diff options
| author | bc Wong <bcwong@cisco.com> | 2008-03-18 09:30:44 -0400 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2008-03-18 09:30:44 -0400 |
| commit | 3c1bb23c0379864722e79d19f74c180edcf2c36e (patch) | |
| tree | b7f9d9440a94798465d88c3f26f10bd35877d72a /utils/exportfs | |
| parent | 3aeea1c463420aaab447ab61333f5e82bc5c241b (diff) | |
| download | nfs-utils-3c1bb23c0379864722e79d19f74c180edcf2c36e.tar.gz nfs-utils-3c1bb23c0379864722e79d19f74c180edcf2c36e.tar.xz nfs-utils-3c1bb23c0379864722e79d19f74c180edcf2c36e.zip | |
There were 2 things wrong with auth flavour ordering:
- Mountd used to advertise AUTH_NULL as the first flavour on
the list, which means that it prefers AUTH_NULL to anything
else (as per RFC 2623 section 2.7).
- Mount.nfs used to scan the returned list in reverse order,
and stopping at the first AUTH_NULL or AUTH_SYS encountered.
If a server advertises (AUTH_SYS, AUTH_NULL), it will by
default choose AUTH_NULL and have degraded access.
I've fixed mount.nfs to scan from the beginning. For mountd,
it does not advertise AUTH_NULL anymore. This is necessary
to avoid backward compatibility issue. If AUTH_NULL appears
in the list, either the new or the old client will choose
that over AUTH_SYS.
Tested the server/client combination against the previous
versions, as well as Solaris and FreeBSD.
Signed-off-by: bc Wong <bcwong@cisco.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
Diffstat (limited to 'utils/exportfs')
0 files changed, 0 insertions, 0 deletions