On Sun, Dec 20, 2009 at 02:13:07AM -0800, Muntz, Daniel wrote: > If one were to hit this bug with v4.x, would the error be something like > this in the RPC layer: > > Reply State: denied (1) > Reject State: AUTH_ERROR (1) > Auth State: bad credential (seal broken) (1) Since we let the "insecure" flag vary by filesystem, we don't catch this until we decode filehandles, so return an nfs-level error. --b. > > -Dan > > > -----Original Message----- > > From: Michael Guntsche [mailto:mike@xxxxxxxxxxxx] > > Sent: Sunday, December 20, 2009 1:46 AM > > To: bfields@xxxxxxxxxxxxxx > > Cc: linux-nfs > > Subject: Re: Problem with 2.6.33-rc1 and insecure flag > > > > I think I figured out the problem. > > > > Apparently the code checked if insecure was set, while it > > should check if it was NOT set. > > > > Kind regards, > > Michael > > > > diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c > > index 1c12177..55c8e63 100644 > > --- a/fs/nfsd/nfsfh.c > > +++ b/fs/nfsd/nfsfh.c > > @@ -89,7 +89,7 @@ static __be32 > > nfsd_setuser_and_check_port(struct svc_rqst *rqstp, > > int flags = nfsexp_flags(rqstp, exp); > > > > /* Check if the request originated from a secure port. */ > > - if (!rqstp->rq_secure && (flags & NFSEXP_INSECURE_PORT)) { > > + if (!rqstp->rq_secure && !(flags & NFSEXP_INSECURE_PORT)) { > > RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]); > > dprintk(KERN_WARNING > > "nfsd: request from insecure port %s!\n", > > > > > > > > -- > > To unsubscribe from this list: send the line "unsubscribe > > linux-nfs" in > > the body of a message to majordomo@xxxxxxxxxxxxxxx > > More majordomo info at http://vger.kernel.org/majordomo-info.html > > > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
