idmap: handle bad principals
Motivation: Some exotic clients (read OSX) send empty principals, e.g. zero length. Such principals cant be handled by server and must be indicated as invalid, as stated by rfc3530. Modification: Throw InvalException in case of invalid principals. Result: better spec compliance, to exceptions like: 06 Jan 2017 17:44:34 (NFS-dcache) [] Unhandled exception: java.lang.IllegalArgumentException: Username can't be an empty string at com.google.common.base.Preconditions.checkArgument(Preconditions.java:122) ~[guava-19.0.jar:na] at org.dcache.auth.UserNamePrincipal.<init>(UserNamePrincipal.java:21) ~[dcache-common-3.0.3.jar:3.0.3] at org.dcache.chimera.nfsv41.door.StrategyIdMapper.principalToUid(StrategyIdMapper.java:114) ~[dcache-nfs-3.0.3.jar:3.0.3] at org.dcache.nfs.v4.OperationSETATTR.xdr2fattr(OperationSETATTR.java:165) ~[nfs4j-core-0.13.0.jar:0.13.0] at org.dcache.nfs.v4.OperationSETATTR.setAttributes(OperationSETATTR.java:121) ~[nfs4j-core-0.13.0.jar:0.13.0] at org.dcache.nfs.v4.OperationSETATTR.process(OperationSETATTR.java:106) ~[nfs4j-core-0.13.0.jar:0.13.0] at org.dcache.chimera.nfsv41.door.proxy.ProxyIoMdsOpFactory$1.lambda$process$0(ProxyIoMdsOpFactory.java:53) ~[dcache-nfs-3.0.3.jar:3.0.3] at java.security.AccessController.doPrivileged(Native Method) ~[na:1.8.0_111] at javax.security.auth.Subject.doAs(Subject.java:360) ~[na:1.8.0_111] at org.dcache.chimera.nfsv41.door.proxy.ProxyIoMdsOpFactory$1.process(ProxyIoMdsOpFactory.java:50) ~[dcache-nfs-3.0.3.jar:3.0.3] Acked-by: Paul Millar Target: master, 0.13 (cherry picked from commit 893f68cd) Signed-off-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de>
Please register or sign in to comment