Chuck Lever [Thu, 16 Sep 2010 17:44:02 +0000 (13:44 -0400)]
mountd: Support IPv6 in mountd's svc routines
Replace IPv4-specific code with use of our generic hostname helpers
in the routines that handle incoming MNT RPC requests.
These functions will support IPv6 without additional changes, once
IPv6 is enabled in the generic hostname helpers.
As part of this update, I've modified all of mountd's _svc routines
to use a debug message format that is consistent with statd. It may
be overkill for some of these; if so we can pull them out later.
Chuck Lever [Thu, 16 Sep 2010 13:32:52 +0000 (09:32 -0400)]
libnfs.a: Fix API for getfh() & friends
This is more of a clean-up than a behavioral change.
POSIX requires that a "struct sockaddr" is the same size as a "struct
sockaddr_in". Therefore, a variable or field of type "struct sockaddr"
cannot contain an AF_INET6 address. However, "struct sockaddr *" is
often used to reference a generic (ie non-address family specific)
socket address, generating some confusion about this.
The nfsctl_arg struct uses a struct sockaddr (not a pointer) to pass
the client's IP address to the kernel. This means the legacy nfsctl()
kernel API can never support IPv6. Fortunately for us, this legacy
interface was replaced by a text-based cache interface a few years
back. We don't need to support non-AF_INET addresses here.
The getfh() functions in nfs-utils provide a handy C API for the
kernel's nfsctl interface. The getfh() functions still take a struct
sockaddr *, though, and that can imply that a non-IPv4 address can be
passed via this API. To make it abundantly clear that only IPv4
addresses can be used with this interface, change the synopses of
getfh() and friends to take a struct sockaddr_in * instead of a struct
sockaddr * .
This makes these functions conform with other places in mountd and
exportfs that already grok the difference between a struct sockaddr
and a struct sockaddr_in.
While we're here...
Introduce some nice documenting comments for the get_fh() functions,
and...
Since mountd will support IPv6 in the near future, assert that the
family of client addresses passed to this API is indeed AF_INET, in
order to prevent non-AF_INET addresses from ever being passed to the
legacy nfsctl() interface.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Thu, 16 Sep 2010 11:26:07 +0000 (07:26 -0400)]
mount.nfs: Refactor mount version and protocol autonegotiation
Clean up.
I'm beginning to agree with Bruce and Steve's assessment that the
fallthrough switch case in nfs_try_mount() is more difficult to read
and understand than it needs to be. The logic that manages
negotiating NFS version and protocol settings is getting more complex
over time anyway.
So let's split the autonegotiation piece out of nfs_try_mount().
We can reduce indenting, and use cleaner switch-based logic. Also,
adding more comments can only help.
Neil also suggested replacing the pre-call "errno = 0" trick. The
lower-level functions may try to mount several times (given a list of
addresses to try). errno could be set by any of those. The mount
request will succeed at some point, and "success" is returned, but
errno is still set to some non-zero value.
The kernel version check in nfs_try_mount() is more or less loop
invariant: it's impossible for the result of that test to change
between retries. So we should be able to safely move it to the logic
that sets the initial value of mi->version.
This patch is not supposed to cause a behavioral change.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Wed, 8 Sep 2010 17:28:24 +0000 (13:28 -0400)]
mount.nfs: Prepare way for "vers=4,rdma" mounts
At some point, when the kernel starts to support "vers=4,rdma" mounts,
we will want the mount.nfs command to pass "vers=4,rdma" mounts
instead of rejecting them.
Assuming that the kernel will reject these today with EPROTONOSUPPORT,
that would cause the version fallback logic to go to "vers=3,rdma"
automatically. So the extra check we have now is not needed anyway.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Wed, 8 Sep 2010 17:27:31 +0000 (13:27 -0400)]
mount.nfs: Support an "rdma" mount option
The kernel NFS client's mount option parser recognizes a stand-alone
"rdma" mount option, similar to the legacy "udp" and "tcp" options.
The mount.nfs command text-based mount option parser used to pass
"rdma" straight to the kernel, but since we've started handling MNT in
the kernel instead of in user space, "rdma" on the command line has
not worked.
Until now, no-one has noticed, especially since an "rdma" mount option
isn't documented in nfs(5).
Support "rdma" in mount.nfs command, and document it in nfs(5).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Wed, 8 Sep 2010 17:25:56 +0000 (13:25 -0400)]
getport: Recognize "rdma" and "rdma6" netid
The mount.nfs command must recognize the values of "rdma" and "rdma6"
with the "proto=" mount option. Typically the mount.nfs command
relies on libtirpc or getprotobyname(3) to recognize netids and
translate them to protocol numbers.
RFCs 5665 and 5666 define the "rdma" and "rdma6" netids. IANA defines
a specific port number for NFS over RDMA (20049), but has not provided
a protocol name and number for RDMA transports, and is not expected
to. The best we can do is translate these by hand, as needed, to get
RDMA mount requests to the kernel without erroring out.
Only the forward translation is needed until such time that "rdma" and
"rdma6" start to appear in rpcbind registries. For now, the version
and transport negotiation logic is skipped, avoiding rpcbind queries
for RDMA mounts.
Note: As of kernel 2.6.36, the kernel's NFS over RDMA transport
capability does not support IPv6.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Thu, 9 Sep 2010 14:27:17 +0000 (10:27 -0400)]
libexport.a: Refactor init_netmask()
Instead of a single function that can handle both AF_INET and AF_INET6
addresses, two separate functions might be cleaner.
The original plan was to keep code redundancy at a minimum, but the
resulting code was cumbersome at best. I think I've traded a little
extra code for something that will be much easier to read, understand,
and maintain.
I've also eliminated the "#if / #endif" instances inside the functions.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 31 Aug 2010 19:30:14 +0000 (15:30 -0400)]
libexport.a: IPv6 support for client_init_subnet()
To parse and store an IPv6 host or subnet address, init_netmask()
needs to handle 128 bit subnet masks.
Unfortunately what once was a pretty simple little function has grown
much larger. This logic must now not only parse IPv6 addresses
correctly, but must also distinguish between IPv4 and IPv6.
To avoid code duplication, I'm "bending" the cardinal rule of not
using "#ifdef" inside functions.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 31 Aug 2010 19:29:02 +0000 (15:29 -0400)]
libexport.a: Prepare init_subnetwork() for IPv6 support
Retire the slash32 logic in inet_netmask() in favor of a more generic
netmask parser that can support IPv6 addresses.
If an invalid IP address string is given to inet_addr(3), it returns
INADDR_NONE, which is actually a "valid" address (255.255.255.255).
We're none the wiser to the substitution until something breaks later.
This patch provides better sanity checking of the parsed address, now
that such an error can be reported to client_init()'s callers.
We can also check the prefixlen value a little more carefully as well.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 31 Aug 2010 19:27:19 +0000 (15:27 -0400)]
libexport.a: Use host helper to parse address in client_init()
Take the first step towards making it possible to parse either IPv4 or
IPv6 addresses in client_init(). It won't handle IPv6 until
host_pton() has IPv6 support enabled, and it still doesn't deal with
IPv6 netmasks yet.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 31 Aug 2010 19:25:35 +0000 (15:25 -0400)]
libexport.a: Prepare to recognize IPv6 addresses in client_gettype()
The current open-coded parsing logic in client_gettype() will be hard
to modify to recognize IPv6 addresses. Use a more generic mechanism
for detecting IP presentation addresses.
IPv6 will be enabled automatically in client_gettype() when host_pton()
is changed to support IPv6 addresses.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 24 Aug 2010 11:19:34 +0000 (07:19 -0400)]
exportfs: Use xlog() for error reporting
exportfs already invokes xlog_open() because libexport.a uses xlog()
exclusively for error reporting and debugging messages. If we can
use xlog() throughout exportfs itself, that enables xlog debugging
messages everywhere in the code path.
In addition, use xlog() instead of fprintf(stderr) for reporting
errors in exportfs.c, to be consistent with libexport.a and other
components of nfs-utils.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 24 Aug 2010 11:16:10 +0000 (07:16 -0400)]
statd: statd fails to monitor if no reverse mapping of mon_name exists
Commit 8ce130c4 switched in the new statd_canonical_name() function
that constructs a "unique" name statd can use to uniquely identify a
monitor record.
The legacy statd would monitor a client that sent an IP address with
no reverse map as its caller_name. To remain bug-for-bug compatible,
allow this case in the new statd.
This shouldn't be a problem: statd_canonical_name() needs to create
a unique name for the monitored host so it can keep track of monitor
requests from the same remote. The IP address itself should work as
well as the host's canonical name, in case there is no reverse
mapping.
We still enforce the requirement that a mon_name that is a DNS name
must have a forward map to an IP address.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 24 Aug 2010 11:13:54 +0000 (07:13 -0400)]
libexport: Fix IP address check in check_netgroup()
Neil Brown reports that recent changes to replace
gethostby{addr,name}(3) with get{addr,info}name(3) may have
inadvertently broken netgroup support.
There used to be a gethostbyaddr(3) call in the third paragraph in
check_netgroup(). The reason for that gethostbyaddr(3) call was that
the first innetgr(3) call has already confirmed that hname is not a
member of the netgroup. We also need to confirm that, if hname
happens to be an IP address, the hostname bound to that IP address is
not a member of the netgroup, either.
Fix this by restoring appropriate address to hostname mapping of hname
before retrying the innetgr(3) call.
Steve Dickson [Wed, 4 Aug 2010 14:41:18 +0000 (10:41 -0400)]
Removed warnings from idmapd.c
idmapd.c:120: warning: missing initializer
idmapd.c:120: warning: (near initialization for 'nfsd_ic[0].ic_event')
idmapd.c:121: warning: missing initializer
idmapd.c:121: warning: (near initialization for 'nfsd_ic[1].ic_event')
idmapd.c: In function 'flush_nfsd_cache':
idmapd.c:173: warning: comparison between signed and unsigned integer expressions
idmapd.c: In function 'dirscancb':
idmapd.c:384: warning: unused parameter 'fd'
idmapd.c:384: warning: unused parameter 'which'
idmapd.c: In function 'svrreopen':
idmapd.c:468: warning: unused parameter 'fd'
idmapd.c:468: warning: unused parameter 'which'
idmapd.c:468: warning: unused parameter 'data'
idmapd.c: In function 'clntscancb':
idmapd.c:474: warning: unused parameter 'fd'
idmapd.c:474: warning: unused parameter 'which'
idmapd.c: In function 'nfsdcb':
idmapd.c:488: warning: unused parameter 'fd'
idmapd.c: In function 'nfscb':
idmapd.c:663: warning: unused parameter 'fd'
idmapd.c: In function 'validateascii':
idmapd.c:850: warning: comparison between signed and unsigned integer expressions
idmapd.c:858: warning: comparison between signed and unsigned integer expressions
idmapd.c: In function 'getfield':
idmapd.c:916: warning: comparison between signed and unsigned integer expressions
Steve Dickson [Wed, 4 Aug 2010 14:26:13 +0000 (10:26 -0400)]
Removed warnings from svcgssd_proc.c
svcgssd_proc.c: In function 'send_response':
svcgssd_proc.c:135: warning: unused parameter 'f'
svcgssd_proc.c: In function 'handle_nullreq':
svcgssd_proc.c:434: warning: comparison of unsigned expression < 0 is always false
Steve Dickson [Tue, 20 Jul 2010 22:13:45 +0000 (18:13 -0400)]
Removed warnings from gssd_proc.c
gssd_proc.c: In function 'create_auth_rpc_client':
gssd_proc.c:939: warning: comparison between signed and unsigned integer expressions
gssd_proc.c:939: warning: comparison between signed and unsigned integer expressions
gssd_proc.c: In function 'handle_krb5_upcall':
gssd_proc.c:1164: warning: comparison between signed and unsigned integer expressions
gssd_proc.c: In function 'handle_spkm3_upcall':
gssd_proc.c:1178: warning: comparison between signed and unsigned integer expressions
Steve Dickson [Tue, 20 Jul 2010 22:08:13 +0000 (18:08 -0400)]
Removed warnings from krb5_util.c
krb5_util.c: In function 'realm_and_service_match':
krb5_util.c:617: warning: unused parameter 'context'
krb5_util.c: In function 'limit_krb5_enctypes':
krb5_util.c:1275: warning: unused parameter 'uid'
Steve Dickson [Mon, 19 Jul 2010 18:54:51 +0000 (14:54 -0400)]
Removed warnings from nfsstat.c
nfsstat.c: In function 'print_callstats':
nfsstat.c:797: warning: comparison between signed and unsigned integer
expressions
nfsstat.c:801: warning: comparison between signed and unsigned integer
expressions
nfsstat.c:802: warning: comparison between signed and unsigned integer
expressions
nfsstat.c:805: warning: comparison between signed and unsigned integer
expressions
nfsstat.c: In function 'print_callstats_list':
nfsstat.c:821: warning: comparison between signed and unsigned integer
expressions
nfsstat.c:828: warning: comparison between signed and unsigned integer
expressions
nfsstat.c: In function 'unpause':
nfsstat.c:1111: warning: unused parameter 'sig' Signed-off-by: Steve Dickson <steved@redhat.com>
Steve Dickson [Mon, 19 Jul 2010 18:48:37 +0000 (14:48 -0400)]
Removed warnings from nfssvc.c
nfssvc.c:184: warning: comparison between signed and unsigned integer expressions
nfssvc.c: In function 'nfssvc_setvers':
nfssvc.c:254: warning: comparison between signed and unsigned integer expressions
nfssvc.c: In function 'nfssvc_threads':
nfssvc.c:280: warning: comparison between signed and unsigned integer expressions
Steve Dickson [Mon, 19 Jul 2010 16:17:24 +0000 (12:17 -0400)]
Removed warnings from rpcdispatch.c
rpcdispatch.c: In function 'rpc_dispatch':
rpcdispatch.c:30: warning: comparison between signed and unsigned
integer expressions
rpcdispatch.c:35: warning: comparison between signed and unsigned
integer expressions
Doug Nazar [Mon, 19 Jul 2010 15:08:46 +0000 (11:08 -0400)]
gssd: picking wrong creds
When not using machine credentials for root, if the machine
credential cache file is newer than the root credential file
the wrong file will get picked. Ignore the machine file in
this case.
Chuck Lever [Mon, 19 Jul 2010 14:09:12 +0000 (10:09 -0400)]
nfs-utils: Fix C aliasing rules violation in nfs_getrpccaller()
Squelch compiler warnings reported with -Wextra:
In file included from statd.c:24:
../../support/include/rpcmisc.h: In function nfs_getrpccaller_in:
../../support/include/rpcmisc.h:58: warning: dereferencing type-punned
pointer might break strict-aliasing rules
../../support/include/rpcmisc.h: In function nfs_getrpccaller:
../../support/include/rpcmisc.h:63: warning: dereferencing type-punned
pointer might break strict-aliasing rules
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
When an export is freshly mounted, /proc/self/mountstats displays age = 0.
This causes nfs-iostat.py to divide by zero throwing an error. When we
have age = 0, other stats are greater than 0, so we'll set age = 1 and
print the relevant stats.
Signed-off-by: Kevin Constantine <kevin.constantine@disneyanimation.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 22 Jun 2010 17:06:40 +0000 (13:06 -0400)]
libexport.a: Replace matchhostname()
So that exportfs can eventually support IPv6 addresses, copy statd's
getaddrinfo(3)-based matchhostname to exportfs, with adjustments for
dealing with export wildcards and netgroups. Until exportfs has full
IPv6 support, however, we want to ensure that IPv6 addresses continue
to remain blocked in the address comparison code used by exportfs. At
a later point we'll replace much of this with the generic functions
in sockaddr.h.
Since it contains special logic for handling wildcard and netgroups,
this function is specialized for exportfs, and does not belong in
one of the shared libraries.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 22 Jun 2010 16:43:01 +0000 (12:43 -0400)]
mountd: Replace "struct hostent" with "struct addrinfo"
struct hostent can store either IPv4 or IPv6 addresses, but it can't
store both address families concurrently for the same host. Neither
can hostent deal with parts of socket addresses that are outside of
the sin{,6}_addr field.
Replace the use of "struct hostent" everywhere in libexport.a, mountd,
and exportfs with "struct addrinfo". This is a large change, but
there are so many strong dependencies on struct hostent that this
can't easily be broken into smaller pieces.
One benefit of this change is that hostent_dup() is no longer
required, since the results of getaddrinfo(3) are already dynamically
allocated.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 22 Jun 2010 16:40:27 +0000 (12:40 -0400)]
exportfs: Add a common exit label in exportfs()
Clean up: Reduce code duplication by introducing a goto label for
freeing hp and exiting. This will make replacing "struct hostent *"
with "struct addrinfo *" more straightforward in this code.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Tue, 22 Jun 2010 14:41:03 +0000 (10:41 -0400)]
libexport.a: Add helpers to manage DNS lookups
Introduce DNS query helpers based on getaddrinfo(3) and
getnameinfo(3). These will eventually replace the existing
hostent-based functions in support/export/hostname.c.
Put some of these new helpers to immediate use, where convenient.
As they are part of libexport.a, I've added the forward declarations
for these new functions in exportfs.h rather than misc.h, where the
hostent-based forward declarations are currently.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
NeilBrown [Tue, 22 Jun 2010 14:37:25 +0000 (10:37 -0400)]
Improve support for exporting btrfs subvolumes
If you export two subvolumes of a btrfs filesystem, they will both be
given the same uuid so lookups will be confused.
blkid cannot differentiate the two, so we must use the fsid from
statfs64 to identify the filesystem.
We cannot tell if blkid or statfs is best without knowing internal
details of the filesystem in question, so we need to encode specific
knowledge of btrfs in mountd. This is unfortunate.
To ensure smooth handling of this and possible future changes in uuid
generation, we add infrastructure for multiple different uuids to be
recognised on old filehandles, but only the preferred on is used on
new filehandles.
Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Steve Dickson <steved@redhat.com>
Steve Dickson [Thu, 3 Jun 2010 12:32:56 +0000 (08:32 -0400)]
mount: silently fails when bad option values are given
mount.nfs should not only fail when an invalid option values
are supplied (as it does), it should also print a diagnostic
message identifying the problem
Chuck Lever [Mon, 24 May 2010 10:02:22 +0000 (06:02 -0400)]
mountd: Convert colons in IPv6 presentation addresses tosemicolons
The /var/lib/nfs/rmtab file delineates fields in each of its lines
with a ":". The first field contains the IP address of a client, in
presentation format. IPv6 presentation format addresses contain
colons, which screws up the field delineation of rmtab.
Use a simple simple scheme to convert the colons in incoming client
names to some other character, and then convert them back when the
rmtab file is read.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
NeilBrown [Mon, 24 May 2010 09:55:26 +0000 (05:55 -0400)]
Mountd listens on 2 different versions for NFSv2 (MOUNTv1 and MOUNTv2)
and one for NFSv3 (MOUNTv3)
When --no-nfs-version requests an NFS version to be disabled, the
code actually disabled the MOUNT version. This works is several cases,
but requires --no-nfs-version 1 to completely disable NFSv2, which
is wrong.
So if we do disable 1, 2, and 3. mountd complain and won't run, it
is not possible to run just v4 - i.e. not listening for MOUNT requests
at all (as v4 doesn't need them).
So change the handling of "--no-nfs-version 2" it disable MOUNTv1 as
well as
MOUNTv2, and allow mountd to continue running as long as one of
NFSv2 NFSv3 NFSv4 is enabled.
Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Wed, 5 May 2010 19:41:07 +0000 (15:41 -0400)]
mountd/exportfs: Make m_addrlist field a nfs_sockaddr
To store non-AF_INET addresses in the nfs_client structure, we need to
use more than in_addr for the m_addrlist field. Make m_addrlist
larger, then add a few helper functions to handle type casting and
array indexing cleanly.
We could treat the nfs_client address list as if all the addresses
in the list were the same family. This might work for MCL_SUBNETWORK
type nfs_clients. However, during the transition to IPv6, most hosts
will have at least one IPv4 and one IPv6 address. For MCL_FQDN, I
think we need to have the ability to store addresses from both
families in one nfs_client.
Additionally, IPv6 scope IDs are not part of struct sin6_addr. To
support link-local IPv6 addresses and the like, a scope ID must be
stored.
Thus, each slot in the address list needs to be capable of storing an
entire socket address, and not simply the network address part.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Mike Frysinger [Fri, 23 Apr 2010 16:22:53 +0000 (12:22 -0400)]
Make capabilities support optional
The new code using libcap is quite minor, so rather than always reqiure
libcap support, make it a normal --enable type flag. Current default
behavior is retained -- if libcap is found, it is enabled, else it is
disabled like every nfs-utils version in the past.
Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Fri, 23 Apr 2010 16:09:35 +0000 (12:09 -0400)]
libexport.a: Allow malloc(3) failures in client_lookup() and friends
Clean up: Use malloc(3) instead of xmalloc() in client_lookup() and
client_dup(), ensuring that a failed memory allocation here doesn't
cause our process to exit suddenly.
Allocation of nfs_client records and the m_hostname string are now
consistently handled with malloc(3), calloc(3), strdup(3), and
free(3).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Fri, 23 Apr 2010 16:02:34 +0000 (12:02 -0400)]
libexport.a: Allow client_init() to fail instead of exit
client_init()'s current callers can now deal correctly with a failure.
Get rid of code that can cause our process to exit in client_init(),
if address mask parsing or memory allocation fails.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Kevin Coffman [Thu, 15 Apr 2010 12:32:20 +0000 (08:32 -0400)]
Try to use kernel function to determine supported Kerberos enctypes.
This patch replaces a hard-coded list with a function to obtain
the Kerberos encryption types that the kernel's rpcsec_gss code
can support. Defaults to old behavior if kernel does not supply
information.
Chuck Lever [Fri, 16 Apr 2010 17:03:20 +0000 (13:03 -0400)]
libexport.a: export_find() should handle address parsing errors
An address mask parsing error can cause client_init(), and therefore
client_dup(), to make our process exit suddenly. Soon we want to add
more complex address parsing in client_init(), so we need this
interface to be a little more robust.
Since export_find() can return NULL in some cases, it can handle NULL
returns from its subroutines if an address parsing error occurs, or if
memory is exhausted. Allow for client_dup() to return NULL instead of
exiting sideways.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Thu, 15 Apr 2010 12:59:18 +0000 (08:59 -0400)]
libexport.a: Add helper for populating m_addrlist[]
Clean up: Move common code that populates an nfs_client record's
m_addrlist to a helper function. This eliminates a little code
duplication, and makes it simpler to add IPv6 support later.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Thu, 15 Apr 2010 12:57:29 +0000 (08:57 -0400)]
libexport.a: Reduce code duplication in client_init()
Clean up: Most cases in client_init() set clp->m_naddr to zero. Move
it to the common part of the function, and simplify the logic. This
will make adding IPv6 support here more straightforward.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Thu, 8 Apr 2010 14:54:01 +0000 (10:54 -0400)]
libexport.a: Refactor netgroup checking in client_check()
Clean up: refactor netgroup logic out of client_check() to make it
easier to introduce IPv6 support.
+ Use preferred style of keeping #ifdef out of the middle of
function definitions. Squelch compiler warnings for "#ifndef
HAVE_INNETGR" by using __attribute__((unused)).
+ Use preferred style of not using curly braces around switch cases.
+ Match style used for check_{fqdn,subnetwork}.
+ Clarify comment documenting use of h_aliases
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>
Chuck Lever [Thu, 8 Apr 2010 14:51:54 +0000 (10:51 -0400)]
libexport.a: Factor SUBNETWORK checking out of check_client()
Clean up: Factor the MCL_SUBNETWORK case out of check_client() and
client_checkaddr(). This will make it easier to add IPv6 support
eventually.
The logic in the new helper function will get a little more tangled
once IPv6 support is introduced. Each slot in the clp address list
eventually may contain an address from either address family.
Note that the switch statement in client_checkaddr() is redundant,
since clp->cl_mtype is loop invariant. This change makes SUBNETWORK
client checking more computationally efficient, at the cost of a few
extra lines of code.
This commit should not change code behavior in any way.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Steve Dickson <steved@redhat.com>