Re: [round2 PATCH 0/7] nfs-utils: add support for authenticated callbacks

public inbox for linux-nfs@vger.kernel.org
 help / color / mirror / Atom feed

From: Steve Dickson <SteveD@redhat.com>
To: Kevin Coffman <kwc@citi.umich.edu>
Cc: linux-nfs@vger.kernel.org
Subject: Re: [round2 PATCH 0/7] nfs-utils: add support for authenticated callbacks
Date: Mon, 16 Nov 2009 12:29:58 -0500	[thread overview]
Message-ID: <4B018C16.8030409@RedHat.com> (raw)
In-Reply-To: <20090520151651.2986.29621.stgit-zTNJhAanYLVZN1qrTdtDg5Vzexx5G7lz@public.gmane.org>



On 05/20/2009 11:20 AM, Kevin Coffman wrote:
> Hi Steve,
> 
> This series adds support to gssd and svcgssd to support
> authenticated callbacks.
> 
> 1) adds the name the client used when authenticating to the
> svcgssd downcall information.  This is used by nfsd to determine
> the target name when initiating the callback.
> 
> 2) splits out the processing of update_client_list() to accomodate
> a new upcall pipe added in the next patch.
> 
> 3) changes gssd to process all rpc_pipefs directories (this patch is
> changed from the first round to process all directories rather than
> special-casing directories)
> 
> 4) a debugging aid to distinquish which upcall is being processed
> 
> 6) adds support for handling the "target=" attribute in the new upcall
> 
> 7) adds support for handling the "service=" attribute in the new upcall
> 
> NOTE:  For authenticated callbacks to work, an NFS client or an
> NFS server must be running both rpcgssd _and_ rpcsvcgssd.
> This will require a configuration change.
> 
> A future patch is planned to combine gssd and svcgssd into
> a single daemon to make configuration easier.  However, there
> are some architectural issues that must be resolved first.
> 
> ---
> 
> Kevin Coffman (1):
>       gssd: add upcall support for callback authentication
> 
> Olga Kornievskaia (6):
>       gssd: process service= attribute in new upcall
>       gssd: process target= attribute in new upcall
>       gssd: handle new client upcall
>       gssd: print full client directory being handled
>       gssd: refactor update_client_list()
>       svcgssd: add client's principal name to downcall information
> 
> 
>  utils/gssd/gssd.c           |    6 -
>  utils/gssd/gssd.h           |   12 +
>  utils/gssd/gssd_main_loop.c |  102 +++++++++++-
>  utils/gssd/gssd_proc.c      |  365 +++++++++++++++++++++++++++++++++++--------
>  utils/gssd/krb5_util.c      |   21 ++
>  utils/gssd/krb5_util.h      |    3 
>  utils/gssd/svcgssd_proc.c   |   94 ++++++++++-
>  7 files changed, 505 insertions(+), 98 deletions(-)
> 
Sorry for taking so long to get to this... I did some quick regression
testing and did not see any problems... but it not clear I actually 
tested this new functionality....

I'm going to go ahead and commit this, but if you could supply me 
with some tests that explicitly test this new functionality would
be appreciated... 

steved.

     prev parent reply	other threads:[~2009-11-16 17:29 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-05-20 15:20 [round2 PATCH 0/7] nfs-utils: add support for authenticated callbacks Kevin Coffman
     [not found] ` <20090520151651.2986.29621.stgit-zTNJhAanYLVZN1qrTdtDg5Vzexx5G7lz@public.gmane.org>
2009-05-20 15:20   ` [round2 PATCH 1/7] svcgssd: add client's principal name to downcall information Kevin Coffman
2009-05-20 15:20   ` [round2 PATCH 2/7] gssd: refactor update_client_list() Kevin Coffman
2009-05-20 15:20   ` [round2 PATCH 3/7] gssd: add upcall support for callback authentication Kevin Coffman
2009-05-20 15:20   ` [round2 PATCH 4/7] gssd: print full client directory being handled Kevin Coffman
2009-05-20 15:21   ` [round2 PATCH 5/7] gssd: handle new client upcall Kevin Coffman
2009-05-20 15:21   ` [round2 PATCH 6/7] gssd: process target= attribute in new upcall Kevin Coffman
2009-05-20 15:21   ` [round2 PATCH 7/7] gssd: process service= " Kevin Coffman
2009-06-05 18:57   ` [round2 PATCH 0/7] nfs-utils: add support for authenticated callbacks Steve Dickson
     [not found]     ` <4A296A95.3070208-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2009-06-05 19:47       ` Kevin Coffman
     [not found]         ` <4d569c330906051247y7e24a7d4q3392b1481954447c-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2009-06-09 19:10           ` Steve Dickson
     [not found]             ` <4A2EB3BC.8040802-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2009-06-09 21:43               ` Kevin Coffman
2009-11-16 17:29   ` Steve Dickson [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4B018C16.8030409@RedHat.com \
    --to=steved@redhat.com \
    --cc=kwc@citi.umich.edu \
    --cc=linux-nfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox