X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=utils%2Fgssd%2Fgssd_proc.c;h=fb97a13e7e2761673d130397a2318db2fbf156e7;hp=be6f44040d0d373dadaa2c73c863fa51f67c4fab;hb=7f1f9985cf510b087e7a817597094acba9143795;hpb=25cd5f9101b8969f9e1f9d7d486f11c215d0eeb4

diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index be6f440..fb97a13 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -38,10 +38,14 @@
 
 */
 
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif	/* HAVE_CONFIG_H */
+
 #ifndef _GNU_SOURCE
 #define _GNU_SOURCE
 #endif
-#include "config.h"
+
 #include <sys/param.h>
 #include <rpc/rpc.h>
 #include <sys/stat.h>
@@ -66,7 +70,6 @@
 #include "gssd.h"
 #include "err_util.h"
 #include "gss_util.h"
-#include "gss_oids.h"
 #include "krb5_util.h"
 #include "context.h"
 
@@ -104,7 +107,7 @@ static int
 read_service_info(char *info_file_name, char **servicename, char **servername,
 		  int *prog, int *vers, char **protocol, int *port) {
 #define INFOBUFLEN 256
-	char		buf[INFOBUFLEN];
+	char		buf[INFOBUFLEN + 1];
 	static char	dummy[128];
 	int		nbytes;
 	static char	service[128];
@@ -129,6 +132,7 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
 	if ((nbytes = read(fd, buf, INFOBUFLEN)) == -1)
 		goto fail;
 	close(fd);
+	buf[nbytes] = '\0';
 
 	numfields = sscanf(buf,"RPC server: %127s\n"
 		   "service: %127s %15s version %15s\n"
@@ -427,7 +431,7 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd,
 	    gss_buffer_desc *context_token)
 {
 	char    *buf = NULL, *p = NULL, *end = NULL;
-	unsigned int timeout = 0; /* XXX decide on a reasonable value */
+	unsigned int timeout = context_timeout;
 	unsigned int buf_size = 0;
 
 	printerr(1, "doing downcall\n");
@@ -438,7 +442,6 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd,
 	end = buf + buf_size;
 
 	if (WRITE_BYTES(&p, end, uid)) goto out_err;
-	/* Not setting any timeout for now: */
 	if (WRITE_BYTES(&p, end, timeout)) goto out_err;
 	if (WRITE_BYTES(&p, end, pd->pd_seq_win)) goto out_err;
 	if (write_buffer(&p, end, &pd->pd_ctx_hndl)) goto out_err;
@@ -449,7 +452,7 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd,
 	return 0;
 out_err:
 	if (buf) free(buf);
-	printerr(0, "Failed to write downcall!\n");
+	printerr(1, "Failed to write downcall!\n");
 	return -1;
 }
 
@@ -703,9 +706,8 @@ handle_krb5_upcall(struct clnt_info *clp)
 	if (uid != 0 || (uid == 0 && root_uses_machine_creds == 0)) {
 		/* Tell krb5 gss which credentials cache to use */
 		for (dirname = ccachesearch; *dirname != NULL; dirname++) {
-			gssd_setup_krb5_user_gss_ccache(uid, clp->servername, *dirname);
-
-			create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid,
+			if (gssd_setup_krb5_user_gss_ccache(uid, clp->servername, *dirname) == 0)
+				create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid,
 							     AUTHTYPE_KRB5);
 			if (create_resp == 0)
 				break;
@@ -743,14 +745,14 @@ handle_krb5_upcall(struct clnt_info *clp)
 			}
 			gssd_free_krb5_machine_cred_list(credlist);
 			if (!success) {
-				printerr(0, "WARNING: Failed to create krb5 context "
+				printerr(1, "WARNING: Failed to create krb5 context "
 					 "for user with uid %d with any "
 					 "credentials cache for server %s\n",
 					 uid, clp->servername);
 				goto out_return_error;
 			}
 		} else {
-			printerr(0, "WARNING: Failed to create krb5 context "
+			printerr(1, "WARNING: Failed to create krb5 context "
 				 "for user with uid %d for server %s\n",
 				 uid, clp->servername);
 			goto out_return_error;
@@ -758,13 +760,13 @@ handle_krb5_upcall(struct clnt_info *clp)
 	}
 
 	if (!authgss_get_private_data(auth, &pd)) {
-		printerr(0, "WARNING: Failed to obtain authentication "
+		printerr(1, "WARNING: Failed to obtain authentication "
 			    "data for user with uid %d for server %s\n",
 			 uid, clp->servername);
 		goto out_return_error;
 	}
 
-	if (serialize_context_for_kernel(pd.pd_ctx, &token, &krb5oid)) {
+	if (serialize_context_for_kernel(pd.pd_ctx, &token, &krb5oid, NULL)) {
 		printerr(0, "WARNING: Failed to serialize krb5 context for "
 			    "user with uid %d for server %s\n",
 			 uid, clp->servername);
@@ -776,8 +778,10 @@ handle_krb5_upcall(struct clnt_info *clp)
 out:
 	if (token.value)
 		free(token.value);
+#ifndef HAVE_LIBTIRPC
 	if (pd.pd_ctx_hndl.length != 0)
 		authgss_free_private_data(&pd);
+#endif
 	if (auth)
 		AUTH_DESTROY(auth);
 	if (rpc_clnt)
@@ -826,7 +830,7 @@ handle_spkm3_upcall(struct clnt_info *clp)
 		goto out_return_error;
 	}
 
-	if (serialize_context_for_kernel(pd.pd_ctx, &token, &spkm3oid)) {
+	if (serialize_context_for_kernel(pd.pd_ctx, &token, &spkm3oid, NULL)) {
 		printerr(0, "WARNING: Failed to serialize spkm3 context for "
 			    "user with uid %d for server\n",
 			 uid, clp->servername);