summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavan T C <tcp@gluster.com>2011-07-11 05:33:09 +0000
committerAnand Avati <avati@gluster.com>2011-07-11 04:32:02 -0700
commit817bda650cb7edb0bfdef270cd2801d91d681580 (patch)
treed42559d44e2d79858b3b42653a873be73f216ae4
parent1b01b648944b8a55e09105cafdb9e28021e78574 (diff)
nfsrpc: Re-order NFS auth array contentsv3.2.2qa4
Some NFS client implementations can default to AUTH_NULL given a certain order of auth_array in MOUNT reply. We re-order it here to make sure that such clients (Example - 2.6.26), do not have such security loop holes. Signed-off-by: Pavan T C <tcp@gluster.com> Signed-off-by: Anand Avati <avati@gluster.com> BUG: 3144 (permissions given in fuse mount don't have effect in nfs mount) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3144
-rw-r--r--xlators/nfs/lib/src/rpcsvc-auth.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/xlators/nfs/lib/src/rpcsvc-auth.c b/xlators/nfs/lib/src/rpcsvc-auth.c
index 6d07619e493..6c8d30ec009 100644
--- a/xlators/nfs/lib/src/rpcsvc-auth.c
+++ b/xlators/nfs/lib/src/rpcsvc-auth.c
@@ -56,19 +56,19 @@ nfs_rpcsvc_auth_add_initers (rpcsvc_t *svc)
{
int ret = -1;
- ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix",
+ ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-null",
(rpcsvc_auth_initer_t)
- nfs_rpcsvc_auth_unix_init);
+ nfs_rpcsvc_auth_null_init);
if (ret == -1) {
- gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_UNIX");
+ gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_NULL");
goto err;
}
- ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-null",
+ ret = nfs_rpcsvc_auth_add_initer (&svc->authschemes, "auth-unix",
(rpcsvc_auth_initer_t)
- nfs_rpcsvc_auth_null_init);
+ nfs_rpcsvc_auth_unix_init);
if (ret == -1) {
- gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_NULL");
+ gf_log (GF_RPCSVC, GF_LOG_ERROR, "Failed to add AUTH_UNIX");
goto err;
}