knfsd bug - unathenticated request from <addr>

Peter Benie (pjb1008@cam.ac.uk)
Sat, 22 Aug 1998 22:44:51 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Peter Benie: "[2.1.117] patch - Handling of RST in SYN_RECV state"
Previous message: pacman: "Re: ETXTBUSY on shared libs (patch included)"

knfsd doesn't deal with requests from some clients (including Solaris 2
and amd) correctly when the export list contains exports which are
not to individual machines.

Some mount programs call the NFSPROC_NULL procedure _before_ mounting
a filesystem. They do this because the portmapper GETPORT procedure
ignores the version no. of the program so you have to call an nfs
procedure to discover if there is a program version mismatch.

When a filesystem is exported to the world, to a netgroup, or to a
wildcard DNS name (eg. *.ac.uk), the kernel is not told which machines
have access to the filesystem until the client machines call the
mountd to mount the filesystem. At the point when NFSPROC_NULL is
called, the client is unauthenticated.

knfsd responds to requests from unauthenticated clients by dropping
the request on the floor, so the client never gets a reply and says
that the nfs server is not responding. Solaris 2 and amd will fail
to mount the filesystem.

Peter

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Peter Benie: "[2.1.117] patch - Handling of RST in SYN_RECV state"
Previous message: pacman: "Re: ETXTBUSY on shared libs (patch included)"