[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-nfs
Subject:    Re: GSSAPI fix for pynfs nfs4.1 client code
From:       "J. Bruce Fields" <bfields () fieldses ! org>
Date:       2021-09-30 21:25:06
Message-ID: 20210930212506.GB16927 () fieldses ! org
[Download RAW message or body]

On Thu, Sep 30, 2021 at 05:11:23PM -0400, J. Bruce Fields wrote:
> On Thu, Sep 30, 2021 at 06:22:09PM +0300, Volodymyr Khomenko wrote:
> > commit b77dc49c775756f08bdd0c6ebbe67a96f0ffe41f
> > Author: Volodymyr Khomenko <volodymyr@vastdata.com>
> > Date:   Thu Sep 30 17:53:04 2021 +0300
> > 
> >     Fixed GSSContext to start sequence numbering from 1
> >     
> >     GSS sequence number 0 is usually used by NFS4 NULL request
> >     during GSS context establishment (but ignored by server).
> >     Client should never reuse GSS sequence number, so using
> >     0 for the next real operation (EXCHANGE_ID) is possible but
> >     looks suspicious. Fixed the code so numbering for operations
> >     is done from 1 to avoid confusion.
> 
> So, I can verify that --security=krb5 works after this patch but not
> before, good.  But why is that?  As you say, the server is supposed to
> ignore the sequence number on context creation requests.  And 0 is valid
> sequence number as far as I know.

Looking at the network--my server's not responding to the first data
message.

I think the Linux server just has a bug.  I'll make a patch....

--b.
[prev in list] [next in list] [prev in thread] [next in thread]