| Message ID | 20231206213332.55565-1-olga.kornievskaia@gmail.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | nfs-utils: handle BAD_INTEGRITY ERROR | expand |
On Wed, Dec 06, 2023 at 04:33:26PM -0500, Olga Kornievskaia wrote: > From: Olga Kornievskaia <kolga@netapp.com> > > This patch series is re-work of the previous patch series that handles > gss error for bad integrity. In this version, gssd is changed to use > rpc_gss_seccreate() function in tirpc which exposes the gss errors to > the caller. This functionality is further checked with configure for the > presence of this function in the tirpc library. > > Note that the current libtirpc (1.3.4 version) needs a fix to > rpc_gss_seccreate() to work correctly for the gssd that passes in > credentials to be used for the gss context establishement. > > Olga Kornievskaia (6): > gssd: revert commit a5f3b7ccb01c > gssd: revert commit 513630d720bd > gssd: switch to using rpc_gss_seccreate() > gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for machine credentials > gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for user credentials > configure: check for rpc_gss_seccreate > > aclocal/libtirpc.m4 | 5 +++++ > utils/gssd/gssd_proc.c | 26 +++++++++++++++++++++++--- > 2 files changed, 28 insertions(+), 3 deletions(-) The added error reporting is very nice. I'm glad we could make it work. Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
On 12/6/23 4:33 PM, Olga Kornievskaia wrote: > From: Olga Kornievskaia <kolga@netapp.com> > > This patch series is re-work of the previous patch series that handles > gss error for bad integrity. In this version, gssd is changed to use > rpc_gss_seccreate() function in tirpc which exposes the gss errors to > the caller. This functionality is further checked with configure for the > presence of this function in the tirpc library. > > Note that the current libtirpc (1.3.4 version) needs a fix to > rpc_gss_seccreate() to work correctly for the gssd that passes in > credentials to be used for the gss context establishement. > > Olga Kornievskaia (6): > gssd: revert commit a5f3b7ccb01c > gssd: revert commit 513630d720bd > gssd: switch to using rpc_gss_seccreate() > gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for machine credentials > gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for user credentials > configure: check for rpc_gss_seccreate > > aclocal/libtirpc.m4 | 5 +++++ > utils/gssd/gssd_proc.c | 26 +++++++++++++++++++++++--- > 2 files changed, 28 insertions(+), 3 deletions(-) > Committed... (tag: nfs-utils-2-7-1-rc3) steved.
From: Olga Kornievskaia <olga.kornievskaia@gmail.com> From: Olga Kornievskaia <kolga@netapp.com> > In preparation for using rpc_gss_seccreate(), revert commit 513630d720bd > "gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for machine credentials" Hi Olga, Subject "[PATCH 2/6] gssd: revert commit 513630d720bd" => commit 513630d720bd does not exists. You probably meant to revert 4b272471937d6662e608dcf2b70dbc4b6dee76a0. Please next time revert on rebased master to get correct git hash. Kind regards, Petr
From: Olga Kornievskaia <olga.kornievskaia@gmail.com> From: Olga Kornievskaia <kolga@netapp.com> Hi Olga, > Subject "[PATCH 1/6] gssd: revert commit a5f3b7ccb01c" Also a5f3b7ccb01c does not exist in git tree. You probably meant 14ee48785f97dbb90dd199698d838da66c319605. Kind regards, Petr
From: Olga Kornievskaia <kolga@netapp.com> This patch series is re-work of the previous patch series that handles gss error for bad integrity. In this version, gssd is changed to use rpc_gss_seccreate() function in tirpc which exposes the gss errors to the caller. This functionality is further checked with configure for the presence of this function in the tirpc library. Note that the current libtirpc (1.3.4 version) needs a fix to rpc_gss_seccreate() to work correctly for the gssd that passes in credentials to be used for the gss context establishement. Olga Kornievskaia (6): gssd: revert commit a5f3b7ccb01c gssd: revert commit 513630d720bd gssd: switch to using rpc_gss_seccreate() gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for machine credentials gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for user credentials configure: check for rpc_gss_seccreate aclocal/libtirpc.m4 | 5 +++++ utils/gssd/gssd_proc.c | 26 +++++++++++++++++++++++--- 2 files changed, 28 insertions(+), 3 deletions(-)