lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Apr 2013 10:01:52 -0400 From: "J. Bruce Fields" <bfields@...ldses.org> To: Malte Schröder <maltesch@....de> Cc: linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: NFS4 sec=krb5 broken in 3.9-rc8 On Wed, Apr 24, 2013 at 07:58:44AM +0200, Malte Schröder wrote: > On 23.04.2013 23:58, J. Bruce Fields wrote: > > On Tue, Apr 23, 2013 at 09:55:01PM +0200, Malte Schröder wrote: > >> Hi, > >> when I update my server from kernel 3.8.5 to 3.9-rc8 I cannot mount its > >> NFS exports from clients using nfs4 and sec=krb5. Using sec=sys works, > >> using 3.8.5 also works good with both modes. > > > > Could you get a network trace showing the failure > > > > Run > > > > tcpdump -s0 -wtmp.pcap > > > > then send us tmp.pcap. > > > > (You can also take a look at tmp.pcap yourself in wireshark--it may be > > obvious where the failure occurs.) > > > > --b. > > > > The trace is attached. It contains two tries, the first using sec=sys, > the second sec=krb5. I used "mount -tnfs -overs=4,sec=krb5 gateway:/ > /mnt". NFS-Utils have version 1.2.6. Looks like the context creation succeeds and then the first use of the new context (a PUTROOTFH+GETATTR) never gets a response. Nothing interesting in the server's logs? --b. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists