7 files changed, 37 insertions, 6 deletions

diff --git a/tests/basic/netgroup_parsing.t b/tests/basic/netgroup_parsing.t
index 73a69c44cea..cf8d871f1f8 100644
--- a/tests/basic/netgroup_parsing.t
+++ b/tests/basic/netgroup_parsing.t
@@ -21,6 +21,11 @@ function test_ng_3 ()
         glusterfsd --print-netgroups $1 | sed -n 3p
 }
 
+function test_ng_4 ()
+{
+        glusterfsd --print-netgroups $1 | sed -n 4p
+}
+
 function test_bad_ng ()
 {
         glusterfsd --print-netgroups $1 2>&1 | sed -n 1p
@@ -39,9 +44,10 @@ function test_empty_ng ()
         glusterfsd --print-netgroups $1 2>&1 | sed -n 2p
 }
 
-EXPECT_KEYWORD "ng2 (dev1763.prn2.example.com,,)" test_ng_1 $NG_FILES/netgroups
-EXPECT_KEYWORD "ng1 ng2 (dev1763.prn2.example.com,,)" test_ng_2 $NG_FILES/netgroups
-EXPECT_KEYWORD "asdf ng1 ng2 (dev1763.prn2.example.com,,)" test_ng_3  $NG_FILES/netgroups
+EXPECT_KEYWORD "ng3 (dev-1763.prn-2.example.com,,)" test_ng_1 $NG_FILES/netgroups
+EXPECT_KEYWORD "ng2 (dev1763.prn2.example.com,,)" test_ng_2 $NG_FILES/netgroups
+EXPECT_KEYWORD "ng1 ng2 (dev1763.prn2.example.com,,)" test_ng_3 $NG_FILES/netgroups
+EXPECT_KEYWORD "asdf ng1 ng2 (dev1763.prn2.example.com,,)" test_ng_4  $NG_FILES/netgroups
 # TODO: get a real-world large netgroup file
 #EXPECT_KEYWORD "wikipedia001.07.prn1 (wikipedia003.prn1.example.com,,)(wikipedia002.prn1.example.com,,)(wikipedia001.prn1.example.com,,)"  test_large_file
 EXPECT_KEYWORD "Parse error" test_bad_ng $NG_FILES/bad_netgroups
diff --git a/tests/configfiles/netgroups b/tests/configfiles/netgroups
index a4ed2c53df4..f1f5fcdc145 100644
--- a/tests/configfiles/netgroups
+++ b/tests/configfiles/netgroups
@@ -1,3 +1,4 @@
 asdf ng1
 ng1 ng2
 ng2 (dev1763.prn2.example.com,,)
+ng3 (dev-1763.prn-2.example.com,,)
diff --git a/xlators/nfs/server/src/exports.c b/xlators/nfs/server/src/exports.c
index b000b7e8118..83aec254040 100644
--- a/xlators/nfs/server/src/exports.c
+++ b/xlators/nfs/server/src/exports.c
@@ -753,6 +753,8 @@ __exp_line_ng_host_str_parse (char *str, struct export_item **exp_item)
         item_name = gf_strdup (str);
         GF_CHECK_ALLOC (item_name, ret, out);
 
+        gf_msg_trace (GF_EXP, 0, "found hostname/netgroup: %s", item_name);
+
         /* Initialize an export item for this */
         item = _export_item_init ();
         GF_CHECK_ALLOC (item, ret, free_and_out);
@@ -832,6 +834,8 @@ __exp_line_ng_parse (const char *line, dict_t **ng_dict)
                 goto out;
         }
 
+        gf_msg_trace (GF_EXP, 0, "parsing line: %s", line);
+
         while ((strmatch = parser_get_next_match (netgroup_parser))) {
                 if (!netgroups) {
                         /* Allocate a new dict to store the netgroups. */
@@ -842,6 +846,8 @@ __exp_line_ng_parse (const char *line, dict_t **ng_dict)
                         }
                 }
 
+                gf_msg_trace (GF_EXP, 0, "parsing netgroup: %s", strmatch);
+
                 ret = __exp_line_ng_host_str_parse (strmatch, &exp_ng);
 
                 if (ret != 0) {
@@ -927,6 +933,8 @@ __exp_line_host_parse (const char *line, dict_t **host_dict)
                 goto out;
         }
 
+        gf_msg_trace (GF_EXP, 0, "parsing line: %s", line);
+
         while ((strmatch = parser_get_next_match (hostname_parser))) {
                 if (!hosts) {
                         /* Allocate a new dictto store the netgroups. */
@@ -934,6 +942,8 @@ __exp_line_host_parse (const char *line, dict_t **host_dict)
                         GF_CHECK_ALLOC (hosts, ret, free_and_out);
                 }
 
+                gf_msg_trace (GF_EXP, 0, "parsing hostname: %s", strmatch);
+
                 ret = __exp_line_ng_host_str_parse (strmatch, &exp_host);
 
                 if (ret != 0) {
diff --git a/xlators/nfs/server/src/exports.h b/xlators/nfs/server/src/exports.h
index 51a3cd668a4..bc9af2f0b8b 100644
--- a/xlators/nfs/server/src/exports.h
+++ b/xlators/nfs/server/src/exports.h
@@ -22,7 +22,7 @@
 #define GF_EXP GF_NFS"-exports"
 
 #define NETGROUP_REGEX_PATTERN  "(@([a-zA-Z0-9\\(=, .])+)())"
-#define HOSTNAME_REGEX_PATTERN  "[[:space:]]([a-zA-Z0-9.\\(=,*/)]+)"
+#define HOSTNAME_REGEX_PATTERN  "[[:space:]]([a-zA-Z0-9.\\(=,*/)-]+)"
 #define OPTIONS_REGEX_PATTERN   "([a-zA-Z0-9=\\.]+)"
 
 #define NETGROUP_MAX_LEN        128
diff --git a/xlators/nfs/server/src/mount3.c b/xlators/nfs/server/src/mount3.c
index bf4ba0f25c7..c0eb1b24735 100644
--- a/xlators/nfs/server/src/mount3.c
+++ b/xlators/nfs/server/src/mount3.c
@@ -1994,6 +1994,10 @@ _mnt3_authenticate_req (struct mount3_state *ms, rpcsvc_request_t *req,
         /* Check if the IP is authorized */
         auth_status_code = mnt3_auth_host (ms->auth_params, host_addr_ip,
                                            fh, pathdup, is_write_op, &expitem);
+
+        gf_msg_debug (GF_MNT, 0, "access from IP %s is %s", host_addr_ip,
+                      auth_status_code ? "denied" : "allowed");
+
         if (auth_status_code != 0) {
                 /* If not, check if the FQDN is authorized */
                 host_addr_fqdn = gf_rev_dns_lookup (host_addr_ip);
@@ -2001,6 +2005,11 @@ _mnt3_authenticate_req (struct mount3_state *ms, rpcsvc_request_t *req,
                                                    host_addr_fqdn,
                                                    fh, pathdup, is_write_op,
                                                    &expitem);
+
+                gf_msg_debug (GF_MNT, 0, "access from FQDN %s is %s",
+                              host_addr_fqdn, auth_status_code ? "denied" :
+                                                                 "allowed");
+
                 if (auth_status_code == 0)
                         auth_host = host_addr_fqdn;
         } else
diff --git a/xlators/nfs/server/src/netgroups.c b/xlators/nfs/server/src/netgroups.c
index e9c0838a5cc..1003b72ef8c 100644
--- a/xlators/nfs/server/src/netgroups.c
+++ b/xlators/nfs/server/src/netgroups.c
@@ -735,11 +735,16 @@ _parse_ng_host (char *ng_str, struct netgroup_host **ngh)
         if (ret < 0)
                 goto out;
 
+        gf_msg_trace (GF_NG, 0, "parsing host string: %s", ng_str);
+
         ng_host = _netgroup_host_init ();
         GF_CHECK_ALLOC (ng_host, ret, free_and_out); /* Sets ret to -ENOMEM on
                                                       * failure.
                                                       */
         while ((match = parser_get_next_match (ng_host_parser)) != NULL) {
+                gf_msg_trace (GF_NG, 0, "found match: %s (parts=%d)", match,
+                              parts);
+
                 switch (parts) {
                 case 0:
                         ng_host->hostname = match;
diff --git a/xlators/nfs/server/src/netgroups.h b/xlators/nfs/server/src/netgroups.h
index c77a35a41f3..6044abfabb3 100644
--- a/xlators/nfs/server/src/netgroups.h
+++ b/xlators/nfs/server/src/netgroups.h
@@ -21,8 +21,8 @@
 
 #define GF_NG GF_NFS"-netgroup"
 
-#define NG_FILE_PARSE_REGEX "([a-zA-Z0-9.(,)]+)"
-#define NG_HOST_PARSE_REGEX "([a-zA-Z0-9.]+)"
+#define NG_FILE_PARSE_REGEX "([a-zA-Z0-9.(,)-]+)"
+#define NG_HOST_PARSE_REGEX "([a-zA-Z0-9.-]+)"
 
 struct netgroup_host {
         char *hostname;         /* Hostname of entry */