There were 2 things wrong with auth flavour ordering:
authorbc Wong <bcwong@cisco.com>
Tue, 18 Mar 2008 13:30:44 +0000 (09:30 -0400)
committerSteve Dickson <steved@redhat.com>
Tue, 18 Mar 2008 13:30:44 +0000 (09:30 -0400)
commit3c1bb23c0379864722e79d19f74c180edcf2c36e
treeb7f9d9440a94798465d88c3f26f10bd35877d72a
parent3aeea1c463420aaab447ab61333f5e82bc5c241b
There were 2 things wrong with auth flavour ordering:
- Mountd used to advertise AUTH_NULL as the first flavour on
  the list, which means that it prefers AUTH_NULL to anything
  else (as per RFC 2623 section 2.7).
- Mount.nfs used to scan the returned list in reverse order,
  and stopping at the first AUTH_NULL or AUTH_SYS encountered.
  If a server advertises (AUTH_SYS, AUTH_NULL), it will by
  default choose AUTH_NULL and have degraded access.

I've fixed mount.nfs to scan from the beginning. For mountd,
it does not advertise AUTH_NULL anymore. This is necessary
to avoid backward compatibility issue. If AUTH_NULL appears
in the list, either the new or the old client will choose
that over AUTH_SYS.

Tested the server/client combination against the previous
versions, as well as Solaris and FreeBSD.

Signed-off-by: bc Wong <bcwong@cisco.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
utils/mount/nfsmount.c
utils/mountd/mountd.c