NFSv4 + Kerberos + users

Zoltan Menyhart Zoltan.Menyhart at bull.net
Thu Jun 14 13:01:27 EDT 2007 

The following program can easily reproduce the problem.
(Remember to define your own IP host / port.)


#include <sys/socket.h>
#include <rpcsecgss/rpc/auth_gss.h>

#define PORT            264             // I saw gssd using this
#define IP_ADDR         "174.16.110.72" // lucy2_10g.frec.bull.fr
#define PROG            100003
#define VERS            4
#define R_S_SIZE        32768
#define PRINC           "nfs at lucy2_10g.frec.bull.fr"	// '@' !!!

/* from kerberos source, gssapi_krb5.c */
gss_OID_desc krb5oid = {9, "\052\206\110\206\367\022\001\002\002"};

struct rpc_gss_sec sec;
struct sockaddr_in sa_in;
CLIENT *cl;
AUTH *auth;

main()
{
        int     s;

        sa_in.sin_family = AF_INET;
        sa_in.sin_port = htons(PORT);
        sa_in.sin_addr.s_addr = inet_addr(IP_ADDR);
        cl = clnttcp_create(&sa_in, PROG, VERS, &s, R_S_SIZE, R_S_SIZE);
        if (cl == NULL){
                fprintf(stderr, "clnttcp_create() failed\n");
                return 1;
        }
        sec.qop = GSS_C_QOP_DEFAULT;
        sec.svc = RPCSEC_GSS_SVC_NONE;
        sec.cred = GSS_C_NO_CREDENTIAL;
        sec.req_flags = 0;
        sec.mech = (gss_OID) &krb5oid;
        sec.req_flags = GSS_C_MUTUAL_FLAG;
        printf("Calling authgss_create_default()\n");
        auth = authgss_create_default(cl, PRINC, &sec);
        if (auth == NULL){
                fprintf(stderr, "authgss_create_default() failed\n");
                return 1;
        }
        printf("authgss_create_default() done\n");
        cl->cl_auth = auth;
        return 0;
}


# gdb a.out
(gdb) r

Calling authgss_create_default()

... many unprintable characters...
               REC.BULL.FR(0&0fsucy2_10g.frec.bull.fr0O.3R at 1MXZ
... more unprintable characters...

^C
Program received signal SIGINT, Interrupt.
0xa000000000010641 in __kernel_syscall_via_break ()
(gdb) bt
#0  0xa000000000010641 in __kernel_syscall_via_break ()
#1  0x200000000024c5c0 in select () from /lib/tls/libc.so.6.1
#2  0x2000000000085f00 in readtcp (ct=0x6000000000010030, buf=0x6000000000018150 "", len=32768)
    at clnt_tcp.c:432
#3  0x20000000002b7010 in set_input_fragment () from /lib/tls/libc.so.6.1
#4  0x20000000002b7780 in xdrrec_getbytes () from /lib/tls/libc.so.6.1
#5  0x20000000002b7b80 in xdrrec_getlong () from /lib/tls/libc.so.6.1
#6  0x20000000002b3880 in xdr_u_long_internal () from /lib/tls/libc.so.6.1
#7  0x20000000002ab930 in xdr_replymsg_internal () from /lib/tls/libc.so.6.1
#8  0x20000000000855e0 in clnttcp_call (h=0x6000000000010010, proc=Variable "proc" is not available.
) at clnt_tcp.c:293
#9  0x2000000000078060 in authgss_refresh (auth=0x6000000000023ae0) at auth_gss.c:516
#10 0x2000000000078940 in authgss_create (clnt=0x6000000000010010, name=0x60000000000234e0,
    sec=0x60000000000016d8) at auth_gss.c:220
#11 0x2000000000078cc0 in authgss_create_default (clnt=0x6000000000010010,
    service=0x4000000000000fc8 "nfs at lucy2_10g.frec.bull.fr", sec=0x60000000000016d0) at auth_gss.c:253
#12 0x4000000000000c10 in main () at t1.c:46


I cannot see the print-outs after authgss_create_default(), neither
"authgss_create_default() failed\n" nor "authgss_create_default() done\n".

Thanks,

Zoltan

More information about the NFSv4 mailing list