• Chuck Lever's avatar
    NFS: Fix NFSv2 security settings · 53a75f22
    Chuck Lever authored
    For a while now any NFSv2 mount where sec= is specified uses
    AUTH_NULL. If sec= is not specified, the mount uses AUTH_UNIX.
    Commit e68fd7c8 ("mount: use sec= that was specified on the
    command line") attempted to address a very similar problem with
    NFSv3, and should have fixed this too, but it has a bug.
    
    The MNTv1 MNT procedure does not return a list of security flavors,
    so our client makes up a list containing just AUTH_NULL. This should
    enable nfs_verify_authflavors() to assign the sec= specified flavor,
    but instead, it incorrectly sets it to AUTH_NULL.
    
    I expect this would also be a problem for any NFSv3 server whose
    MNTv3 MNT procedure returned a security flavor list containing only
    AUTH_NULL.
    
    Fixes: e68fd7c8 ("mount: use sec= that was specified on ... ")
    BugLink: https://bugzilla.linux-nfs.org/show_bug.cgi?id=310Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
    Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
    53a75f22
super.c 75.5 KB