From 817bda650cb7edb0bfdef270cd2801d91d681580 Mon Sep 17 00:00:00 2001 From: Pavan T C Date: Mon, 11 Jul 2011 05:33:09 +0000 Subject: nfsrpc: Re-order NFS auth array contents Some NFS client implementations can default to AUTH_NULL given a certain order of auth_array in MOUNT reply. We re-order it here to make sure that such clients (Example - 2.6.26), do not have such security loop holes. Signed-off-by: Pavan T C Signed-off-by: Anand Avati BUG: 3144 (permissions given in fuse mount don't have effect in nfs mount) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3144 --- xlators/nfs/lib/src/rpcsvc-auth.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/xlators/nfs/lib/src/rpcsvc-auth.c b/xlators/nfs/lib/src/rpcsvc-auth.c index 6d07619e493..6c8d30ec009 100644 --- a/xlators/nfs/lib/src/rpcsvc-auth.c +++ b/xlators/nfs/lib/src/rpcsvc-auth.c @@ -56,19 +56,19 @@ nfs_rpcsvc_auth_add_initers (rpcsvc_t *svc) { int ret = -1; - ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix", + ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-null", (rpcsvc_auth_initer_t) - nfs_rpcsvc_auth_unix_init); + nfs_rpcsvc_auth_null_init); if (ret == -1) { - gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_UNIX"); + gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_NULL"); goto err; } - ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-null", + ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix", (rpcsvc_auth_initer_t) - nfs_rpcsvc_auth_null_init); + nfs_rpcsvc_auth_unix_init); if (ret == -1) { - gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_NULL"); + gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_UNIX"); goto err; } -- cgit