diff --git a/configure.ac b/configure.ac
index 276dec3..4b698dd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -157,7 +157,7 @@ AC_ARG_WITH(rpcgen,
RPCGEN_PATH=$rpcgen_path
fi
AC_SUBST(RPCGEN_PATH)
- AM_CONDITIONAL(CONFIG_RPCGEN, [test "$RPCGEN_PATH" = ""])
+ AM_CONDITIONAL(CONFIG_RPCGEN, [test "$RPCGEN_PATH" = "internal"])
AC_ARG_ENABLE(uuid,
[AC_HELP_STRING([--disable-uuid],
[Exclude uuid support to avoid buggy libblkid. @<:@default=no@:>@])],
diff --git a/support/export/client.c b/support/export/client.c
index 2346f99..baf59c8 100644
--- a/support/export/client.c
+++ b/support/export/client.c
@@ -482,8 +482,9 @@ add_name(char *old, const char *add)
else
cp = cp + strlen(cp);
}
- if (old) {
- strncpy(new, old, cp-old);
+ len = cp-old;
+ if (old && len > 0) {
+ strncpy(new, old, len);
new[cp-old] = 0;
} else {
new[0] = 0;
diff --git a/support/include/exportfs.h b/support/include/exportfs.h
index 8af47a8..4e0d9d1 100644
--- a/support/include/exportfs.h
+++ b/support/include/exportfs.h
@@ -97,7 +97,7 @@ typedef struct mexport {
struct mclient * m_client;
struct exportent m_export;
int m_exported; /* known to knfsd. */
- int m_xtabent : 1, /* xtab entry exists */
+ unsigned int m_xtabent : 1, /* xtab entry exists */
m_mayexport: 1, /* derived from xtabbed */
m_changed : 1, /* options (may) have changed */
m_warned : 1; /* warned about multiple exports
diff --git a/support/misc/file.c b/support/misc/file.c
index 63597df..4065376 100644
--- a/support/misc/file.c
+++ b/support/misc/file.c
@@ -96,7 +96,7 @@ generic_setup_basedir(const char *progname, const char *parentdir, char *base,
}
/* Ensure we have a clean directory pathname */
- strncpy(buf, parentdir, sizeof(buf));
+ strncpy(buf, parentdir, sizeof(buf)-1);
path = dirname(buf);
if (*path == '.') {
(void)fprintf(stderr, "%s: Unusable directory %s",
diff --git a/support/nfsidmap/umich_ldap.c b/support/nfsidmap/umich_ldap.c
index 0e31b1c..b661110 100644
--- a/support/nfsidmap/umich_ldap.c
+++ b/support/nfsidmap/umich_ldap.c
@@ -1125,9 +1125,9 @@ umichldap_init(void)
/* Verify required information is supplied */
if (server_in == NULL || strlen(server_in) == 0)
- strncat(missing_msg, "LDAP_server ", sizeof(missing_msg));
+ strncat(missing_msg, "LDAP_server ", sizeof(missing_msg)-1);
if (ldap_info.base == NULL || strlen(ldap_info.base) == 0)
- strncat(missing_msg, "LDAP_base ", sizeof(missing_msg));
+ strncat(missing_msg, "LDAP_base ", sizeof(missing_msg)-1);
if (strlen(missing_msg) != 0) {
IDMAP_LOG(0, ("umichldap_init: Missing required information: "
"%s", missing_msg));
diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
index 2c14e5f..7b21ee2 100644
--- a/utils/gssd/gssd.c
+++ b/utils/gssd/gssd.c
@@ -279,16 +279,16 @@ gssd_read_service_info(int dirfd, struct clnt_info *clp)
* (commit bf19aacecbeebccb2c3d150a8bd9416b7dba81fe)
*/
numfields = fscanf(info,
- "RPC server: %ms\n"
- "service: %ms (%d) version %d\n"
- "address: %ms\n"
- "protocol: %ms\n"
- "port: %ms\n",
- &server,
- &service, &program, &version,
- &address,
- &protoname,
- &port);
+ "RPC server: %s\n"
+ "service: %s (%d) version %d\n"
+ "address: %s\n"
+ "protocol: %s\n"
+ "port: %s\n",
+ (char *)&server,
+ (char *)&service, &program, &version,
+ (char *)&address,
+ (char *)&protoname,
+ (char *)&port);
switch (numfields) {
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index ce73777..8767e26 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -520,8 +520,9 @@ out:
}
static AUTH *
-krb5_use_machine_creds(struct clnt_info *clp, uid_t uid, char *tgtname,
- char *service, CLIENT **rpc_clnt)
+krb5_use_machine_creds(struct clnt_info *clp, uid_t uid,
+ char *srchost, char *tgtname, char *service,
+ CLIENT **rpc_clnt)
{
AUTH *auth = NULL;
char **credlist = NULL;
@@ -534,7 +535,7 @@ krb5_use_machine_creds(struct clnt_info *clp, uid_t uid, char *tgtname,
do {
gssd_refresh_krb5_machine_credential(clp->servername, NULL,
- service);
+ service, srchost);
/*
* Get a list of credential cache names and try each
* of them until one works or we've tried them all
@@ -594,8 +595,8 @@ out:
* context on behalf of the kernel
*/
static void
-process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *tgtname,
- char *service)
+process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *srchost,
+ char *tgtname, char *service)
{
CLIENT *rpc_clnt = NULL;
AUTH *auth = NULL;
@@ -643,7 +644,7 @@ process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *tgtname,
if (auth == NULL) {
if (uid == 0 && (root_uses_machine_creds == 1 ||
service != NULL)) {
- auth = krb5_use_machine_creds(clp, uid, tgtname,
+ auth = krb5_use_machine_creds(clp, uid, srchost, tgtname,
service, &rpc_clnt);
if (auth == NULL)
goto out_return_error;
@@ -714,7 +715,7 @@ handle_krb5_upcall(struct clnt_upcall_info *info)
printerr(2, "\n%s: uid %d (%s)\n", __func__, info->uid, clp->relpath);
- process_krb5_upcall(clp, info->uid, clp->krb5_fd, NULL, NULL);
+ process_krb5_upcall(clp, info->uid, clp->krb5_fd, NULL, NULL, NULL);
free(info);
}
@@ -728,11 +729,12 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
char *uidstr = NULL;
char *target = NULL;
char *service = NULL;
+ char *srchost = NULL;
char *enctypes = NULL;
char *upcall_str;
char *pbuf = info->lbuf;
- printerr(2, "\n%s: '%s' (%s)\n", __func__, info->lbuf, clp->relpath);
+ printerr(2, "%s: '%s' (%s)\n", __func__, info->lbuf, clp->relpath);
upcall_str = strdup(info->lbuf);
if (upcall_str == NULL) {
@@ -751,6 +753,8 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
target = p + strlen("target=");
else if (!strncmp(p, "service=", strlen("service=")))
service = p + strlen("service=");
+ else if (!strncmp(p, "srchost=", strlen("srchost=")))
+ srchost = p + strlen("srchost=");
}
if (!mech || strlen(mech) < 1) {
@@ -802,7 +806,7 @@ handle_gssd_upcall(struct clnt_upcall_info *info)
}
if (strcmp(mech, "krb5") == 0 && clp->servername)
- process_krb5_upcall(clp, uid, clp->gssd_fd, target, service);
+ process_krb5_upcall(clp, uid, clp->gssd_fd, srchost, target, service);
else {
if (clp->servername)
printerr(0, "WARNING: handle_gssd_upcall: "
@@ -815,4 +819,3 @@ out_nomem:
free(info);
return;
}
-
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index b342b06..eba1aac 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -757,7 +757,8 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
* the server hostname.
*/
static int
-find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
+find_keytab_entry(krb5_context context, krb5_keytab kt,
+ const char *srchost, const char *tgtname,
krb5_keytab_entry *kte, const char **svcnames)
{
krb5_error_code code;
@@ -781,7 +782,9 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
goto out;
/* Get full local hostname */
- if (gethostname(myhostname, sizeof(myhostname)) == -1) {
+ if (srchost) {
+ strcpy(myhostname, srchost);
+ } else if (gethostname(myhostname, sizeof(myhostname)) == -1) {
retval = errno;
k5err = gssd_k5_err_msg(context, retval);
printerr(1, "%s while getting local hostname\n", k5err);
@@ -807,10 +810,12 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname,
myhostad[i+1] = 0;
}
- retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
- if (retval) {
- /* Don't use myhostname */
- myhostname[0] = 0;
+ if (!srchost) {
+ retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
+ if (retval) {
+ /* Don't use myhostname */
+ myhostname[0] = 0;
+ }
}
code = krb5_get_default_realm(context, &default_realm);
@@ -1140,7 +1145,7 @@ gssd_get_krb5_machine_cred_list(char ***list)
if (ple->ccname) {
/* Make sure cred is up-to-date before returning it */
retval = gssd_refresh_krb5_machine_credential(NULL, ple,
- NULL);
+ NULL, NULL);
if (retval)
continue;
if (i + 1 > listsize) {
@@ -1231,7 +1236,7 @@ gssd_destroy_krb5_machine_creds(void)
int
gssd_refresh_krb5_machine_credential(char *hostname,
struct gssd_k5_kt_princ *ple,
- char *service)
+ char *service, char *srchost)
{
krb5_error_code code = 0;
krb5_context context;
@@ -1240,6 +1245,9 @@ gssd_refresh_krb5_machine_credential(char *hostname,
char *k5err = NULL;
const char *svcnames[] = { "$", "root", "nfs", "host", NULL };
+ printerr(2, "%s: hostname=%s ple=%p service=%s srchost=%s\n",
+ __func__, hostname, ple, service, srchost);
+
/*
* If a specific service name was specified, use it.
* Otherwise, use the default list.
@@ -1270,7 +1278,8 @@ gssd_refresh_krb5_machine_credential(char *hostname,
if (ple == NULL) {
krb5_keytab_entry kte;
- code = find_keytab_entry(context, kt, hostname, &kte, svcnames);
+ code = find_keytab_entry(context, kt, srchost, hostname,
+ &kte, svcnames);
if (code) {
printerr(0, "ERROR: %s: no usable keytab entry found "
"in keytab %s for connection with host %s\n",
diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h
index e3bbb07..b000b44 100644
--- a/utils/gssd/krb5_util.h
+++ b/utils/gssd/krb5_util.h
@@ -30,7 +30,7 @@ void gssd_free_krb5_machine_cred_list(char **list);
void gssd_destroy_krb5_machine_creds(void);
int gssd_refresh_krb5_machine_credential(char *hostname,
struct gssd_k5_kt_princ *ple,
- char *service);
+ char *service, char *srchost);
char *gssd_k5_err_msg(krb5_context context, krb5_error_code code);
void gssd_k5_get_default_realm(char **def_realm);
diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c
index b87c4dd..4811e0f 100644
--- a/utils/idmapd/idmapd.c
+++ b/utils/idmapd/idmapd.c
@@ -310,7 +310,7 @@ main(int argc, char **argv)
if (!serverstart && !clientstart)
errx(1, "it is illegal to specify both -C and -S");
- strncat(pipefsdir, "/nfs", sizeof(pipefsdir));
+ strncat(pipefsdir, "/nfs", sizeof(pipefsdir)-1);
daemon_init(fg);
@@ -923,7 +923,8 @@ static int
getfield(char **bpp, char *fld, size_t fldsz)
{
char *bp;
- int val, n;
+ unsigned int val;
+ int n;
while ((bp = strsep(bpp, " ")) != NULL && bp[0] == '\0')
;
diff --git a/utils/mount/nfs4mount.c b/utils/mount/nfs4mount.c
index 89629ed..3e4f1e2 100644
--- a/utils/mount/nfs4mount.c
+++ b/utils/mount/nfs4mount.c
@@ -218,7 +218,7 @@ int nfs4mount(const char *spec, const char *node, int flags,
goto fail;
}
if (running_bg)
- strncpy(new_opts, old_opts, sizeof(new_opts));
+ strncpy(new_opts, old_opts, sizeof(new_opts)-1);
else
snprintf(new_opts, sizeof(new_opts), "%s%saddr=%s",
old_opts, *old_opts ? "," : "", s);
diff --git a/utils/mount/nfsmount.c b/utils/mount/nfsmount.c
index ae4a3da..952a755 100644
--- a/utils/mount/nfsmount.c
+++ b/utils/mount/nfsmount.c
@@ -828,7 +828,7 @@ noauth_flavors:
data.fd = fsock;
memcpy((char *) &data.addr, (char *) nfs_saddr, sizeof(data.addr));
- strncpy(data.hostname, hostname, sizeof(data.hostname));
+ strncpy(data.hostname, hostname, sizeof(data.hostname)-1);
out_ok:
/* Ensure we have enough padding for the following strcat()s */
diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index 4c68702..086c39b 100644
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -702,7 +702,7 @@ main(int argc, char **argv)
else
NFSCTL_TCPUNSET(_rpcprotobits);
for (vers = 2; vers <= 4; vers++) {
- char tag[10];
+ char tag[20];
sprintf(tag, "vers%d", vers);
if (conf_get_bool("nfsd", tag, NFSCTL_VERISSET(nfs_version, vers)))
NFSCTL_VERSET(nfs_version, vers);
diff --git a/utils/mountd/v4root.c b/utils/mountd/v4root.c
index f978f4c..d735dbf 100644
--- a/utils/mountd/v4root.c
+++ b/utils/mountd/v4root.c
@@ -92,7 +92,7 @@ v4root_create(char *path, nfs_export *export)
dupexportent(&eep, &pseudo_root.m_export);
eep.e_hostname = curexp->e_hostname;
- strncpy(eep.e_path, path, sizeof(eep.e_path));
+ strncpy(eep.e_path, path, sizeof(eep.e_path)-1);
if (strcmp(path, "/") != 0)
eep.e_flags &= ~NFSEXP_FSID;
set_pseudofs_security(&eep, curexp->e_flags);
diff --git a/utils/nfsd/nfsd.c b/utils/nfsd/nfsd.c
index 2303a5d..f048631 100644
--- a/utils/nfsd/nfsd.c
+++ b/utils/nfsd/nfsd.c
@@ -98,7 +98,7 @@ main(int argc, char **argv)
else
NFSCTL_TCPUNSET(protobits);
for (i = 2; i <= 4; i++) {
- char tag[10];
+ char tag[20];
sprintf(tag, "vers%d", i);
if (conf_get_bool("nfsd", tag, NFSCTL_VERISSET(versbits, i)))
NFSCTL_VERSET(versbits, i);
diff --git a/utils/nfsidmap/nfsidmap.c b/utils/nfsidmap/nfsidmap.c
index 374bc5d..d3967a3 100644
--- a/utils/nfsidmap/nfsidmap.c
+++ b/utils/nfsidmap/nfsidmap.c
@@ -283,7 +283,7 @@ static int key_invalidate(char *keystr, int keymask)
{
FILE *fp;
char buf[BUFSIZ], *ptr;
- key_serial_t key;
+ unsigned int key;
int mask;
xlog_syslog(0);
diff --git a/utils/nfsstat/nfsstat.c b/utils/nfsstat/nfsstat.c
index c779053..8fccea7 100644
--- a/utils/nfsstat/nfsstat.c
+++ b/utils/nfsstat/nfsstat.c
@@ -1013,7 +1013,7 @@ mounts(const char *name)
* be a fatal error -- it usually means the module isn't loaded.
*/
if ((fp = fopen(name, "r")) == NULL) {
- fprintf(stderr, "Warning: %s: %m\n", name);
+ fprintf(stderr, "Warning: %s: %s\n", name, strerror(errno));
return 0;
}
@@ -1089,8 +1089,8 @@ out:
fclose(fp);
if (err) {
if (!other_opt) {
- fprintf(stderr, "Error: No %s Stats (%s: %m). \n",
- label, file);
+ fprintf(stderr, "Error: No %s Stats (%s: %s). \n",
+ label, file, strerror(errno));
exit(2);
}
*opt = 0;
diff --git a/utils/statd/sm-notify.c b/utils/statd/sm-notify.c
index 6d19ec1..7a48473 100644
--- a/utils/statd/sm-notify.c
+++ b/utils/statd/sm-notify.c
@@ -569,7 +569,7 @@ usage: fprintf(stderr,
if (name == NULL)
exit(1);
- strncpy(nsm_hostname, name, sizeof(nsm_hostname));
+ strncpy(nsm_hostname, name, sizeof(nsm_hostname)-1);
free(name);
}
diff --git a/utils/statd/statd.c b/utils/statd/statd.c
index 563a272..2cc6cf3 100644
--- a/utils/statd/statd.c
+++ b/utils/statd/statd.c
@@ -231,11 +231,12 @@ static void set_nlm_port(char *type, int port)
}
if (fd >= 0) {
if (write(fd, nbuf, strlen(nbuf)) != (ssize_t)strlen(nbuf))
- fprintf(stderr, "%s: fail to set NLM %s port: %m\n",
- name_p, type);
+ fprintf(stderr, "%s: fail to set NLM %s port: %s\n",
+ name_p, type, strerror(errno));
close(fd);
} else
- fprintf(stderr, "%s: failed to open %s: %m\n", name_p, pathbuf);
+ fprintf(stderr, "%s: failed to open %s: %s\n",
+ name_p, pathbuf, strerror(errno));
}
/*