public inbox for linux-nfs@vger.kernel.org
 help / color / mirror / Atom feed
* [round2 PATCH 0/7] nfs-utils: add support for authenticated callbacks
@ 2009-05-20 15:20 Kevin Coffman
       [not found] ` <20090520151651.2986.29621.stgit-zTNJhAanYLVZN1qrTdtDg5Vzexx5G7lz@public.gmane.org>
  0 siblings, 1 reply; 13+ messages in thread
From: Kevin Coffman @ 2009-05-20 15:20 UTC (permalink / raw)
  To: steved; +Cc: linux-nfs

Hi Steve,

This series adds support to gssd and svcgssd to support
authenticated callbacks.

1) adds the name the client used when authenticating to the
svcgssd downcall information.  This is used by nfsd to determine
the target name when initiating the callback.

2) splits out the processing of update_client_list() to accomodate
a new upcall pipe added in the next patch.

3) changes gssd to process all rpc_pipefs directories (this patch is
changed from the first round to process all directories rather than
special-casing directories)

4) a debugging aid to distinquish which upcall is being processed

6) adds support for handling the "target=" attribute in the new upcall

7) adds support for handling the "service=" attribute in the new upcall

NOTE:  For authenticated callbacks to work, an NFS client or an
NFS server must be running both rpcgssd _and_ rpcsvcgssd.
This will require a configuration change.

A future patch is planned to combine gssd and svcgssd into
a single daemon to make configuration easier.  However, there
are some architectural issues that must be resolved first.

---

Kevin Coffman (1):
      gssd: add upcall support for callback authentication

Olga Kornievskaia (6):
      gssd: process service= attribute in new upcall
      gssd: process target= attribute in new upcall
      gssd: handle new client upcall
      gssd: print full client directory being handled
      gssd: refactor update_client_list()
      svcgssd: add client's principal name to downcall information


 utils/gssd/gssd.c           |    6 -
 utils/gssd/gssd.h           |   12 +
 utils/gssd/gssd_main_loop.c |  102 +++++++++++-
 utils/gssd/gssd_proc.c      |  365 +++++++++++++++++++++++++++++++++++--------
 utils/gssd/krb5_util.c      |   21 ++
 utils/gssd/krb5_util.h      |    3 
 utils/gssd/svcgssd_proc.c   |   94 ++++++++++-
 7 files changed, 505 insertions(+), 98 deletions(-)


^ permalink raw reply	[flat|nested] 13+ messages in thread

end of thread, other threads:[~2009-11-16 17:29 UTC | newest]

Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-05-20 15:20 [round2 PATCH 0/7] nfs-utils: add support for authenticated callbacks Kevin Coffman
     [not found] ` <20090520151651.2986.29621.stgit-zTNJhAanYLVZN1qrTdtDg5Vzexx5G7lz@public.gmane.org>
2009-05-20 15:20   ` [round2 PATCH 1/7] svcgssd: add client's principal name to downcall information Kevin Coffman
2009-05-20 15:20   ` [round2 PATCH 2/7] gssd: refactor update_client_list() Kevin Coffman
2009-05-20 15:20   ` [round2 PATCH 3/7] gssd: add upcall support for callback authentication Kevin Coffman
2009-05-20 15:20   ` [round2 PATCH 4/7] gssd: print full client directory being handled Kevin Coffman
2009-05-20 15:21   ` [round2 PATCH 5/7] gssd: handle new client upcall Kevin Coffman
2009-05-20 15:21   ` [round2 PATCH 6/7] gssd: process target= attribute in new upcall Kevin Coffman
2009-05-20 15:21   ` [round2 PATCH 7/7] gssd: process service= " Kevin Coffman
2009-06-05 18:57   ` [round2 PATCH 0/7] nfs-utils: add support for authenticated callbacks Steve Dickson
     [not found]     ` <4A296A95.3070208-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2009-06-05 19:47       ` Kevin Coffman
     [not found]         ` <4d569c330906051247y7e24a7d4q3392b1481954447c-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2009-06-09 19:10           ` Steve Dickson
     [not found]             ` <4A2EB3BC.8040802-AfCzQyP5zfLQT0dZR+AlfA@public.gmane.org>
2009-06-09 21:43               ` Kevin Coffman
2009-11-16 17:29   ` Steve Dickson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox