From: NeilBrown Add a set_client method to the server rpc auth_ops struct, used to set the client (for the purposes of nfsd export authorization) using flavor-specific information. Signed-off-by: J. Bruce Fields Signed-off-by: Neil Brown Signed-off-by: Andrew Morton --- 25-akpm/include/linux/sunrpc/svcauth.h | 2 ++ 25-akpm/net/sunrpc/auth_gss/svcauth_gss.c | 14 ++++++++++++++ 25-akpm/net/sunrpc/sunrpc_syms.c | 1 + 25-akpm/net/sunrpc/svcauth.c | 5 +++++ 25-akpm/net/sunrpc/svcauth_unix.c | 2 ++ 5 files changed, 24 insertions(+) diff -puN include/linux/sunrpc/svcauth.h~nfsd--svcrpc-add-a-per-flavor-set_client-method include/linux/sunrpc/svcauth.h --- 25/include/linux/sunrpc/svcauth.h~nfsd--svcrpc-add-a-per-flavor-set_client-method 2005-02-07 19:19:06.000000000 -0800 +++ 25-akpm/include/linux/sunrpc/svcauth.h 2005-02-07 19:19:06.000000000 -0800 @@ -92,6 +92,7 @@ struct auth_ops { int (*accept)(struct svc_rqst *rq, u32 *authp); int (*release)(struct svc_rqst *rq); void (*domain_release)(struct auth_domain *); + int (*set_client)(struct svc_rqst *rq); }; #define SVC_GARBAGE 1 @@ -107,6 +108,7 @@ struct auth_ops { extern int svc_authenticate(struct svc_rqst *rqstp, u32 *authp); extern int svc_authorise(struct svc_rqst *rqstp); +extern int svc_set_client(struct svc_rqst *rqstp); extern int svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops); extern void svc_auth_unregister(rpc_authflavor_t flavor); diff -puN net/sunrpc/auth_gss/svcauth_gss.c~nfsd--svcrpc-add-a-per-flavor-set_client-method net/sunrpc/auth_gss/svcauth_gss.c --- 25/net/sunrpc/auth_gss/svcauth_gss.c~nfsd--svcrpc-add-a-per-flavor-set_client-method 2005-02-07 19:19:06.000000000 -0800 +++ 25-akpm/net/sunrpc/auth_gss/svcauth_gss.c 2005-02-07 19:19:06.000000000 -0800 @@ -730,6 +730,19 @@ struct gss_svc_data { struct rsc *rsci; }; +static int +svcauth_gss_set_client(struct svc_rqst *rqstp) +{ + struct gss_svc_data *svcdata = rqstp->rq_auth_data; + struct rsc *rsci = svcdata->rsci; + struct rpc_gss_wire_cred *gc = &svcdata->clcred; + + rqstp->rq_client = find_gss_auth_domain(rsci->mechctx, gc->gc_svc); + if (rqstp->rq_client == NULL) + return SVC_DENIED; + return SVC_OK; +} + /* * Accept an rpcsec packet. * If context establishment, punt to user space @@ -1052,6 +1065,7 @@ static struct auth_ops svcauthops_gss = .accept = svcauth_gss_accept, .release = svcauth_gss_release, .domain_release = svcauth_gss_domain_release, + .set_client = svcauth_gss_set_client, }; int diff -puN net/sunrpc/sunrpc_syms.c~nfsd--svcrpc-add-a-per-flavor-set_client-method net/sunrpc/sunrpc_syms.c --- 25/net/sunrpc/sunrpc_syms.c~nfsd--svcrpc-add-a-per-flavor-set_client-method 2005-02-07 19:19:06.000000000 -0800 +++ 25-akpm/net/sunrpc/sunrpc_syms.c 2005-02-07 19:19:06.000000000 -0800 @@ -90,6 +90,7 @@ EXPORT_SYMBOL(svc_reserve); EXPORT_SYMBOL(svc_auth_register); EXPORT_SYMBOL(auth_domain_lookup); EXPORT_SYMBOL(svc_authenticate); +EXPORT_SYMBOL(svc_set_client); /* RPC statistics */ #ifdef CONFIG_PROC_FS diff -puN net/sunrpc/svcauth.c~nfsd--svcrpc-add-a-per-flavor-set_client-method net/sunrpc/svcauth.c --- 25/net/sunrpc/svcauth.c~nfsd--svcrpc-add-a-per-flavor-set_client-method 2005-02-07 19:19:06.000000000 -0800 +++ 25-akpm/net/sunrpc/svcauth.c 2005-02-07 19:19:06.000000000 -0800 @@ -59,6 +59,11 @@ svc_authenticate(struct svc_rqst *rqstp, return aops->accept(rqstp, authp); } +int svc_set_client(struct svc_rqst *rqstp) +{ + return rqstp->rq_authop->set_client(rqstp); +} + /* A request, which was authenticated, has now executed. * Time to finalise the the credentials and verifier * and release and resources diff -puN net/sunrpc/svcauth_unix.c~nfsd--svcrpc-add-a-per-flavor-set_client-method net/sunrpc/svcauth_unix.c --- 25/net/sunrpc/svcauth_unix.c~nfsd--svcrpc-add-a-per-flavor-set_client-method 2005-02-07 19:19:06.000000000 -0800 +++ 25-akpm/net/sunrpc/svcauth_unix.c 2005-02-07 19:19:06.000000000 -0800 @@ -429,6 +429,7 @@ struct auth_ops svcauth_null = { .flavour = RPC_AUTH_NULL, .accept = svcauth_null_accept, .release = svcauth_null_release, + .set_client = svcauth_unix_set_client, }; @@ -510,5 +511,6 @@ struct auth_ops svcauth_unix = { .accept = svcauth_unix_accept, .release = svcauth_unix_release, .domain_release = svcauth_unix_domain_release, + .set_client = svcauth_unix_set_client, }; _