- /* XXX: should use same mapping as idmapd? Or something; for now
- * I'm just chopping off the domain. */
- /* XXX: note that idmapd also does this! It doesn't check the domain
- * name. */
- if ((c = strchr(sname, '@')) != NULL)
- *c = '\0';
- /* XXX? mapping unknown users (including machine creds) to nobody: */
- if ( !(pw = getpwnam(sname)) && !(pw = getpwnam("nobody")) )
- goto out;
- cred->cr_uid = pw->pw_uid;
- cred->cr_gid = pw->pw_gid;
- /* XXX Read password file? Use initgroups? I dunno...*/
- cred->cr_groups[0] = NOGROUP;
+
+ res = -EINVAL;
+ if ((secname = mech2file(mech)) == NULL)
+ goto out_free;
+ nfs4_init_name_mapping(NULL); /* XXX: should only do this once */
+ res = nfs4_gss_princ_to_ids(secname, sname, &uid, &gid);
+ if (res < 0)
+ goto out_free;
+ cred->cr_uid = uid;
+ cred->cr_gid = gid;
+ /*XXX: want add_supplementary_groups(secname, sname, cred)? */
+ cred->cr_ngroups = 0;