return -1;
}
*bp = '\0';
- printerr(1, "writing message: %s", buf);
+ printerr(3, "writing message: %s", buf);
if (write(g, buf, bp - buf) == -1) {
printerr(0, "WARNING: failed to write message\n");
close(g);
maj_stat, min_stat, mech);
goto out;
}
- if (!(sname = calloc(name.length + 1, 1))) {
+ if (name.length >= 0xffff || /* be certain name.length+1 doesn't overflow */
+ !(sname = calloc(name.length + 1, 1))) {
printerr(0, "WARNING: get_ids: error allocating %d bytes "
"for sname\n", name.length + 1);
gss_release_buffer(&min_stat, &name);
nfs4_init_name_mapping(NULL); /* XXX: should only do this once */
res = nfs4_gss_princ_to_ids(secname, sname, &uid, &gid);
if (res < 0) {
- printerr(0, "WARNING: get_ids: unable to map "
- "name '%s' to a uid\n", sname);
+ /*
+ * -ENOENT means there was no mapping, any other error
+ * value means there was an error trying to do the
+ * mapping.
+ * If there was no mapping, we send down the value -1
+ * to indicate that the anonuid/anongid for the export
+ * should be used.
+ */
+ if (res == -ENOENT) {
+ cred->cr_uid = -1;
+ cred->cr_gid = -1;
+ cred->cr_ngroups = 0;
+ res = 0;
+ goto out_free;
+ }
+ printerr(0, "WARNING: get_ids: failed to map name '%s' "
+ "to uid/gid: %s\n", sname, strerror(-res));
goto out_free;
}
cred->cr_uid = uid;