_RET(&error, ERR_PROTO_NONE, 0); /* Let's hope for the best */ nfsvers_to_use = NFS_V4; ! retval = ! getaddr_nfs(args, fshost, nconfp, FALSE, fspath, port, &error, vers_min == NFS_V4); if (retval == RET_OK) { *versp = nfsvers_to_use = NFS_V4; fstype = MNTTYPE_NFS4; --- 2041,2051 ---- int retval; SET_ERR_RET(&error, ERR_PROTO_NONE, 0); /* Let's hope for the best */ nfsvers_to_use = NFS_V4; ! retval = getaddr_nfs(args, fshost, nconfp, FALSE, fspath, port, &error, vers_min == NFS_V4); if (retval == RET_OK) { *versp = nfsvers_to_use = NFS_V4; fstype = MNTTYPE_NFS4;
*** 2157,2171 **** } if ((errno = fhs.fhs_status) != MNT_OK) { if (loud_on_mnt_err) { if (errno == EACCES) { ! pr_err(gettext("%s:%s: access denied\n"), fshost, fspath); } else { ! pr_err(gettext("%s:%s: %s\n"), fshost, fspath, ! strerror(errno)); } } clnt_destroy(cl); return (RET_MNTERR); } --- 2158,2173 ---- } if ((errno = fhs.fhs_status) != MNT_OK) { if (loud_on_mnt_err) { if (errno == EACCES) { ! pr_err(gettext( ! "%s:%s: access denied\n"), fshost, fspath); } else { ! pr_err(gettext("%s:%s: %s\n"), ! fshost, fspath, strerror(errno)); } } clnt_destroy(cl); return (RET_MNTERR); }
*** 2210,2221 **** break; case MOUNTVERS3: *versp = nfsvers_to_use = NFS_V3; rpc_stat = clnt_call(cl, MOUNTPROC_MNT, xdr_dirpath, ! (caddr_t)&fspath, ! xdr_mountres3, (caddr_t)&mountres3, timeout); if (rpc_stat != RPC_SUCCESS) { pr_err(gettext("%s:%s: server not responding %s\n"), fshost, fspath, clnt_sperror(cl, "")); clnt_destroy(cl); return (RET_RETRY); --- 2212,2223 ---- break; case MOUNTVERS3: *versp = nfsvers_to_use = NFS_V3; rpc_stat = clnt_call(cl, MOUNTPROC_MNT, xdr_dirpath, ! (caddr_t)&fspath, xdr_mountres3, ! (caddr_t)&mountres3, timeout); if (rpc_stat != RPC_SUCCESS) { pr_err(gettext("%s:%s: server not responding %s\n"), fshost, fspath, clnt_sperror(cl, "")); clnt_destroy(cl); return (RET_RETRY);
*** 2239,2250 **** break; default: msg = strerror(errno); break; } ! pr_err(gettext("%s:%s: %s\n"), fshost, fspath, msg); } clnt_destroy(cl); return (RET_MNTERR); } fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p)); --- 2241,2255 ---- break; default: msg = strerror(errno); break; } ! ! pr_err(gettext("%s:%s: %s\n"), ! fshost, fspath, msg); } + clnt_destroy(cl); return (RET_MNTERR); } fh3p = (nfs_fh3 *)malloc(sizeof (*fh3p));
*** 2272,2306 **** * security flavor (by the client) in the auth list returned * from the server. * */ auths = ! mountres3.mountres3_u.mountinfo.auth_flavors.auth_flavors_val; count = ! mountres3.mountres3_u.mountinfo.auth_flavors.auth_flavors_len; if (sec_opt) { for (i = 0; i < count; i++) { if (auths[i] == nfs_sec.sc_nfsnum) break; } ! if (i >= count) { goto autherr; - } } else { if (count > 0) { for (i = 0; i < count; i++) { ! if (!nfs_getseconfig_bynumber(auths[i], &nfs_sec)) { sec_opt++; break; } } ! if (i >= count) { goto autherr; } } - } break; default: pr_err(gettext("%s:%s: Unknown MOUNT version %d\n"), fshost, fspath, outvers); clnt_destroy(cl); --- 2277,2313 ---- * security flavor (by the client) in the auth list returned * from the server. * */ auths = ! mountres3.mountres3_u.mountinfo.auth_flavors. ! auth_flavors_val; count = ! mountres3.mountres3_u.mountinfo.auth_flavors. ! auth_flavors_len; if (sec_opt) { for (i = 0; i < count; i++) { if (auths[i] == nfs_sec.sc_nfsnum) break; } ! if (i >= count) goto autherr; } else { if (count > 0) { for (i = 0; i < count; i++) { ! if (!nfs_getseconfig_bynumber(auths[i], ! &nfs_sec)) { sec_opt++; break; } } ! ! if (i >= count) goto autherr; } } break; default: pr_err(gettext("%s:%s: Unknown MOUNT version %d\n"), fshost, fspath, outvers); clnt_destroy(cl);
*** 2382,2393 **** switch (addr_error.error_type) { case 0: printed = 1; break; case ERR_RPCERROR: - if (!print_rpcerror) /* no error print at this time */ break; pr_err(gettext("%s NFS service not" " available %s\n"), fshost, clnt_sperrno(addr_error.error_value)); printed = 1; --- 2389,2400 ---- switch (addr_error.error_type) { case 0: printed = 1; break; case ERR_RPCERROR: /* no error print at this time */ + if (!print_rpcerror) break; pr_err(gettext("%s NFS service not" " available %s\n"), fshost, clnt_sperrno(addr_error.error_value)); printed = 1;
*** 2437,2446 **** --- 2444,2454 ---- "\n"), fshost); printed = 1; break; } } + SET_ERR_RET(error, addr_error.error_type, addr_error.error_value); if (addr_error.error_type == ERR_PROTO_NONE) return (RET_RETRY); else if (addr_error.error_type == ERR_RPCERROR &&