From: "Muntz, Daniel" <Dan.Muntz@netapp.com>
Subject: RE: Problem with 2.6.33-rc1 and insecure flag
Date: Sun, 20 Dec 2009 02:13:07 -0800
Message-ID: <7A24DF798E223B4C9864E8F92E8C93EC04EBFD3F@SACMVEXC1-PRD.hq.netapp.com>
References: <20091220094625.GA2159@trillian.comsick.at>
Mime-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Cc: "linux-nfs" <linux-nfs@vger.kernel.org>
To: "Michael Guntsche" <mike-Z92qn3yYq0hWk0Htik3J/w@public.gmane.org>, <bfields@citi.umich.edu>
Return-path: <linux-nfs-owner@vger.kernel.org>
Received: from mx2.netapp.com ([216.240.18.37]:44770 "EHLO mx2.netapp.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752922AbZLTKNY convert rfc822-to-8bit (ORCPT
	<rfc822;linux-nfs@vger.kernel.org>); Sun, 20 Dec 2009 05:13:24 -0500
In-Reply-To: <20091220094625.GA2159-8FIgwK2HfyKMj3X28ACnv+Tv7YV0F9Eg@public.gmane.org>
Sender: linux-nfs-owner@vger.kernel.org
List-ID: <linux-nfs.vger.kernel.org>

If one were to hit this bug with v4.x, would the error be something like
this in the RPC layer:

   Reply State: denied (1)
   Reject State: AUTH_ERROR (1)
   Auth State: bad credential (seal broken) (1) 

  -Dan

> -----Original Message-----
> From: Michael Guntsche [mailto:mike-Z92qn3yYq0hWk0Htik3J/w@public.gmane.org] 
> Sent: Sunday, December 20, 2009 1:46 AM
> To: bfields@citi.umich.edu
> Cc: linux-nfs
> Subject: Re: Problem with 2.6.33-rc1 and insecure flag
> 
> I think I figured out the problem. 
> 
> Apparently the code checked if insecure was set, while it 
> should check if it was NOT set.
> 
> Kind regards,
> Michael
> 
> diff --git a/fs/nfsd/nfsfh.c b/fs/nfsd/nfsfh.c
> index 1c12177..55c8e63 100644
> --- a/fs/nfsd/nfsfh.c
> +++ b/fs/nfsd/nfsfh.c
> @@ -89,7 +89,7 @@ static __be32 
> nfsd_setuser_and_check_port(struct svc_rqst *rqstp,
>         int flags = nfsexp_flags(rqstp, exp);
>  
>         /* Check if the request originated from a secure port. */
> -       if (!rqstp->rq_secure && (flags & NFSEXP_INSECURE_PORT)) {
> +       if (!rqstp->rq_secure && !(flags & NFSEXP_INSECURE_PORT)) {
>                 RPC_IFDEBUG(char buf[RPC_MAX_ADDRBUFLEN]);
>                 dprintk(KERN_WARNING
>                        "nfsd: request from insecure port %s!\n",
> 
> 
> 
> --
> To unsubscribe from this list: send the line "unsubscribe 
> linux-nfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>