| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Fixes compilation warning.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Instead of compiling out the authdes interfaces
as commit d918e41d8 did, add them back but
they will fail if called.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
AUTH_DES authentication is dead! Has not been
supported in years and know the code is throwing
out coverity scan which don't make sense to fix.
The code is know compiled out by default.
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Internally, the xp_auth pointer is no longer needed. Nor should
new authenticators rely on it in the future.
No other libtirpc has this field. For better RPC application
portability, remove it.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are lifetime problems with the current handling of SVCAUTH
and the core library has no business ever destroying an SVCAUTH.
These lifetime problems leads to the gss authenticator leaking
a SVCAUTH when interleaved calls on the transport arrive with
non-gss credential flavors.
So, plagiarize the Solaris solution and keep an inlined SVCAUTH
struct to make it obvious that the core library is not managing
the life of SVCAUTH. Then point the old xp_auth pointer to the
inlined SVCAUTH by default. This makes it possible to match the
Solaris macro SVC_XP_AUTH, while still remaining compatible with
any old external xp_auth pointer users.
Adjust the gss authenticator to keep track of its own gss data
per SVCXPRT. This is still not a good gss implementation, but it
is at least better than before.
Tested-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Peter Rosin <peda@lysator.liu.se>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When --enable-gss is specified on the ./configure command line,
have the library automatically register server-side support for the
RPCSEC_GSS auth flavor.
The complication is that specific interaction is required with the
RPC client if GSS authentication fails. GSS authentication sometimes
has to squelch the normal reply done by svc_getreq(), and substitute
its own.
_svcauth_gss() already has a boolean argument to do this. But
_authenticate() is an official API (see rpc/svc_auth.h). We can't
alter its synopsis.
Instead of adding a "no_dispatch" argument to our existing
_authenticate() API, preserve its synopsis for backwards
compatibility, and introduce a second external authentication API
for the dispatcher.
This matches a similar API change done in the Solaris libtirpc.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
svc_auth.c uses a fake entry function for AUTH_NULL (AUTH_NONE) when the
use of the svc_auth_none is appropriate.
With the previous patches to make use of WRAP/UNWRAP svc_auth_none is
required.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
permission of Sun Microsystems
Signed-off-by: Tom "spot" Callaway <tcallawa@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|