diff options
| author | Pavan T C <tcp@gluster.com> | 2011-07-11 05:33:09 +0000 | 
|---|---|---|
| committer | Anand Avati <avati@gluster.com> | 2011-07-11 04:32:02 -0700 | 
| commit | 817bda650cb7edb0bfdef270cd2801d91d681580 (patch) | |
| tree | d42559d44e2d79858b3b42653a873be73f216ae4 /xlators/nfs/lib/src/rpcsvc-auth.c | |
| parent | 1b01b648944b8a55e09105cafdb9e28021e78574 (diff) | |
nfsrpc: Re-order NFS auth array contentsv3.2.2qa4
Some NFS client implementations can default to AUTH_NULL given a certain order
of auth_array in MOUNT reply. We re-order it here to make sure that such
clients (Example - 2.6.26), do not have such security loop holes.
Signed-off-by: Pavan T C <tcp@gluster.com>
Signed-off-by: Anand Avati <avati@gluster.com>
BUG: 3144 (permissions given in fuse mount don't have effect in nfs mount)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3144
Diffstat (limited to 'xlators/nfs/lib/src/rpcsvc-auth.c')
| -rw-r--r-- | xlators/nfs/lib/src/rpcsvc-auth.c | 12 | 
1 files changed, 6 insertions, 6 deletions
| diff --git a/xlators/nfs/lib/src/rpcsvc-auth.c b/xlators/nfs/lib/src/rpcsvc-auth.c index 6d07619e4..6c8d30ec0 100644 --- a/xlators/nfs/lib/src/rpcsvc-auth.c +++ b/xlators/nfs/lib/src/rpcsvc-auth.c @@ -56,19 +56,19 @@ nfs_rpcsvc_auth_add_initers (rpcsvc_t *svc)  {          int     ret = -1; -        ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix", +        ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-null",                                            (rpcsvc_auth_initer_t) -                                          nfs_rpcsvc_auth_unix_init); +                                          nfs_rpcsvc_auth_null_init);          if (ret == -1) { -                gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_UNIX"); +                gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_NULL");                  goto err;          } -        ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-null", +        ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix",                                            (rpcsvc_auth_initer_t) -                                          nfs_rpcsvc_auth_null_init); +                                          nfs_rpcsvc_auth_unix_init);          if (ret == -1) { -                gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_NULL"); +                gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_UNIX");                  goto err;          } | 
