Commit 53a75f22 authored by Chuck Lever's avatar Chuck Lever Committed by Trond Myklebust

NFS: Fix NFSv2 security settings

For a while now any NFSv2 mount where sec= is specified uses
AUTH_NULL. If sec= is not specified, the mount uses AUTH_UNIX.
Commit e68fd7c8 ("mount: use sec= that was specified on the
command line") attempted to address a very similar problem with
NFSv3, and should have fixed this too, but it has a bug.

The MNTv1 MNT procedure does not return a list of security flavors,
so our client makes up a list containing just AUTH_NULL. This should
enable nfs_verify_authflavors() to assign the sec= specified flavor,
but instead, it incorrectly sets it to AUTH_NULL.

I expect this would also be a problem for any NFSv3 server whose
MNTv3 MNT procedure returned a security flavor list containing only
AUTH_NULL.

Fixes: e68fd7c8 ("mount: use sec= that was specified on ... ")
BugLink: https://bugzilla.linux-nfs.org/show_bug.cgi?id=310Signed-off-by: default avatarChuck Lever <chuck.lever@oracle.com>
Signed-off-by: default avatarTrond Myklebust <trond.myklebust@primarydata.com>
parent b79e87e0
...@@ -1691,8 +1691,8 @@ static int nfs_verify_authflavors(struct nfs_parsed_mount_data *args, ...@@ -1691,8 +1691,8 @@ static int nfs_verify_authflavors(struct nfs_parsed_mount_data *args,
rpc_authflavor_t *server_authlist, unsigned int count) rpc_authflavor_t *server_authlist, unsigned int count)
{ {
rpc_authflavor_t flavor = RPC_AUTH_MAXFLAVOR; rpc_authflavor_t flavor = RPC_AUTH_MAXFLAVOR;
bool found_auth_null = false;
unsigned int i; unsigned int i;
int use_auth_null = false;
/* /*
* If the sec= mount option is used, the specified flavor or AUTH_NULL * If the sec= mount option is used, the specified flavor or AUTH_NULL
...@@ -1701,6 +1701,10 @@ static int nfs_verify_authflavors(struct nfs_parsed_mount_data *args, ...@@ -1701,6 +1701,10 @@ static int nfs_verify_authflavors(struct nfs_parsed_mount_data *args,
* AUTH_NULL has a special meaning when it's in the server list - it * AUTH_NULL has a special meaning when it's in the server list - it
* means that the server will ignore the rpc creds, so any flavor * means that the server will ignore the rpc creds, so any flavor
* can be used but still use the sec= that was specified. * can be used but still use the sec= that was specified.
*
* Note also that the MNT procedure in MNTv1 does not return a list
* of supported security flavors. In this case, nfs_mount() fabricates
* a security flavor list containing just AUTH_NULL.
*/ */
for (i = 0; i < count; i++) { for (i = 0; i < count; i++) {
flavor = server_authlist[i]; flavor = server_authlist[i];
...@@ -1709,11 +1713,11 @@ static int nfs_verify_authflavors(struct nfs_parsed_mount_data *args, ...@@ -1709,11 +1713,11 @@ static int nfs_verify_authflavors(struct nfs_parsed_mount_data *args,
goto out; goto out;
if (flavor == RPC_AUTH_NULL) if (flavor == RPC_AUTH_NULL)
use_auth_null = true; found_auth_null = true;
} }
if (use_auth_null) { if (found_auth_null) {
flavor = RPC_AUTH_NULL; flavor = args->auth_info.flavors[0];
goto out; goto out;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment