There were 2 things wrong with auth flavour ordering:

- Mountd used to advertise AUTH_NULL as the first flavour on
  the list, which means that it prefers AUTH_NULL to anything
  else (as per RFC 2623 section 2.7).
- Mount.nfs used to scan the returned list in reverse order,
  and stopping at the first AUTH_NULL or AUTH_SYS encountered.
  If a server advertises (AUTH_SYS, AUTH_NULL), it will by
  default choose AUTH_NULL and have degraded access.

I've fixed mount.nfs to scan from the beginning. For mountd,
it does not advertise AUTH_NULL anymore. This is necessary
to avoid backward compatibility issue. If AUTH_NULL appears
in the list, either the new or the old client will choose
that over AUTH_SYS.

Tested the server/client combination against the previous
versions, as well as Solaris and FreeBSD.

Signed-off-by: bc Wong <bcwong@cisco.com>
Signed-off-by: Steve Dickson <steved@redhat.com>

diff --git a/utils/mount/nfsmount.c b/utils/mount/nfsmount.c
index d1d43c661e41555eb7ea6aa0448f69e5c8ffefb4..ff0ff9307a9b3655f8cc360a147d89c6c53d3576 100644 (file)
--- a/utils/mount/nfsmount.c
+++ b/utils/mount/nfsmount.c
@@ -738,7 +738,7 @@ nfsmount(const char *spec, const char *node, int flags,
 #if NFS_MOUNT_VERSION >= 4
                mountres3_ok *mountres;
                fhandle3 *fhandle;
-               int i, *flavor, yum = 0;
+               int i,  n_flavors, *flavor, yum = 0;
                if (mntres.nfsv3.fhs_status != 0) {
                        nfs_error(_("%s: %s:%s failed, reason given by server: %s"),
                                        progname, hostname, dirname,
@@ -747,13 +747,16 @@ nfsmount(const char *spec, const char *node, int flags,
                }
 #if NFS_MOUNT_VERSION >= 5
                mountres = &mntres.nfsv3.mountres3_u.mountinfo;
-               i = mountres->auth_flavors.auth_flavors_len;
-               if (i <= 0)
+               n_flavors = mountres->auth_flavors.auth_flavors_len;
+               if (n_flavors <= 0)
                        goto noauth_flavors;
 
                flavor = mountres->auth_flavors.auth_flavors_val;
-               while (--i >= 0) {
-                       /* If no flavour requested, use first simple
+               for (i = 0; i < n_flavors; ++i) {
+                       /*
+                        * Per RFC2623, section 2.7, we should prefer the
+                        * flavour listed first.
+                        * If no flavour requested, use the first simple
                         * flavour that is offered.
                         */
                        if (! (data.flags & NFS_MOUNT_SECFLAVOUR) &&

diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index 63d5ce1797edd65e01f5d38819377ab4d5eb2ae8..8137f7f7329f40d1cbab352c23ff311e34acee06 100644 (file)
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -342,7 +342,14 @@ mount_mnt_3_svc(struct svc_req *rqstp, dirpath *path, mountres3 *res)
 #define AUTH_GSS_KRB5 390003
 #define AUTH_GSS_KRB5I 390004
 #define AUTH_GSS_KRB5P 390005
-       static int      flavors[] = { AUTH_NULL, AUTH_UNIX, AUTH_GSS_KRB5, AUTH_GSS_KRB5I, AUTH_GSS_KRB5P};
+       static int      flavors[] = { AUTH_UNIX, AUTH_GSS_KRB5, AUTH_GSS_KRB5I, AUTH_GSS_KRB5P};
+       /*
+        * We should advertise the preferred flavours first. (See RFC 2623
+        * section 2.7.) AUTH_UNIX is arbitrarily ranked over the GSS's.
+        * AUTH_NULL is dropped from the list to avoid backward compatibility
+        * issue with older Linux clients, who inspect the list in reversed
+        * order.
+        */
        struct nfs_fh_len *fh;
 
        xlog(D_CALL, "MNT3(%s) called", *path);