gssd_setup_krb5_user_gss_ccache must return an error if no usable cache is

[nfs-utils.git] / utils / gssd / gssd_proc.c

diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index 6860cc852e844f87dbaf6d53d6106578f093d942..a145081e8ae234627ad2b98c1db78fbd8b25061d 100644 (file)
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -102,7 +102,7 @@ int pollsize;  /* the size of pollaray (in pollfd's) */
 /* XXX buffer problems: */
 static int
 read_service_info(char *info_file_name, char **servicename, char **servername,
-                 int *prog, int *vers, char **protocol) {
+                 int *prog, int *vers, char **protocol, int *port) {
 #define INFOBUFLEN 256
        char            buf[INFOBUFLEN];
        static char     dummy[128];
@@ -112,6 +112,8 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
        char            program[16];
        char            version[16];
        char            protoname[16];
+       char            cb_port[128];
+       char            *p;
        in_addr_t       inaddr;
        int             fd = -1;
        struct hostent  *ent = NULL;
@@ -143,6 +145,10 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
                goto fail;
        }
 
+       cb_port[0] = '\0';
+       if ((p = strstr(buf, "port")) != NULL)
+               sscanf(p, "port: %127s\n", cb_port);
+
        /* check service, program, and version */
        if(memcmp(service, "nfs", 3)) return -1;
        *prog = atoi(program + 1); /* skip open paren */
@@ -163,6 +169,8 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
        if (!(*servicename = calloc(strlen(buf) + 1, 1)))
                goto fail;
        memcpy(*servicename, buf, strlen(buf));
+       if (cb_port[0] != '\0')
+               *port = atoi(cb_port);
 
        if (!(*protocol = strdup(protoname)))
                goto fail;
@@ -238,7 +246,7 @@ process_clnt_dir_files(struct clnt_info * clp)
        if ((clp->servicename == NULL) &&
             read_service_info(info_file_name, &clp->servicename,
                                &clp->servername, &clp->prog, &clp->vers,
-                               &clp->protocol))
+                               &clp->protocol, &clp->port))
                return -1;
        return 0;
 }
@@ -587,6 +595,8 @@ int create_auth_rpc_client(struct clnt_info *clp,
                         clp->servername, uid);
                goto out_fail;
        }
+       if (clp->port)
+               ((struct sockaddr_in *)a->ai_addr)->sin_port = htons(clp->port);
        if (a->ai_protocol == IPPROTO_TCP) {
                if ((rpc_clnt = clnttcp_create(
                                        (struct sockaddr_in *) a->ai_addr,
@@ -675,6 +685,7 @@ handle_krb5_upcall(struct clnt_info *clp)
        gss_buffer_desc         token;
        char                    **credlist = NULL;
        char                    **ccname;
+       char                    **dirname;
        int                     create_resp = -1;
 
        printerr(1, "handling krb5 upcall\n");
@@ -691,10 +702,13 @@ handle_krb5_upcall(struct clnt_info *clp)
 
        if (uid != 0 || (uid == 0 && root_uses_machine_creds == 0)) {
                /* Tell krb5 gss which credentials cache to use */
-               gssd_setup_krb5_user_gss_ccache(uid, clp->servername);
-
-               create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid,
-                                                    AUTHTYPE_KRB5);
+               for (dirname = ccachesearch; *dirname != NULL; dirname++) {
+                       if (gssd_setup_krb5_user_gss_ccache(uid, clp->servername, *dirname) == 0)
+                               create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid,
+                                                            AUTHTYPE_KRB5);
+                       if (create_resp == 0)
+                               break;
+               }
        }
        if (create_resp != 0) {
                if (uid == 0 && root_uses_machine_creds == 1) {