OpenAFS Master Repository branch, openafs-stable-1_6_x, updated. openafs-stable-1_6_22_2-73-g0cdb370
Gerrit Code Review
gerrit@openafs.org
Tue, 11 Sep 2018 15:00:59 -0400
The following commit has been merged in the openafs-stable-1_6_x branch:
commit fa04588907321e8b50b64f30dcc049e60268a05a
Author: Benjamin Kaduk <kaduk@mit.edu>
Date: Thu Sep 6 18:50:39 2018 -0500
OPENAFS-SA-2018-001 butc: require authenticated connections with -localauth
The butc -localauth option is available to use the cell-wide key to
authenticate to the vlserver and buserver, which in normal deployments
will require incoming connections to be authenticated as a superuser.
In such cases, the cell-wide key is also available for use in
authenticating incoming connections to the butc, which would otherwise
have been completely unauthenticated.
Because of the security hazards of allowing unauthenticaed inbound
RPCs, especially ones that manipulate backup information and are allowed
to initiate outboud RPCs authenticated as the superuser, default to
not allowing unauthenticated inbound RPCs at all. Provide an opt-out
command-line argument for deployments that require this functionality
and have configured their network environment (firewall/etc.) appropriately.
(cherry picked from commit 1b199eeafad6420982380ce5e858f00c528cfd13)
Change-Id: I914f867bf3a328de0e994f999b5e106a6efe71b5
doc/man-pages/pod8/butc.pod | 16 ++++++++++-
src/butc/butc_prototypes.h | 1 +
src/butc/tcmain.c | 59 +++++++++++++++++++++++++++++++++++-------
src/butc/tcprocs.c | 11 +++++---
4 files changed, 71 insertions(+), 16 deletions(-)
--
OpenAFS Master Repository