diff options
| author | Niels de Vos <ndevos@redhat.com> | 2016-07-19 12:42:07 +0200 |
|---|---|---|
| committer | Niels de Vos <ndevos@redhat.com> | 2016-08-25 14:03:11 -0700 |
| commit | ace4ff98991660c516e84590ce59054c042be4d1 (patch) | |
| tree | 692ded7237df44a57fdd10cd97804fd5afb6ac24 | |
| parent | c9434a70f07ec25821563f66f36767c3a7ad0de4 (diff) | |
nfs: allow hostnames with dashes in exports/netgroups files
Hostnames with dashes (like "vagrant-testVM") are not correctly parsed
when reading the exports/netgroups files. This bacomes obvious when
running ./run-tests-in-vagrant.sh because it causes
tests/basic/mount-nfs-auth.t and tests/basic/netgroup_parsing.t to fail.
The regex for hostname (in exports) and the entry and hostname
(netgroups) parsing does not include the "-" sign, and hence the
hostnames are splitted at it.
Cherry picked from commit e5221d288e41d29d89d52f8deab657d2285a852c:
> BUG: 1350237
> Change-Id: I38146a283561e1fa386cc841c43fd3b1e30a87ad
> Signed-off-by: Niels de Vos <ndevos@redhat.com>
> Reviewed-on: http://review.gluster.org/14809
> Smoke: Gluster Build System <jenkins@build.gluster.org>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Change-Id: I38146a283561e1fa386cc841c43fd3b1e30a87ad
BUG: 1357835
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/14956
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Smoke: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
| -rw-r--r-- | tests/basic/netgroup_parsing.t | 12 | ||||
| -rw-r--r-- | tests/configfiles/netgroups | 1 | ||||
| -rw-r--r-- | xlators/nfs/server/src/exports.c | 10 | ||||
| -rw-r--r-- | xlators/nfs/server/src/exports.h | 2 | ||||
| -rw-r--r-- | xlators/nfs/server/src/mount3.c | 9 | ||||
| -rw-r--r-- | xlators/nfs/server/src/netgroups.c | 5 | ||||
| -rw-r--r-- | xlators/nfs/server/src/netgroups.h | 4 |
7 files changed, 37 insertions, 6 deletions
diff --git a/tests/basic/netgroup_parsing.t b/tests/basic/netgroup_parsing.t index 73a69c44cea..cf8d871f1f8 100644 --- a/tests/basic/netgroup_parsing.t +++ b/tests/basic/netgroup_parsing.t @@ -21,6 +21,11 @@ function test_ng_3 () glusterfsd --print-netgroups $1 | sed -n 3p } +function test_ng_4 () +{ + glusterfsd --print-netgroups $1 | sed -n 4p +} + function test_bad_ng () { glusterfsd --print-netgroups $1 2>&1 | sed -n 1p @@ -39,9 +44,10 @@ function test_empty_ng () glusterfsd --print-netgroups $1 2>&1 | sed -n 2p } -EXPECT_KEYWORD "ng2 (dev1763.prn2.example.com,,)" test_ng_1 $NG_FILES/netgroups -EXPECT_KEYWORD "ng1 ng2 (dev1763.prn2.example.com,,)" test_ng_2 $NG_FILES/netgroups -EXPECT_KEYWORD "asdf ng1 ng2 (dev1763.prn2.example.com,,)" test_ng_3 $NG_FILES/netgroups +EXPECT_KEYWORD "ng3 (dev-1763.prn-2.example.com,,)" test_ng_1 $NG_FILES/netgroups +EXPECT_KEYWORD "ng2 (dev1763.prn2.example.com,,)" test_ng_2 $NG_FILES/netgroups +EXPECT_KEYWORD "ng1 ng2 (dev1763.prn2.example.com,,)" test_ng_3 $NG_FILES/netgroups +EXPECT_KEYWORD "asdf ng1 ng2 (dev1763.prn2.example.com,,)" test_ng_4 $NG_FILES/netgroups # TODO: get a real-world large netgroup file #EXPECT_KEYWORD "wikipedia001.07.prn1 (wikipedia003.prn1.example.com,,)(wikipedia002.prn1.example.com,,)(wikipedia001.prn1.example.com,,)" test_large_file EXPECT_KEYWORD "Parse error" test_bad_ng $NG_FILES/bad_netgroups diff --git a/tests/configfiles/netgroups b/tests/configfiles/netgroups index a4ed2c53df4..f1f5fcdc145 100644 --- a/tests/configfiles/netgroups +++ b/tests/configfiles/netgroups @@ -1,3 +1,4 @@ asdf ng1 ng1 ng2 ng2 (dev1763.prn2.example.com,,) +ng3 (dev-1763.prn-2.example.com,,) diff --git a/xlators/nfs/server/src/exports.c b/xlators/nfs/server/src/exports.c index b000b7e8118..83aec254040 100644 --- a/xlators/nfs/server/src/exports.c +++ b/xlators/nfs/server/src/exports.c @@ -753,6 +753,8 @@ __exp_line_ng_host_str_parse (char *str, struct export_item **exp_item) item_name = gf_strdup (str); GF_CHECK_ALLOC (item_name, ret, out); + gf_msg_trace (GF_EXP, 0, "found hostname/netgroup: %s", item_name); + /* Initialize an export item for this */ item = _export_item_init (); GF_CHECK_ALLOC (item, ret, free_and_out); @@ -832,6 +834,8 @@ __exp_line_ng_parse (const char *line, dict_t **ng_dict) goto out; } + gf_msg_trace (GF_EXP, 0, "parsing line: %s", line); + while ((strmatch = parser_get_next_match (netgroup_parser))) { if (!netgroups) { /* Allocate a new dict to store the netgroups. */ @@ -842,6 +846,8 @@ __exp_line_ng_parse (const char *line, dict_t **ng_dict) } } + gf_msg_trace (GF_EXP, 0, "parsing netgroup: %s", strmatch); + ret = __exp_line_ng_host_str_parse (strmatch, &exp_ng); if (ret != 0) { @@ -927,6 +933,8 @@ __exp_line_host_parse (const char *line, dict_t **host_dict) goto out; } + gf_msg_trace (GF_EXP, 0, "parsing line: %s", line); + while ((strmatch = parser_get_next_match (hostname_parser))) { if (!hosts) { /* Allocate a new dictto store the netgroups. */ @@ -934,6 +942,8 @@ __exp_line_host_parse (const char *line, dict_t **host_dict) GF_CHECK_ALLOC (hosts, ret, free_and_out); } + gf_msg_trace (GF_EXP, 0, "parsing hostname: %s", strmatch); + ret = __exp_line_ng_host_str_parse (strmatch, &exp_host); if (ret != 0) { diff --git a/xlators/nfs/server/src/exports.h b/xlators/nfs/server/src/exports.h index 51a3cd668a4..bc9af2f0b8b 100644 --- a/xlators/nfs/server/src/exports.h +++ b/xlators/nfs/server/src/exports.h @@ -22,7 +22,7 @@ #define GF_EXP GF_NFS"-exports" #define NETGROUP_REGEX_PATTERN "(@([a-zA-Z0-9\\(=, .])+)())" -#define HOSTNAME_REGEX_PATTERN "[[:space:]]([a-zA-Z0-9.\\(=,*/)]+)" +#define HOSTNAME_REGEX_PATTERN "[[:space:]]([a-zA-Z0-9.\\(=,*/)-]+)" #define OPTIONS_REGEX_PATTERN "([a-zA-Z0-9=\\.]+)" #define NETGROUP_MAX_LEN 128 diff --git a/xlators/nfs/server/src/mount3.c b/xlators/nfs/server/src/mount3.c index bf4ba0f25c7..c0eb1b24735 100644 --- a/xlators/nfs/server/src/mount3.c +++ b/xlators/nfs/server/src/mount3.c @@ -1994,6 +1994,10 @@ _mnt3_authenticate_req (struct mount3_state *ms, rpcsvc_request_t *req, /* Check if the IP is authorized */ auth_status_code = mnt3_auth_host (ms->auth_params, host_addr_ip, fh, pathdup, is_write_op, &expitem); + + gf_msg_debug (GF_MNT, 0, "access from IP %s is %s", host_addr_ip, + auth_status_code ? "denied" : "allowed"); + if (auth_status_code != 0) { /* If not, check if the FQDN is authorized */ host_addr_fqdn = gf_rev_dns_lookup (host_addr_ip); @@ -2001,6 +2005,11 @@ _mnt3_authenticate_req (struct mount3_state *ms, rpcsvc_request_t *req, host_addr_fqdn, fh, pathdup, is_write_op, &expitem); + + gf_msg_debug (GF_MNT, 0, "access from FQDN %s is %s", + host_addr_fqdn, auth_status_code ? "denied" : + "allowed"); + if (auth_status_code == 0) auth_host = host_addr_fqdn; } else diff --git a/xlators/nfs/server/src/netgroups.c b/xlators/nfs/server/src/netgroups.c index e9c0838a5cc..1003b72ef8c 100644 --- a/xlators/nfs/server/src/netgroups.c +++ b/xlators/nfs/server/src/netgroups.c @@ -735,11 +735,16 @@ _parse_ng_host (char *ng_str, struct netgroup_host **ngh) if (ret < 0) goto out; + gf_msg_trace (GF_NG, 0, "parsing host string: %s", ng_str); + ng_host = _netgroup_host_init (); GF_CHECK_ALLOC (ng_host, ret, free_and_out); /* Sets ret to -ENOMEM on * failure. */ while ((match = parser_get_next_match (ng_host_parser)) != NULL) { + gf_msg_trace (GF_NG, 0, "found match: %s (parts=%d)", match, + parts); + switch (parts) { case 0: ng_host->hostname = match; diff --git a/xlators/nfs/server/src/netgroups.h b/xlators/nfs/server/src/netgroups.h index c77a35a41f3..6044abfabb3 100644 --- a/xlators/nfs/server/src/netgroups.h +++ b/xlators/nfs/server/src/netgroups.h @@ -21,8 +21,8 @@ #define GF_NG GF_NFS"-netgroup" -#define NG_FILE_PARSE_REGEX "([a-zA-Z0-9.(,)]+)" -#define NG_HOST_PARSE_REGEX "([a-zA-Z0-9.]+)" +#define NG_FILE_PARSE_REGEX "([a-zA-Z0-9.(,)-]+)" +#define NG_HOST_PARSE_REGEX "([a-zA-Z0-9.-]+)" struct netgroup_host { char *hostname; /* Hostname of entry */ |