115 lines
3.6 KiB
Diff
115 lines
3.6 KiB
Diff
--- mount/nfsmount.c.orig 2006-03-17 19:42:33.000000000 +1100
|
|
+++ mount/nfsmount.c 2006-03-17 19:56:55.000000000 +1100
|
|
@@ -119,8 +119,10 @@ find_kernel_nfs_mount_version(void) {
|
|
nfs_mount_version = 4; /* since 2.2.18pre9 */
|
|
else if (kernel_version < MAKE_VERSION(2,3,99))
|
|
nfs_mount_version = 3;
|
|
+ else if (kernel_version < MAKE_VERSION(2,6,3))
|
|
+ nfs_mount_version = 4;
|
|
else
|
|
- nfs_mount_version = 4; /* since 2.3.99pre4 */
|
|
+ nfs_mount_version = 6;
|
|
}
|
|
if (nfs_mount_version > NFS_MOUNT_VERSION)
|
|
nfs_mount_version = NFS_MOUNT_VERSION;
|
|
@@ -320,7 +322,6 @@ int nfsmount(const char *spec, const cha
|
|
#if NFS_MOUNT_VERSION >= 2
|
|
data.namlen = NAME_MAX;
|
|
#endif
|
|
-
|
|
bg = 0;
|
|
soft = 0;
|
|
intr = 0;
|
|
@@ -402,6 +403,38 @@ int nfsmount(const char *spec, const cha
|
|
printf(_("Warning: Option namlen is not supported.\n"));
|
|
} else if (!strcmp(opt, "addr")) {
|
|
/* ignore */;
|
|
+#if NFS_MOUNT_VERSION >= 5
|
|
+ } else if (!strcmp(opt, "sec")) {
|
|
+ char *secflavor = opteq+1;
|
|
+ /* see RFC 2623 */
|
|
+ if (nfs_mount_version < 5) {
|
|
+ printf(_("Warning: this version of mount(1) does not support RPCSEC_GSS, ignoring sec=%s option\n"), secflavor);
|
|
+ continue;
|
|
+ } else if (!strcmp(secflavor, "sys"))
|
|
+ data.pseudoflavor = AUTH_SYS;
|
|
+ else if (!strcmp(secflavor, "krb5"))
|
|
+ data.pseudoflavor = AUTH_GSS_KRB5;
|
|
+ else if (!strcmp(secflavor, "krb5i"))
|
|
+ data.pseudoflavor = AUTH_GSS_KRB5I;
|
|
+ else if (!strcmp(secflavor, "krb5p"))
|
|
+ data.pseudoflavor = AUTH_GSS_KRB5P;
|
|
+ else if (!strcmp(secflavor, "lipkey"))
|
|
+ data.pseudoflavor = AUTH_GSS_LKEY;
|
|
+ else if (!strcmp(secflavor, "lipkey-i"))
|
|
+ data.pseudoflavor = AUTH_GSS_LKEYI;
|
|
+ else if (!strcmp(secflavor, "lipkey-p"))
|
|
+ data.pseudoflavor = AUTH_GSS_LKEYP;
|
|
+ else if (!strcmp(secflavor, "spkm3"))
|
|
+ data.pseudoflavor = AUTH_GSS_SPKM;
|
|
+ else if (!strcmp(secflavor, "spkm3i"))
|
|
+ data.pseudoflavor = AUTH_GSS_SPKMI;
|
|
+ else if (!strcmp(secflavor, "spkm3p"))
|
|
+ data.pseudoflavor = AUTH_GSS_SPKMP;
|
|
+ else if(!sloppy) {
|
|
+ printf(_("Warning: Unrecognized security flavor %s.\n"), secflavor);
|
|
+ goto fail;
|
|
+ }
|
|
+#endif
|
|
} else {
|
|
printf(_("unknown nfs mount parameter: "
|
|
"%s=%d\n"), opt, val);
|
|
@@ -474,6 +507,11 @@ retry_udp:
|
|
data.flags |= (noacl ? NFS_MOUNT_NOACL : 0);
|
|
}
|
|
#endif
|
|
+#if NFS_MOUNT_VERSION >= 5
|
|
+ if ((nfs_mount_version >= 5) && data.pseudoflavor) {
|
|
+ data.flags |= NFS_MOUNT_SECFLAVOUR;
|
|
+ }
|
|
+#endif
|
|
if (nfsvers > MAX_NFSPROT) {
|
|
fprintf(stderr, "NFSv%d not supported!\n", nfsvers);
|
|
return 0;
|
|
@@ -510,6 +548,9 @@ retry_udp:
|
|
printf("tcp = %d\n",
|
|
(data.flags & NFS_MOUNT_TCP) != 0);
|
|
#endif
|
|
+#if NFS_MOUNT_VERSION >= 5
|
|
+ printf("sec = %u\n", data.pseudoflavor);
|
|
+#endif
|
|
#endif
|
|
|
|
data.version = nfs_mount_version;
|
|
@@ -717,6 +758,30 @@ retry_udp:
|
|
nfs_strerror(status.nfsv3.fhs_status));
|
|
goto fail;
|
|
}
|
|
+#if NFS_MOUNT_VERSION >= 5
|
|
+ if (data.pseudoflavor) {
|
|
+ mountres3_ok *mountres = &status.nfsv3.mountres3_u.mountinfo;
|
|
+ int i = mountres->auth_flavours.auth_flavours_len;
|
|
+
|
|
+ if (i > 0) {
|
|
+ int *flavor = mountres->auth_flavours.auth_flavours_val;
|
|
+ while (--i >= 0) {
|
|
+ if (flavor[i] == data.pseudoflavor) {
|
|
+ break;
|
|
+ }
|
|
+ }
|
|
+
|
|
+ if (i < 0) {
|
|
+ fprintf(stderr,
|
|
+ "mount: %s:%s failed, security flavor not supported\n",
|
|
+ hostname, dirname);
|
|
+ mountproc3_umnt_3(&dirname,mclient);
|
|
+ goto fail;
|
|
+ }
|
|
+ }
|
|
+ }
|
|
+#endif
|
|
+
|
|
fhandle = &status.nfsv3.mountres3_u.mountinfo.fhandle;
|
|
memset(data.old_root.data, 0, NFS_FHSIZE);
|
|
memset(&data.root, 0, sizeof(data.root));
|