From: "Weiser, Michael" <michael.weiser@atos.net>
To: Pavel Shilovsky <piastryyy@gmail.com>,
Jacob Shivers <jshivers@redhat.com>
Cc: Leif Sahlberg <lsahlber@redhat.com>, Simo Sorce <simo@redhat.com>,
"Shyam Prasad N" <nspmangalore@gmail.com>,
Steve French <smfrench@gmail.com>,
"The GSS-Proxy developers and users mailing list"
<gss-proxy@lists.fedorahosted.org>,
"linux-cifs@vger.kernel.org" <linux-cifs@vger.kernel.org>,
"samba-technical@lists.samba.org"
<samba-technical@lists.samba.org>
Subject: Re: [gssproxy] cifs-utils, Linux cifs kernel client and gssproxy
Date: Tue, 26 Oct 2021 10:08:48 +0000 [thread overview]
Message-ID: <4edcf2fc7ee94b1a8898149bc997ea20@atos.net> (raw)
In-Reply-To: <CAKywueQU8P-XQsiy4x6B=0YjuwUmTzPVg--SY0sWzGuq6Oy_-w@mail.gmail.com>
Hello Pavel,
I've now also had a chance to look at this in more detail. I've done a quick test and
everything still seems to work with the next branch.
> The only concern that I have is the compile warning below. Would
> appreciate it if you provide a fix for that.
FWIW: I do not get that warning either on Fedora 33 with gcc 10.3 and krb5-1.18.2-29.fc33
nor on Debian testing as of today with gcc 10.3 and krb5-1.18.3-7 nor on Gentoo
with gcc-11.2.0 and mit-krb5-1.19.2. But I do see that gssproxy has run into this as well and
solved it the same way. Looking at gssapi docs and source I do not see that we're doing
anything wrong here.
There's one minor additional change I found in my local branch switching from
(gss_OID)gss_nt_service_name to the more modern GSS_C_NT_HOSTBASED_SERVICE
in gss_import_name(). I've opened a PR on github. (Below as well but the groupware will
likely corrupt it.)
The old style bled over from an MIT krb5 example I based my initial trials on. The removed
cast might require another discard_const() now. Since I can't reproduce it, I'd leave that up
to you.
Author: Michael Weiser <michael.weiser@atos.net>
Date: Tue Oct 26 11:11:48 2021 +0200
cifs.upcall: switch to RFC principal type naming
Switch from old-style MIT krb5 gss_nt_service_name principal type
constant name to the now preferred GSS_C_NT_HOSTBASED_SERVICE.
Signed-off-by: Michael Weiser <michael.weiser@atos.net>
diff --git a/cifs.upcall.c b/cifs.upcall.c
index e9c7f5f..f11bfa6 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -794,7 +794,7 @@ cifs_gss_get_req(const char *host, DATA_BLOB *mechtoken, DATA_BLOB *sess_key)
target_name_buf.length = service_name_len;
maj_stat = gss_import_name(&min_stat, &target_name_buf,
- (gss_OID)gss_nt_service_name, &target_name);
+ GSS_C_NT_HOSTBASED_SERVICE, &target_name);
free(service_name);
if (GSS_ERROR(maj_stat)) {
cifs_gss_display_status("gss_import_name", maj_stat, min_stat);
--
Thanks
Michael
next prev parent reply other threads:[~2021-10-26 10:08 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-16 10:01 cifs-utils, Linux cifs kernel client and gssproxy Weiser, Michael
2020-12-16 14:31 ` [gssproxy] " Simo Sorce
2020-12-16 22:43 ` Steve French
2020-12-17 13:39 ` Simo Sorce
2020-12-17 21:22 ` Steve French
2020-12-17 21:25 ` Steve French
2020-12-17 21:53 ` Simo Sorce
2020-12-17 21:49 ` Simo Sorce
2021-02-19 11:30 ` Shyam Prasad N
2021-02-19 17:35 ` Simo Sorce
2021-02-23 17:42 ` Jacob Shivers
2021-02-23 19:54 ` Simo Sorce
2021-03-05 21:29 ` Jacob Shivers
2021-03-05 22:19 ` Simo Sorce
2021-04-13 23:53 ` ronnie sahlberg
2021-09-24 17:09 ` Pavel Shilovsky
2021-09-25 7:28 ` ronnie sahlberg
2021-09-27 7:18 ` Weiser, Michael
2021-09-30 23:17 ` Jacob Shivers
2021-10-21 23:23 ` Pavel Shilovsky
[not found] ` <CAGvGhF5rVU1WzLk=aE36n47P357UBOPbsjXE=B8J+feO3bVSSQ@mail.gmail.com>
[not found] ` <CALe0_77Bv_+v9cdNd_AL5DgA2+EaXMtF_0+rUw6y46fhHq0M4A@mail.gmail.com>
[not found] ` <CAKywueQU8P-XQsiy4x6B=0YjuwUmTzPVg--SY0sWzGuq6Oy_-w@mail.gmail.com>
2021-10-26 10:08 ` Weiser, Michael [this message]
2021-10-26 15:05 ` Jacob Shivers
2021-11-05 0:31 ` Pavel Shilovsky
2021-01-07 11:04 ` [gssproxy] " Weiser, Michael
[not found] ` <2d5a7cf3b6e8e31db010f6a3d159109ca48ca998.camel@samba.org>
2021-01-07 13:45 ` Simo
2021-02-19 11:26 ` Shyam Prasad N
2021-02-19 14:10 ` Weiser, Michael
2021-02-19 17:34 ` Simo Sorce
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4edcf2fc7ee94b1a8898149bc997ea20@atos.net \
--to=michael.weiser@atos.net \
--cc=gss-proxy@lists.fedorahosted.org \
--cc=jshivers@redhat.com \
--cc=linux-cifs@vger.kernel.org \
--cc=lsahlber@redhat.com \
--cc=nspmangalore@gmail.com \
--cc=piastryyy@gmail.com \
--cc=samba-technical@lists.samba.org \
--cc=simo@redhat.com \
--cc=smfrench@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.