6 files changed, 43 insertions, 2 deletions

diff --git a/libglusterfs/src/mem-types.h b/libglusterfs/src/mem-types.h
index fea54c35ebc..7d9186a419e 100644
--- a/libglusterfs/src/mem-types.h
+++ b/libglusterfs/src/mem-types.h
@@ -109,6 +109,7 @@ enum gf_common_mem_types_ {
         gf_common_mt_drc_rbtree_node_t    = 93,
         gf_common_mt_iov_base_t           = 94,
         gf_common_mt_groups_t             = 95,
-        gf_common_mt_end                  = 96
+	gf_common_mt_auxgids              = 96,
+        gf_common_mt_end                  = 97
 };
 #endif
diff --git a/rpc/rpc-lib/src/auth-glusterfs.c b/rpc/rpc-lib/src/auth-glusterfs.c
index 9c6f8385b2c..db488434c98 100644
--- a/rpc/rpc-lib/src/auth-glusterfs.c
+++ b/rpc/rpc-lib/src/auth-glusterfs.c
@@ -96,6 +96,22 @@ int auth_glusterfs_authenticate (rpcsvc_request_t *req, void *priv)
                 goto err;
         }
 
+	if (req->auxgidcount > SMALL_GROUP_COUNT) {
+		req->auxgidlarge = GF_CALLOC(req->auxgidcount,
+					     sizeof(req->auxgids[0]),
+					     gf_common_mt_auxgids);
+		req->auxgids = req->auxgidlarge;
+	} else {
+		req->auxgids = req->auxgidsmall;
+	}
+
+	if (!req->auxgids) {
+		gf_log ("auth-glusterfs", GF_LOG_WARNING,
+			"cannot allocate gid list");
+		ret = RPCSVC_AUTH_REJECT;
+		goto err;
+	}
+
         for (gidcount = 0; gidcount < au.ngrps; ++gidcount)
                 req->auxgids[gidcount] = au.groups[gidcount];
 
@@ -203,6 +219,22 @@ int auth_glusterfs_v2_authenticate (rpcsvc_request_t *req, void *priv)
                 goto err;
         }
 
+	if (req->auxgidcount > SMALL_GROUP_COUNT) {
+		req->auxgidlarge = GF_CALLOC(req->auxgidcount,
+					     sizeof(req->auxgids[0]),
+					     gf_common_mt_auxgids);
+		req->auxgids = req->auxgidlarge;
+	} else {
+		req->auxgids = req->auxgidsmall;
+	}
+
+	if (!req->auxgids) {
+		gf_log ("auth-glusterfs-v2", GF_LOG_WARNING,
+			"cannot allocate gid list");
+		ret = RPCSVC_AUTH_REJECT;
+		goto err;
+	}
+
         for (i = 0; i < req->auxgidcount; ++i)
                 req->auxgids[i] = au.groups.groups_val[i];
 
diff --git a/rpc/rpc-lib/src/auth-unix.c b/rpc/rpc-lib/src/auth-unix.c
index 6251d60a896..fa5f0576e31 100644
--- a/rpc/rpc-lib/src/auth-unix.c
+++ b/rpc/rpc-lib/src/auth-unix.c
@@ -42,6 +42,7 @@ int auth_unix_authenticate (rpcsvc_request_t *req, void *priv)
         if (!req)
                 return ret;
 
+	req->auxgids = req->auxgidsmall;
         ret = xdr_to_auth_unix_cred (req->cred.authdata, req->cred.datalen,
                                      &aup, machname, req->auxgids);
         if (ret == -1) {
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c
index 04b66091f73..c93b62d100d 100644
--- a/rpc/rpc-lib/src/rpcsvc-auth.c
+++ b/rpc/rpc-lib/src/rpcsvc-auth.c
@@ -327,6 +327,9 @@ rpcsvc_auth_request_init (rpcsvc_request_t *req)
         if (!auth->authops->request_init)
                 ret = auth->authops->request_init (req, auth->authprivate);
 
+	req->auxgids = req->auxgidsmall; /* reset to auxgidlarge during
+					    unsersialize if necessary */
+	req->auxgidlarge = NULL;
 err:
         return ret;
 }
diff --git a/rpc/rpc-lib/src/rpcsvc.c b/rpc/rpc-lib/src/rpcsvc.c
index 107a0f9a188..d9bbb1c54e2 100644
--- a/rpc/rpc-lib/src/rpcsvc.c
+++ b/rpc/rpc-lib/src/rpcsvc.c
@@ -281,6 +281,8 @@ rpcsvc_request_destroy (rpcsvc_request_t *req)
 
         rpc_transport_unref (req->trans);
 
+	GF_FREE (req->auxgidlarge);
+
         mem_put (req);
 
 out:
diff --git a/rpc/rpc-lib/src/rpcsvc.h b/rpc/rpc-lib/src/rpcsvc.h
index 1323c8b7aee..4bb59a82563 100644
--- a/rpc/rpc-lib/src/rpcsvc.h
+++ b/rpc/rpc-lib/src/rpcsvc.h
@@ -178,7 +178,9 @@ struct rpcsvc_request {
         /* Might want to move this to AUTH_UNIX specific state since this array
          * is not available for every authentication scheme.
          */
-        gid_t                   auxgids[GF_MAX_AUX_GROUPS];
+        gid_t                   *auxgids;
+        gid_t                   auxgidsmall[SMALL_GROUP_COUNT];
+        gid_t                   *auxgidlarge;
         int                     auxgidcount;