NFSv4 + Kerberos + users

Kevin Coffman kwc at citi.umich.edu
Thu Jun 14 13:10:16 EDT 2007 

Thank you.  I have been busy with another project and haven't been
able to get to this problem yet.  I hope to get to it later today or
tomorrow.

K.C.


On 6/14/07, Zoltan Menyhart <Zoltan.Menyhart at bull.net> wrote:
> The following program can easily reproduce the problem.
> (Remember to define your own IP host / port.)
>
>
> #include <sys/socket.h>
> #include <rpcsecgss/rpc/auth_gss.h>
>
> #define PORT            264             // I saw gssd using this
> #define IP_ADDR         "174.16.110.72" // lucy2_10g.frec.bull.fr
> #define PROG            100003
> #define VERS            4
> #define R_S_SIZE        32768
> #define PRINC           "nfs at lucy2_10g.frec.bull.fr"    // '@' !!!
>
> /* from kerberos source, gssapi_krb5.c */
> gss_OID_desc krb5oid = {9, "\052\206\110\206\367\022\001\002\002"};
>
> struct rpc_gss_sec sec;
> struct sockaddr_in sa_in;
> CLIENT *cl;
> AUTH *auth;
>
> main()
> {
>         int     s;
>
>         sa_in.sin_family = AF_INET;
>         sa_in.sin_port = htons(PORT);
>         sa_in.sin_addr.s_addr = inet_addr(IP_ADDR);
>         cl = clnttcp_create(&sa_in, PROG, VERS, &s, R_S_SIZE, R_S_SIZE);
>         if (cl == NULL){
>                 fprintf(stderr, "clnttcp_create() failed\n");
>                 return 1;
>         }
>         sec.qop = GSS_C_QOP_DEFAULT;
>         sec.svc = RPCSEC_GSS_SVC_NONE;
>         sec.cred = GSS_C_NO_CREDENTIAL;
>         sec.req_flags = 0;
>         sec.mech = (gss_OID) &krb5oid;
>         sec.req_flags = GSS_C_MUTUAL_FLAG;
>         printf("Calling authgss_create_default()\n");
>         auth = authgss_create_default(cl, PRINC, &sec);
>         if (auth == NULL){
>                 fprintf(stderr, "authgss_create_default() failed\n");
>                 return 1;
>         }
>         printf("authgss_create_default() done\n");
>         cl->cl_auth = auth;
>         return 0;
> }
>
>
> # gdb a.out
> (gdb) r
>
> Calling authgss_create_default()
>
> ... many unprintable characters...
>                REC.BULL.FR(0&0fsucy2_10g.frec.bull.fr0O.3R at 1MXZ
> ... more unprintable characters...
>
> ^C
> Program received signal SIGINT, Interrupt.
> 0xa000000000010641 in __kernel_syscall_via_break ()
> (gdb) bt
> #0  0xa000000000010641 in __kernel_syscall_via_break ()
> #1  0x200000000024c5c0 in select () from /lib/tls/libc.so.6.1
> #2  0x2000000000085f00 in readtcp (ct=0x6000000000010030, buf=0x6000000000018150 "", len=32768)
>     at clnt_tcp.c:432
> #3  0x20000000002b7010 in set_input_fragment () from /lib/tls/libc.so.6.1
> #4  0x20000000002b7780 in xdrrec_getbytes () from /lib/tls/libc.so.6.1
> #5  0x20000000002b7b80 in xdrrec_getlong () from /lib/tls/libc.so.6.1
> #6  0x20000000002b3880 in xdr_u_long_internal () from /lib/tls/libc.so.6.1
> #7  0x20000000002ab930 in xdr_replymsg_internal () from /lib/tls/libc.so.6.1
> #8  0x20000000000855e0 in clnttcp_call (h=0x6000000000010010, proc=Variable "proc" is not available.
> ) at clnt_tcp.c:293
> #9  0x2000000000078060 in authgss_refresh (auth=0x6000000000023ae0) at auth_gss.c:516
> #10 0x2000000000078940 in authgss_create (clnt=0x6000000000010010, name=0x60000000000234e0,
>     sec=0x60000000000016d8) at auth_gss.c:220
> #11 0x2000000000078cc0 in authgss_create_default (clnt=0x6000000000010010,
>     service=0x4000000000000fc8 "nfs at lucy2_10g.frec.bull.fr", sec=0x60000000000016d0) at auth_gss.c:253
> #12 0x4000000000000c10 in main () at t1.c:46
>
>
> I cannot see the print-outs after authgss_create_default(), neither
> "authgss_create_default() failed\n" nor "authgss_create_default() done\n".
>
> Thanks,
>
> Zoltan
>
>
>

More information about the NFSv4 mailing list