summaryrefslogtreecommitdiffstats
path: root/utils/gssd/svcgssd_proc.c
Commit message (Collapse)AuthorAgeFilesLines
* Error check messages sent to the kernel.Neil Brown2007-01-111-2/+3
| | | | | | And make sure that if we fail to export a filesystem in mountd, then we don't try to get a filehandle on it, or a deadlock might occur.
* Use uid/gid of -1 to indicate the export's anonuid/anongid should be usedKevin Coffman2006-07-081-2/+5
| | | | | | | | | | | Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the value -1 and defaults the credential's fsuid/fsgid to the correct anonuid/anongid values for the given export. We should be passing this value (-1) down when a name mapping cannot be found. Thanks to J. Bruce Fields <bfields@fieldses.org> for the reference. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Acked-by: J. Bruce Fields <bfields@fieldses.org>
* Use 65534 instead of -2 in svcgssd_proc.cNeil Brown2006-07-061-4/+3
| | | | as this is more consistant across achitectures.
* Handle mapping failure from get_ids.kwc@citi.umich.edu2006-07-041-2/+15
| | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Temporary patch to do default mapping if we get an error while trying to map a gss principal to the appropriate uid/gid. This currently returns hardcoded values. This may be correct, or we may need to try and figure out the correct values to match the anonuid/anongid for the export.
* Properly report errors in readline() functionkwc@citi.umich.edu2006-07-041-1/+1
| | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Change message priorities for errors and debug messages.
* 2006-04-10 NeilBrown <neilb@suse.de>neilbrown2006-04-101-1/+2
| | | | | | | | | | | | | Various paranoia checks: gssd_proc.c: pass max_field sizes to sscanf to avoid buffer overflow svcgssd_proc.c: range_check name.length, to ensure name.length+1 doesn't wrap idmapd.c(nfsdcb): make sure at least one byte is read before zeroing the last byte that was read, otherwise memory corruption is possible. Found by SuSE security audit.
* 2006-04-10 kwc@citi.umich.eduneilbrown2006-04-091-0/+13
| | | | | | Plug memory leaks in svcgssd Various memory leaks in the svcgssd context processing are eliminated.
* Remove unused groups variable from get_ids() which was causing a compiler ↵neilbrown2006-03-281-1/+0
| | | | | | warning. (really this time)
* Update krb5 code to use glue routine lucid context functionsneilbrown2006-03-281-1/+1
| | | | | | | | | | | The gssd code should not know about the glue layer's context structure. A previous patch added gss_export_lucid_sec_context() and gss_free_lucid_sec_context() functions to the gssapi glue layer. Use these functions rather than calling directly to the Kerberos gssapi code (which requires the Kerberos context handle rather than the glue's context handle). (really this time)
* Fix up the svcgss mess I made, and run autoconf/automakeneilbrown2006-03-271-0/+388
generated by cgit (git 2.34.1) at 2025-09-25 16:19:25 +0000