| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There have been previous attempts to revert protocol tryout
algorithm from v4,v3,v2 to previous v2,v4,v3 :
https://www.spinics.net/lists/linux-nfs/msg89228.html
Apart from GETADDR/NAT issue originating that proposed change,
its possible that some legacy custom applications still use
v2 of protocol with libtirpc.
The change proposed here, introduces an environment variable
"RPCB_V2FIRST" so that, if defined, old behaviour is used.
This is more flexible and allow us to selectively pick what
application reverts to old behaviour instead of a system-wide
change.
Signed-off-by: Roberto Bergantinos Corpas <rbergant@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Currently the publickey parameter of the authdes_pk_create() function is
not displayed because of a typo
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
authdes_pk_create() is identical to authdes_create(), except
that a public key needs to be provided by the caller and will
not looked up by the function itself.
Signed-off-by: Thorsten Kukuk <kukuk@thkukuk.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Replace text in the new rpc_gss man pages that refer to
/etc/gss/mech or /etc/gss/qop. The Linux libtirpc implementation
currently does not use these files.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
"rcred" appears twice in the left column.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
If --disable-gssapi is specified, the rpc_gss API is not built.
There's no purpose in installing rpc_gss-related man pages or
headers in that case.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce new RPCSEC API functions that match the same libtirpc API
in FreeBSD and Solaris. This includes rpc_gss_getcred(3t),
rpc_gss_svc_max_data_length(3t), rpc_gss_set_svc_name(3t),
rpc_gss_set_callback(3t), and rpc_gss_get_principal_name(3t).
The man pages, written by Doug Rabson, come from FreeBSD, with
some adjustments by me.
The new code was written from scratch based on FreeBSD's
implementation, but adapted to invoke the existing legacy U-M APIs
in our implementation. We will maintain the legacy APIs until
consumers are switched to the new ones. FreeBSD never had the
legacy U-M API.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce new client-side RPCSEC API functions that match the same
libtirpc API in FreeBSD and Solaris. This includes
rpc_gss_seccreate(3t), rpc_gss_set_defaults(3t), and
rpc_gss_max_data_length(3t).
The man pages, written by Doug Rabson, come from FreeBSD, with
some adjustments by me.
The new code was written from scratch based on FreeBSD's
implementation, but adapted to invoke the existing legacy U-M APIs
in our implementation. We will continue to provide the legaacy APIs
until API consumers are switched to the new ones. FreeBSD never had
the legacy U-M GSS APIs.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These are utility functions used by both client and server consumers
of RPCSEC GSS. The man pages, written by Doug Rabson, come from
FreeBSD, with some adjustments by me. The following functions are
added:
rpc_gss_get_error(3t), rpc_gss_get_mechanisms(3t),
rpc_gss_get_mech_info(3t), rpc_gss_get_versions(3t)
rpc_gss_is_installed(3t), rpc_gss_mech_to_oid(3t), and
rpc_gss_qop_to_num(3t)
This is a relatively simple patch, but there are a couple of
important design points to call out.
1. Don't add a new DLL
Solaris and FreeBSD keep a dynamic library separate from libtirpc
for RPCSEC_GSS support, called librpcsec_gss. Our existing
RPCSEC_GSS support, though unfinished, is already built into our
fork of the libtirpc library. This patch continues with that
approach by adding these new functions in libtirpc instead of
introducing another library.
2. Don't bother with /etc/gss/{mech,qop}
The Solaris gssapi implementation uses the files
/etc/gss/{mech,qop} to define supported GSS mechanisms. The
rpc_gss_*() API provides the utility functions added in this patch
so that RPC consumers can easily discover what GSS mechanisms are
available.
FreeBSD and Linux use the MIT gssapi implementation, which does not
use /etc/gss/{mech,qop} .
The FreeBSD implementation of the rpc_gss_*() API emulates support
for these configuration files, rather than invoking gssapi functions
that don't exist in the MIT gssapi library.
For Linux, I don't see a need for the extra config files:
o Our fork of libtirpc will support only the Kerberos GSS
mechanism for the foreseeable future.
o It's easy to add another GSS mechanism in the static data
structures, and that should be done only after thorough
testing.
o It should be a simple change to add support for /etc/gss/* if
we find we need it.
o Consumers of the rpc_gss_*() API ported from FreeBSD or
Solaris should see exactly the same result when calling the
new utility functions.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch describes the API defined in Solaris and FreeBSD to
provide RPCSEC GSS support for user space TI-RPC consumers.
The header file is based on the API provided in Solaris, but was
written from scratch. The man page was written by Doug Rabson
for the FreeBSD implementation of this API, and updated by me
where needed.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The .Lb macro in these man pages lists "libc" as the containing
library, which is not correct for Linux.
However, our .Lb macro does not appear to support the value
"libtirpc." List the containing library in an AVAILABILITY section instead.
Lastly, remove references to man pages that do not exist on Linux.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up man/Makefile.
Document man pages we maintain upstream but that are typically not
installed by distributions.
Finally, restore the man page which describes the libtirpc rpcbind
client API. This includes rpcb_getmaps(3t), rpcb_getaddr(3t),
rpcb_gettime(3t), rpcb_rmtcall(3t), rpcb_set(3t), and
rpcb_unset(3t).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Get rid of cscope and editor turds as well as intermediate
Makefiles. The top level Makefile should remove old tarballs.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|