| Age | Commit message (Collapse) | Author |
|---|
|
Add a generic mechanism for skipping over transport-specific headers
when constructing an RPC request. This removes another "xprt->stream"
dependency.
Test-plan:
Write-intensive workload on a single mount point (try both UDP and
TCP).
Signed-off-by: Chuck Lever <cel@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
|
This patch provides the basic framework for RPCSEC_GSS authentication
in the RPC client. The protocol is fully described in RFC-2203.
Sun has supported it in their commercial NFSv3 and v2 implementations
for quite some time, and it has been specified in RFC3010 as being
mandatory for NFSv4.
- Update the mount_data struct for NFSv2 and v3 in order to allow them
to pass an RPCSEC_GSS security flavour. Compatibility with existing
versions of the 'mount' program is ensured by requiring that RPCSEC
support be enabled using the new flag NFS_MOUNT_SECFLAVOUR.
- Provide secure authentication, and later data encryption on
a per-user basis. A later patch will an provide an implementation
of the Kerberos 5 security mechanism. SPKM and LIPKEY are still
being planned.
- Security context negotiation and initialization are all assumed
to be done in userland. A later patch will provide the actual upcall
mechanisms to allow for this.
|
|
This implements stricter type checking for rpc auth flavors. it is a
prerequisite for RPC GSSAPI and its authentication pseudoflavors.
please apply it.
|
|
|
