On Thu, 2013-07-18 at 15:54 -0400, Trond Myklebust wrote:
> On Thu, 2013-07-18 at 19:49 +0000, Adamson, Dros wrote:
> > Only supporting operations that have the error code NFS4ERR_WRONG_CRED seems to be wrong. Operations like BIND_CONN_TO_SESSION don't support don't support this error code, but are explicitly mentioned in SP4_MACH_CRED sections of the spec.
>
> Looking at the allowed error return values for BIND_CONN_TO_SESSION, I'm
> at a loss to figure out exactly what it should return in this case. I
> suspect that the lack of an NFS4ERR_WRONG_CRED is actually a protocol
> bug.
>
> Time to go back to the ietf mailing list...
Hi all,
When attempting to implement the SP4_MACH_CRED state protection, Dros
ran into an issue. If the BIND_CONN_TO_SESSION operation is listed in
the "spo_must_enforce" list of operations, what should it not be allowed
to return NFS4ERR_WRONG_CRED if called with a credential that is not the
machine or SSV credential?
Cheers
Trond
--
Trond Myklebust
Linux NFS client maintainer
NetApp
Trond.Myklebust@xxxxxxxxxx
www.netapp.com
��.n��������+%�������w��{.n�����{��w����jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
