nfs: improve probing parser

Checks credentials flavor is known

(cherry picked from commit b3c1f2ab489c22494900476426fd5cad9ba08cd1)

diff --git a/rust/src/nfs/nfs.rs b/rust/src/nfs/nfs.rs
index 532ed0886e05a342fae2af495141ff1b833a3757..55aab50e4cc344f3c0f697c9f79a1ef2e42c40fa 100644 (file)
--- a/rust/src/nfs/nfs.rs
+++ b/rust/src/nfs/nfs.rs
@@ -1791,7 +1791,7 @@ pub fn nfs_probe(i: &[u8], direction: u8) -> i8 {
                    rpc.program == 100003 &&
                    rpc.procedure <= NFSPROC3_COMMIT
                 {
-                    return 1;
+                    return rpc_auth_type_known(rpc.creds_flavor);
                 } else {
                     return -1;
                 }

diff --git a/rust/src/nfs/types.rs b/rust/src/nfs/types.rs
index d3f313a39d0b51e2a69df5dbcf432b4f6e12cac4..c8ddfafc11a26c6f4135fce6b4254cd24aced973 100644 (file)
--- a/rust/src/nfs/types.rs
+++ b/rust/src/nfs/types.rs
@@ -177,6 +177,14 @@ pub fn rpc_auth_type_string(auth_type: u32) -> String {
     }.to_string()
 }
 
+pub fn rpc_auth_type_known(auth_type: u32) -> i8 {
+    // RPCAUTH_GSS is the maximum
+    if auth_type <= RPCAUTH_GSS {
+        return 1;
+    }
+    return -1;
+}
+
 /* http://www.iana.org/assignments/rpc-authentication-numbers/rpc-authentication-numbers.xhtml */
 pub const RPCAUTH_OK:                   u32 = 0;  // success/failed at remote end    [RFC5531]
 pub const RPCAUTH_BADCRED:              u32 = 1;  // bad credential (seal broken)    [RFC5531]