system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-10-07 00:50:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
287178 commits 77 branches 139 tags 3.4 GiB
C 59.9%
C++ 26.1%
Roff 5%
Shell 2.9%
Assembly 1.7%
Other 3.8%
Find a file
Rick Macklem dd7d42a1fa nfscl/kgssapi: Fix Kerberized NFS mounts to pNFS servers 
During recent testing related to the IETF NFSv4 Bakeathon, it was
discovered that Kerberized NFSv4.1/4.2 mounts to pNFS servers
(sec=krb5[ip],pnfs mount options) was broken.
The FreeBSD client was using the "service principal" for
the MDS to try and establish a rpcsec_gss credential for a DS,
which is incorrect. (A "service principal" looks like
"nfs@<fqdn-of-server>" and the <fqdn-of-server> for the DS is not
the same as the MDS for most pNFS servers.)

To fix this, the rpcsec_gss code needs to be able to do a
reverse DNS lookup of the DS's IP address.  A new kgssapi upcall
to the gssd(8) daemon is added by this patch to do the reverse DNS
along with a new rpcsec_gss function to generate the "service
principal".

A separate patch to the gssd(8) will be committed, so that this
patch will fix the problem.  Without the gssd(8) patch, the new
upcall fails and current/incorrect behaviour remains.

This bug only affects the rare case of a Kerberized (sec=krb5[ip],pnfs)
mount using pNFS.

This patch changes the internal KAPI between the kgssapi and
nfscl modules, but since I did a version bump a few days ago,
I will not do one this time.

MFC after:	1 month
2023-10-23 13:21:14 -07:00
.cirrus-ci
.github MAINTAINERS: Add myself to stand 2023-05-07 22:30:10 -06:00
bin pkgbase: Move uuidgen to runtime package 2023-10-11 21:10:14 +02:00
cddl Trim various $FreeBSD$ 2023-10-10 10:34:43 -07:00
contrib Add expected failure for tmpfs atime test failing on FreeBSD 2023-10-22 10:58:52 -04:00
crypto KTLS: Enable KTLS for receiving as well in TLS 1.3 2023-10-19 11:34:58 -07:00
etc mtree: Fix entry 2023-10-09 12:56:19 +02:00
gnu Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
include Properly pad struct tx_cpu to cache line 2023-10-20 11:54:05 -07:00
kerberos5 Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
lib pf: allow states to be killed by their pre-NAT address 2023-10-23 16:37:05 +02:00
libexec flua: add fbsd module 2023-09-27 16:00:00 +02:00
release releng-gce: Add missing _ 2023-10-19 15:46:59 -07:00
rescue zfs: merge openzfs/zfs@804414aad 2023-08-26 23:51:42 +02:00
sbin devfs(8): Remove references to /usr/share/examples/etc/devfs.conf 2023-10-23 15:14:23 -03:00
secure OpenSSL: update to 3.0.11 2023-10-09 15:00:26 -04:00
share Revert "tests: fix ATF_TESTS_PYTEST no clean build" 2023-10-22 13:14:13 -04:00
stand Trim various $FreeBSD$ 2023-10-10 10:34:43 -07:00
sys nfscl/kgssapi: Fix Kerberized NFS mounts to pNFS servers 2023-10-23 13:21:14 -07:00
targets Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
tests pf tests: add a test for killing states by NAT address 2023-10-23 16:37:05 +02:00
tools tools/build: Support building with glibc 2.38 2023-10-20 16:45:06 +01:00
usr.bin install: handle -m +X more accurately 2023-10-18 21:44:05 -05:00
usr.sbin ofwdump(8): cross-reference openfirm(4) 2023-10-23 14:56:29 -03:00
.arcconfig arcanist: use FreeBSD/git project repository instead of FreeBSD/svn 2022-08-23 14:16:41 +00:00
.arclint
.cirrus.yml Cirrus CI: Trigger on pull requests or downstream repos 2023-10-09 15:13:21 -04:00
.clang-format Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
.git-blame-ignore-revs Add git-blame ignore file 2023-01-23 15:27:25 -05:00
.gitattributes
.gitignore .gitignore: Ignore LSP generated .cache 2023-03-07 10:04:18 -05:00
.mailmap Fix Sumit's email address 2023-10-19 15:49:05 -06:00
CONTRIBUTING.md CONTRIBUTING.md: add author identity info 2023-09-20 19:28:28 -04:00
COPYRIGHT Happy New Year 2023! 2023-01-01 13:44:43 +08:00
LOCKS Remove $FreeBSD$: one-line bare tag 2023-08-16 11:55:20 -06:00
MAINTAINERS Remove $FreeBSD$: one-line bare tag 2023-08-16 11:55:20 -06:00
Makefile Makefile: Support universe-toolchain on non-FreeBSD 2023-08-23 18:00:16 +01:00
Makefile.inc1 certctl: invoke with LOCALBASE set 2023-10-20 20:52:10 +01:00
Makefile.libcompat build{libcompat}: Pass UNIVERSE_TOOLCHAIN_PATH to the _lc_build-tools submake 2023-08-21 21:00:45 -07:00
Makefile.sys.inc Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
ObsoleteFiles.inc ObsoleteFiles.inc: Remove old mixer(8) tests 2023-10-20 11:36:04 -07:00
README.md README.md: link to the list of supported platforms 2022-11-01 12:20:55 -03:00
RELNOTES RELNOTES: fix typo 2023-10-10 13:59:32 +02:00
UPDATING UPDATING: Add entry for commit 57ce37f9dc 2023-10-18 13:17:42 -07:00

README.md

FreeBSD Source:

This is the top level of the FreeBSD source directory.

FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.

For copyright information, please see the file COPYRIGHT in this directory. Additional copyright information also exists for some sources in this tree - please see the specific source directories for more information.

The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7), config(8), FreeBSD handbook on building userland, and Handbook for kernels for more information, including setting make(1) variables.

For information on the CPU architectures and platforms supported by FreeBSD, see the FreeBSD website's Platforms page.

Source Roadmap:

Directory Description
bin System/user commands.
cddl Various commands and libraries under the Common Development and Distribution License.
contrib Packages contributed by 3rd parties.
crypto Cryptography stuff (see crypto/README).
etc Template files for /etc.
gnu Commands and libraries under the GNU General Public License (GPL) or Lesser General Public License (LGPL). Please see gnu/COPYING and gnu/COPYING.LIB for more information.
include System include files.
kerberos5 Kerberos5 (Heimdal) package.
lib System libraries.
libexec System daemons.
release Release building Makefile & associated tools.
rescue Build system for statically linked /rescue utilities.
sbin System commands.
secure Cryptographic libraries and commands.
share Shared resources.
stand Boot loader sources.
sys Kernel sources (see sys/README.md).
targets Support for experimental DIRDEPS_BUILD
tests Regression tests which can be run by Kyua. See tests/README for additional information.
tools Utilities for regression testing and miscellaneous tasks.
usr.bin User commands.
usr.sbin System administration commands.

For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see FreeBSD Handbook.