Author: rmacklem
Date: Sat Apr 23 21:18:45 2016
New Revision: 298523
URL: https://svnweb.freebsd.org/changeset/base/298523
Log:
Allow the NFSv4 server to reply NFSERR_WRONGSEC for the SetClientID operation.
It was reported via email that a Linux client couldn't do a Kerberized
NFS mount when only "sec=krb5" was specified for the exports. The Linux
client attempted a mount via krb5i and the server replied NFSERR_SERVERFAULT.
Although NFSERR_WRONGSEC isn't listed as an error for SetClientID, I
think it is the correct reply, so this patch enables that.
I do not know if this fixes the mount attempt, but adding "krb5i" to the
list of allowed security flavours does allow the mount to work.
Reported by: j...@spectralogic.com
MFC after: 2 weeks
Modified:
head/sys/fs/nfsserver/nfs_nfsdsubs.c
Modified: head/sys/fs/nfsserver/nfs_nfsdsubs.c
==============================================================================
--- head/sys/fs/nfsserver/nfs_nfsdsubs.c Sat Apr 23 20:45:52 2016
(r298522)
+++ head/sys/fs/nfsserver/nfs_nfsdsubs.c Sat Apr 23 21:18:45 2016
(r298523)
@@ -1144,6 +1144,7 @@ static short nfsv4err_setclientid[] = {
NFSERR_INVAL,
NFSERR_RESOURCE,
NFSERR_SERVERFAULT,
+ NFSERR_WRONGSEC,
0,
};
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
