lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130424140152.GA9794@fieldses.org>
Date:	Wed, 24 Apr 2013 10:01:52 -0400
From:	"J. Bruce Fields" <bfields@...ldses.org>
To:	Malte Schröder <maltesch@....de>
Cc:	linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: NFS4 sec=krb5 broken in 3.9-rc8

On Wed, Apr 24, 2013 at 07:58:44AM +0200, Malte Schröder wrote:
> On 23.04.2013 23:58, J. Bruce Fields wrote:
> > On Tue, Apr 23, 2013 at 09:55:01PM +0200, Malte Schröder wrote:
> >> Hi,
> >> when I update my server from kernel 3.8.5 to 3.9-rc8 I cannot mount its
> >> NFS exports from clients using nfs4 and sec=krb5. Using sec=sys works,
> >> using 3.8.5 also works good with both modes.
> > 
> > Could you get a network trace showing the failure
> > 
> > Run
> > 
> > 	tcpdump -s0 -wtmp.pcap
> > 
> > then send us tmp.pcap.
> > 
> > (You can also take a look at tmp.pcap yourself in wireshark--it may be
> > obvious where the failure occurs.)
> > 
> > --b.
> > 
> 
> The trace is attached. It contains two tries, the first using sec=sys,
> the second sec=krb5. I used "mount -tnfs -overs=4,sec=krb5 gateway:/
> /mnt". NFS-Utils have version 1.2.6.

Looks like the context creation succeeds and then the first use of the
new context (a PUTROOTFH+GETATTR) never gets a response.

Nothing interesting in the server's logs?

--b.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ