diff -up nfs-utils-1.3.0/aclocal/libtirpc.m4.orig nfs-utils-1.3.0/aclocal/libtirpc.m4

--- nfs-utils-1.3.0/aclocal/libtirpc.m4.orig	2014-03-25 11:12:07.000000000 -0400

+++ nfs-utils-1.3.0/aclocal/libtirpc.m4	2016-04-15 11:42:49.532156526 -0400

@@ -2,61 +2,61 @@ dnl Checks for TI-RPC library and header

 dnl

 AC_DEFUN([AC_LIBTIRPC], [

+  AS_IF(

+    [test "$enable_tirpc" != "no"],

+    [PKG_CHECK_MODULES([TIRPC], [libtirpc],

+                      [LIBTIRPC="${TIRPC_LIBS}"

+                       AM_CPPFLAGS="${AM_CPPFLAGS} ${TIRPC_CFLAGS}"

+                       AC_DEFINE([HAVE_LIBTIRPC], [1],

+                                 [Define to 1 if you have and wish to use libtirpc.])],

+                      [AC_LIBTIRPC_OLD

+                       AS_IF([test "$enable_tirpc" = "yes" -a -z "${LIBTIRPC}"],

+                             [AC_MSG_ERROR([libtirpc not found.])])])])

+

+     AS_IF([test -n "${LIBTIRPC}"],

+           [AC_CHECK_LIB([tirpc], [authgss_free_private_data],

+                         [AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], [1],

+                                    [Define to 1 if your rpcsec library provides authgss_free_private_data])],,

+                         [${LIBS}])])

+

+     AS_IF([test -n "${LIBTIRPC}"],

+           [AC_CHECK_LIB([tirpc], [libtirpc_set_debug],

+                         [AC_DEFINE([HAVE_LIBTIRPC_SET_DEBUG], [1],

+                                    [Define to 1 if your tirpc library provides libtirpc_set_debug])],,

+                         [${LIBS}])])

+

+  AC_SUBST([AM_CPPFLAGS])

+  AC_SUBST(LIBTIRPC)

+

+])dnl

+

+dnl Old way of checking libtirpc without pkg-config

+dnl This can go away when virtually all libtirpc provide a .pc file

+dnl

+AC_DEFUN([AC_LIBTIRPC_OLD], [

+

   AC_ARG_WITH([tirpcinclude],

               [AC_HELP_STRING([--with-tirpcinclude=DIR],

                               [use TI-RPC headers in DIR])],

               [tirpc_header_dir=$withval],

               [tirpc_header_dir=/usr/include/tirpc])

-  dnl if --enable-tirpc was specifed, the following components

-  dnl must be present, and we set up HAVE_ macros for them.

-

-  if test "$enable_tirpc" != "no"; then

-

-    dnl look for the library

-    AC_CHECK_LIB([tirpc], [clnt_tli_create], [:],

-                 [if test "$enable_tirpc" = "yes"; then

-			AC_MSG_ERROR([libtirpc not found.])

-		  else

-			AC_MSG_WARN([libtirpc not found. TIRPC disabled!])

-			enable_tirpc="no"

-		  fi])

-  fi

-

-  if test "$enable_tirpc" != "no"; then

-

-    dnl Check if library contains authgss_free_private_data

-    AC_CHECK_LIB([tirpc], [authgss_free_private_data], [have_free_private_data=yes],

-			[have_free_private_data=no])

-  fi

-

-  if test "$enable_tirpc" != "no"; then

-    dnl also must have the headers installed where we expect

-    dnl look for headers; add -I compiler option if found

-    AC_CHECK_HEADERS([${tirpc_header_dir}/netconfig.h],

-    		      AC_SUBST([AM_CPPFLAGS], ["-I${tirpc_header_dir}"]),

-		      [if test "$enable_tirpc" = "yes"; then

-			 AC_MSG_ERROR([libtirpc headers not found.])

-		       else

-			 AC_MSG_WARN([libtirpc headers not found. TIRPC disabled!])

-			 enable_tirpc="no"

-		       fi])

-

-  fi

-

-  dnl now set $LIBTIRPC accordingly

-  if test "$enable_tirpc" != "no"; then

-    AC_DEFINE([HAVE_LIBTIRPC], 1,

-              [Define to 1 if you have and wish to use libtirpc.])

-    LIBTIRPC="-ltirpc"

-    if test "$have_free_private_data" = "yes"; then

-      AC_DEFINE([HAVE_AUTHGSS_FREE_PRIVATE_DATA], 1,

-	      [Define to 1 if your rpcsec library provides authgss_free_private_data,])

-    fi

-  else

-    LIBTIRPC=""

-  fi

-

-  AC_SUBST(LIBTIRPC)

+  dnl Look for the library

+  AC_CHECK_LIB([tirpc], [clnt_tli_create],

+               [has_libtirpc="yes"],

+               [has_libtirpc="no"])

+

+  dnl Also must have the headers installed where we expect

+  dnl to look for headers; add -I compiler option if found

+  AS_IF([test "$has_libtirpc" = "yes"],

+        [AC_CHECK_HEADERS([${tirpc_header_dir}/netconfig.h],

+                          [AC_SUBST([AM_CPPFLAGS], ["-I${tirpc_header_dir}"])],

+                          [has_libtirpc="no"])])

+

+  dnl Now set $LIBTIRPC accordingly

+  AS_IF([test "$has_libtirpc" = "yes"],

+        [AC_DEFINE([HAVE_LIBTIRPC], [1],

+                   [Define to 1 if you have and wish to use libtirpc.])

+         LIBTIRPC="-ltirpc"])

 ])dnl

diff -up nfs-utils-1.3.0/support/include/nfslib.h.orig nfs-utils-1.3.0/support/include/nfslib.h

--- nfs-utils-1.3.0/support/include/nfslib.h.orig	2016-04-15 11:42:13.930460892 -0400

+++ nfs-utils-1.3.0/support/include/nfslib.h	2016-04-15 11:42:38.365938345 -0400

@@ -17,6 +17,7 @@

 #include <sys/socket.h>

 #include <netinet/in.h>

 #include <stdio.h>

+#include <stdbool.h>

 #include <paths.h>

 #include <rpcsvc/nfs_prot.h>

 #include <nfs/nfs.h>

@@ -129,8 +130,8 @@ void			fendrmtabent(FILE *fp);

 void			frewindrmtabent(FILE *fp);

 /* mydaemon */

-void mydaemon(int nochdir, int noclose, int *pipefds);

-void release_parent(int *pipefds);

+void daemon_init(bool fg);

+void daemon_ready(void);

 /*

  * wildmat borrowed from INN

@@ -182,6 +183,9 @@ size_t  strlcpy(char *, const char *, si

 ssize_t atomicio(ssize_t (*f) (int, void*, size_t),

 		 int, void *, size_t);

+#ifdef HAVE_LIBTIRPC_SET_DEBUG

+void  libtirpc_set_debug(char *name, int level, int use_stderr);

+#endif

 #define UNUSED(x) UNUSED_ ## x __attribute__((unused))

diff -up nfs-utils-1.3.0/support/nfs/mydaemon.c.orig nfs-utils-1.3.0/support/nfs/mydaemon.c

--- nfs-utils-1.3.0/support/nfs/mydaemon.c.orig	2014-03-25 11:12:07.000000000 -0400

+++ nfs-utils-1.3.0/support/nfs/mydaemon.c	2016-04-15 11:42:38.366938365 -0400

@@ -46,56 +46,61 @@

 #include <errno.h>

 #include <unistd.h>

 #include <stdio.h>

+#include <stdbool.h>

 #include <stdlib.h>

 #include <string.h>

 #include <xlog.h>

+#include "nfslib.h"

+

+static int pipefds[2] = { -1, -1};

+

 /**

- * mydaemon - daemonize, but have parent wait to exit

- * @nochdir:	skip chdir()'ing the child to / after forking if true

- * @noclose:	skip closing stdin/stdout/stderr if true

- * @pipefds:	pointer to 2 element array of pipefds

+ * daemon_init - initial daemon setup

+ * @fg:		whether to run in the foreground

  *

  * This function is like daemon(), but with our own special sauce to delay

  * the exit of the parent until the child is set up properly. A pipe is created

  * between parent and child. The parent process will wait to exit until the

- * child dies or writes a '1' on the pipe signaling that it started

- * successfully.

+ * child dies or writes an int on the pipe signaling its status.

  */

 void

-mydaemon(int nochdir, int noclose, int *pipefds)

+daemon_init(bool fg)

 {

 	int pid, status, tempfd;

+	if (fg)

+		return;

+

 	if (pipe(pipefds) < 0) {

 		xlog_err("mydaemon: pipe() failed: errno %d (%s)\n",

 			 errno, strerror(errno));

-		exit(1);

+		exit(EXIT_FAILURE);

 	}

-	if ((pid = fork ()) < 0) {

+

+	pid = fork();

+	if (pid < 0) {

 		xlog_err("mydaemon: fork() failed: errno %d (%s)\n",

 			 errno, strerror(errno));

-		exit(1);

+		exit(EXIT_FAILURE);

 	}

-	if (pid != 0) {

-		/*

-		 * Parent. Wait for status from child.

-		 */

+	if (pid > 0) {

+		/* Parent */

 		close(pipefds[1]);

-		if (read(pipefds[0], &status, 1) != 1)

-			exit(1);

-		exit (0);

+		if (read(pipefds[0], &status, sizeof(status)) != sizeof(status))

+			exit(EXIT_FAILURE);

+		exit(status);

 	}

-	/* Child.	*/

+

+	/* Child */

 	close(pipefds[0]);

 	setsid ();

-	if (nochdir == 0) {

-		if (chdir ("/") == -1) {

-			xlog_err("mydaemon: chdir() failed: errno %d (%s)\n",

-				 errno, strerror(errno));

-			exit(1);

-		}

+

+	if (chdir ("/")) {

+		xlog_err("mydaemon: chdir() failed: errno %d (%s)\n",

+			 errno, strerror(errno));

+		exit(EXIT_FAILURE);

 	}

 	while (pipefds[1] <= 2) {

@@ -103,41 +108,39 @@ mydaemon(int nochdir, int noclose, int *

 		if (pipefds[1] < 0) {

 			xlog_err("mydaemon: dup() failed: errno %d (%s)\n",

 				 errno, strerror(errno));

-			exit(1);

+			exit(EXIT_FAILURE);

 		}

 	}

-	if (noclose == 0) {

-		tempfd = open("/dev/null", O_RDWR);

-		if (tempfd >= 0) {

-			dup2(tempfd, 0);

-			dup2(tempfd, 1);

-			dup2(tempfd, 2);

-			close(tempfd);

-		} else {

-			xlog_err("mydaemon: can't open /dev/null: errno %d "

-				 "(%s)\n", errno, strerror(errno));

-			exit(1);

-		}

+	tempfd = open("/dev/null", O_RDWR);

+	if (tempfd < 0) {

+		xlog_err("mydaemon: can't open /dev/null: errno %d "

+			 "(%s)\n", errno, strerror(errno));

+		exit(EXIT_FAILURE);

 	}

-	return;

+	dup2(tempfd, 0);

+	dup2(tempfd, 1);

+	dup2(tempfd, 2);

+	closelog();

+	dup2(pipefds[1], 3);

+	pipefds[1] = 3;

+	closeall(4);

 }

 /**

- * release_parent - tell the parent that it can exit now

- * @pipefds:	pipefd array that was previously passed to mydaemon()

+ * daemon_ready - tell interested parties that the daemon is ready

  *

- * This function tells the parent process of mydaemon() that it's now clear

- * to exit(0).

+ * This function tells e.g. the parent process that the daemon is up

+ * and running.

  */

 void

-release_parent(int *pipefds)

+daemon_ready(void)

 {

-	int status;

+	int status = 0;

 	if (pipefds[1] > 0) {

-		if (write(pipefds[1], &status, 1) != 1) {

+		if (write(pipefds[1], &status, sizeof(status)) != sizeof(status)) {

 			xlog_err("WARN: writing to parent pipe failed: errno "

 				 "%d (%s)\n", errno, strerror(errno));

 		}

diff -up nfs-utils-1.3.0/support/nfs/svc_create.c.orig nfs-utils-1.3.0/support/nfs/svc_create.c

--- nfs-utils-1.3.0/support/nfs/svc_create.c.orig	2016-04-15 11:42:13.931460911 -0400

+++ nfs-utils-1.3.0/support/nfs/svc_create.c	2016-04-15 11:42:38.366938365 -0400

@@ -133,7 +133,7 @@ svc_create_bindaddr(struct netconfig *nc

 		hint.ai_family = AF_INET6;

 #endif	/* IPV6_SUPPORTED */

 	else {

-		xlog(D_GENERAL, "Unrecognized bind address family: %s",

+		xlog(L_ERROR, "Unrecognized bind address family: %s",

 			nconf->nc_protofmly);

 		return NULL;

 	}

@@ -143,7 +143,7 @@ svc_create_bindaddr(struct netconfig *nc

 	else if (strcmp(nconf->nc_proto, NC_TCP) == 0)

 		hint.ai_protocol = (int)IPPROTO_TCP;

 	else {

-		xlog(D_GENERAL, "Unrecognized bind address protocol: %s",

+		xlog(L_ERROR, "Unrecognized bind address protocol: %s",

 			nconf->nc_proto);

 		return NULL;

 	}

@@ -275,7 +275,7 @@ svc_create_nconf_rand_port(const char *n

 	xprt = svc_tli_create(RPC_ANYFD, nconf, &bindaddr, 0, 0);

 	freeaddrinfo(ai);

 	if (xprt == NULL) {

-		xlog(D_GENERAL, "Failed to create listener xprt "

+		xlog(L_ERROR, "Failed to create listener xprt "

 			"(%s, %u, %s)", name, version, nconf->nc_netid);

 		return 0;

 	}

@@ -286,10 +286,12 @@ svc_create_nconf_rand_port(const char *n

 		return 0;

 	}

+	rpc_createerr.cf_stat = rpc_createerr.cf_error.re_errno = 0;

 	if (!svc_reg(xprt, program, version, dispatch, nconf)) {

 		/* svc_reg(3) destroys @xprt in this case */

-		xlog(D_GENERAL, "Failed to register (%s, %u, %s)",

-				name, version, nconf->nc_netid);

+		xlog(L_ERROR, "Failed to register (%s, %u, %s): %s",

+				name, version, nconf->nc_netid, 

+				clnt_spcreateerror("svc_reg() err"));

 		return 0;

 	}

diff -up nfs-utils-1.3.0/support/nfs/svc_socket.c.orig nfs-utils-1.3.0/support/nfs/svc_socket.c

--- nfs-utils-1.3.0/support/nfs/svc_socket.c.orig	2016-04-15 11:42:13.931460911 -0400

+++ nfs-utils-1.3.0/support/nfs/svc_socket.c	2016-04-15 11:42:38.367938385 -0400

@@ -24,6 +24,7 @@

 #include <sys/socket.h>

 #include <sys/fcntl.h>

 #include <errno.h>

+#include "xlog.h"

 #ifdef _LIBC

 # include <libintl.h>

@@ -90,9 +91,9 @@ svcsock_nonblock(int sock)

 	 * connection.

 	 */

 	if ((flags = fcntl(sock, F_GETFL)) < 0)

-		perror(_("svc_socket: can't get socket flags"));

+		xlog(L_ERROR, "svc_socket: can't get socket flags: %m");

 	else if (fcntl(sock, F_SETFL, flags|O_NONBLOCK) < 0)

-		perror(_("svc_socket: can't set socket flags"));

+		xlog(L_ERROR, "svc_socket: can't set socket flags: %m");

 	else

 		return sock;

@@ -110,7 +111,7 @@ svc_socket (u_long number, int type, int

   if ((sock = __socket (AF_INET, type, protocol)) < 0)

     {

-      perror (_("svc_socket: socket creation problem"));

+      xlog(L_ERROR, "svc_socket: socket creation problem: %m");

       return sock;

     }

@@ -121,7 +122,7 @@ svc_socket (u_long number, int type, int

 			sizeof (ret));

       if (ret < 0)

 	{

-	  perror (_("svc_socket: socket reuse problem"));

+	  xlog(L_ERROR, "svc_socket: socket reuse problem: %m");

 	  return ret;

 	}

     }

@@ -132,7 +133,7 @@ svc_socket (u_long number, int type, int

   if (bind(sock, (struct sockaddr *) &addr, len) < 0)

     {

-      perror (_("svc_socket: bind problem"));

+      xlog(L_ERROR, "svc_socket: bind problem: %m");

       (void) __close(sock);

       sock = -1;

     }

diff -up nfs-utils-1.3.0/utils/gssd/context_heimdal.c.orig nfs-utils-1.3.0/utils/gssd/context_heimdal.c

--- nfs-utils-1.3.0/utils/gssd/context_heimdal.c.orig	2014-03-25 11:12:07.000000000 -0400

+++ nfs-utils-1.3.0/utils/gssd/context_heimdal.c	2016-04-15 11:42:38.367938385 -0400

@@ -260,7 +260,7 @@ serialize_krb5_ctx(gss_ctx_id_t *_ctx, g

 	if (write_heimdal_seq_key(&p, end, ctx)) goto out_err;

 	buf->length = p - (char *)buf->value;

-	printerr(2, "serialize_krb5_ctx: returning buffer "

+	printerr(4, "serialize_krb5_ctx: returning buffer "

 		    "with %d bytes\n", buf->length);

 	return 0;

diff -up nfs-utils-1.3.0/utils/gssd/context_lucid.c.orig nfs-utils-1.3.0/utils/gssd/context_lucid.c

--- nfs-utils-1.3.0/utils/gssd/context_lucid.c.orig	2014-03-25 11:12:07.000000000 -0400

+++ nfs-utils-1.3.0/utils/gssd/context_lucid.c	2016-04-15 11:42:38.367938385 -0400

@@ -206,7 +206,7 @@ prepare_krb5_rfc4121_buffer(gss_krb5_luc

 	if (WRITE_BYTES(&p, end, lctx->send_seq)) goto out_err;

 	/* Protocol 0 here implies DES3 or RC4 */

-	printerr(2, "%s: protocol %d\n", __FUNCTION__, lctx->protocol);

+	printerr(4, "%s: protocol %d\n", __FUNCTION__, lctx->protocol);

 	if (lctx->protocol == 0) {

 		enctype = lctx->rfc1964_kd.ctx_key.type;

 		keysize = lctx->rfc1964_kd.ctx_key.length;

@@ -219,7 +219,7 @@ prepare_krb5_rfc4121_buffer(gss_krb5_luc

 			keysize = lctx->cfx_kd.ctx_key.length;

 		}

 	}

-	printerr(2, "%s: serializing key with enctype %d and size %d\n",

+	printerr(4, "%s: serializing key with enctype %d and size %d\n",

 		 __FUNCTION__, enctype, keysize);

 	if (WRITE_BYTES(&p, end, enctype)) goto out_err;

@@ -265,7 +265,7 @@ serialize_krb5_ctx(gss_ctx_id_t *ctx, gs

 	gss_krb5_lucid_context_v1_t *lctx = 0;

 	int retcode = 0;

-	printerr(2, "DEBUG: %s: lucid version!\n", __FUNCTION__);

+	printerr(4, "DEBUG: %s: lucid version!\n", __FUNCTION__);

 	maj_stat = gss_export_lucid_sec_context(&min_stat, ctx,

 						1, &return_ctx);

 	if (maj_stat != GSS_S_COMPLETE) {

diff -up nfs-utils-1.3.0/utils/gssd/gssd.c.orig nfs-utils-1.3.0/utils/gssd/gssd.c

--- nfs-utils-1.3.0/utils/gssd/gssd.c.orig	2016-04-15 11:42:13.917460638 -0400

+++ nfs-utils-1.3.0/utils/gssd/gssd.c	2016-04-15 11:42:38.369938424 -0400

@@ -1,7 +1,7 @@

 /*

   gssd.c

-  Copyright (c) 2000 The Regents of the University of Michigan.

+  Copyright (c) 2000, 2004 The Regents of the University of Michigan.

   All rights reserved.

   Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>.

@@ -40,9 +40,18 @@

 #include <config.h>

 #endif	/* HAVE_CONFIG_H */

+#ifndef _GNU_SOURCE

+#define _GNU_SOURCE

+#endif

+

 #include <sys/param.h>

 #include <sys/socket.h>

+#include <sys/time.h>

+#include <sys/resource.h>

+#include <sys/inotify.h>

 #include <rpc/rpc.h>

+#include <netinet/in.h>

+#include <arpa/inet.h>

 #include <unistd.h>

 #include <err.h>

@@ -51,41 +60,684 @@

 #include <stdlib.h>

 #include <string.h>

 #include <signal.h>

+#include <memory.h>

+#include <fcntl.h>

+#include <dirent.h>

+#include <netdb.h>

+#include <event.h>

+

 #include "gssd.h"

 #include "err_util.h"

 #include "gss_util.h"

 #include "krb5_util.h"

 #include "nfslib.h"

-char pipefs_dir[PATH_MAX] = GSSD_PIPEFS_DIR;

-char keytabfile[PATH_MAX] = GSSD_DEFAULT_KEYTAB_FILE;

-char ccachedir[PATH_MAX] = GSSD_DEFAULT_CRED_DIR ":" GSSD_USER_CRED_DIR;

-char *ccachesearch[GSSD_MAX_CCACHE_SEARCH + 1];

+static char *pipefs_path = GSSD_PIPEFS_DIR;

+static DIR *pipefs_dir;

+static int pipefs_fd;

+static int inotify_fd;

+struct event inotify_ev;

+

+char *keytabfile = GSSD_DEFAULT_KEYTAB_FILE;

+char **ccachesearch;

 int  use_memcache = 0;

 int  root_uses_machine_creds = 1;

 unsigned int  context_timeout = 0;

 unsigned int  rpc_timeout = 5;

 char *preferred_realm = NULL;

-int pipefds[2] = { -1, -1 };

+/* Avoid DNS reverse lookups on server names */

+static bool avoid_dns = true;

+

+

+TAILQ_HEAD(topdir_list_head, topdir) topdir_list;

+

+struct topdir {

+	TAILQ_ENTRY(topdir) list;

+	TAILQ_HEAD(clnt_list_head, clnt_info) clnt_list;

+	int wd;

+	char name[];

+};

+

+/*

+ * topdir_list:

+ *	linked list of struct topdir with basic data about a topdir.

+ *

+ * clnt_list:

+ *      linked list of struct clnt_info with basic data about a clntXXX dir,

+ *      one per topdir.

+ *

+ * Directory structure: created by the kernel

+ *      {rpc_pipefs}/{topdir}/clntXX      : one per rpc_clnt struct in the kernel

+ *      {rpc_pipefs}/{topdir}/clntXX/krb5 : read uid for which kernel wants

+ *					    a context, write the resulting context

+ *      {rpc_pipefs}/{topdir}/clntXX/info : stores info such as server name

+ *      {rpc_pipefs}/{topdir}/clntXX/gssd : pipe for all gss mechanisms using

+ *					    a text-based string of parameters

+ *

+ * Algorithm:

+ *      Poll all {rpc_pipefs}/{topdir}/clntXX/YYYY files.  When data is ready,

+ *      read and process; performs rpcsec_gss context initialization protocol to

+ *      get a cred for that user.  Writes result to corresponding krb5 file

+ *      in a form the kernel code will understand.

+ *      In addition, we make sure we are notified whenever anything is

+ *      created or destroyed in {rpc_pipefs} or in any of the clntXX directories,

+ *      and rescan the whole {rpc_pipefs} when this happens.

+ */

+

+/*

+ * convert a presentation address string to a sockaddr_storage struct. Returns

+ * true on success or false on failure.

+ *

+ * Note that we do not populate the sin6_scope_id field here for IPv6 addrs.

+ * gssd nececessarily relies on hostname resolution and DNS AAAA records

+ * do not generally contain scope-id's. This means that GSSAPI auth really

+ * can't work with IPv6 link-local addresses.

+ *

+ * We *could* consider changing this if we did something like adopt the

+ * Microsoft "standard" of using the ipv6-literal.net domainname, but it's

+ * not really feasible at present.

+ */

+static bool

+gssd_addrstr_to_sockaddr(struct sockaddr *sa, const char *node, const char *port)

+{

+	int rc;

+	struct addrinfo *res;

+	struct addrinfo hints = { .ai_flags = AI_NUMERICHOST | AI_NUMERICSERV };

+

+#ifndef IPV6_SUPPORTED

+	hints.ai_family = AF_INET;

+#endif /* IPV6_SUPPORTED */

+

+	rc = getaddrinfo(node, port, &hints, &res;;

+	if (rc) {

+		printerr(0, "ERROR: unable to convert %s|%s to sockaddr: %s\n",

+			 node, port,

+			 rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc));

+		return false;

+	}

+

+#ifdef IPV6_SUPPORTED

+	/*

+	 * getnameinfo ignores the scopeid. If the address turns out to have

+	 * a non-zero scopeid, we can't use it -- the resolved host might be

+	 * completely different from the one intended.

+	 */

+	if (res->ai_addr->sa_family == AF_INET6) {

+		struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)res->ai_addr;

+		if (sin6->sin6_scope_id) {

+			printerr(0, "ERROR: address %s has non-zero "

+				    "sin6_scope_id!\n", node);

+			freeaddrinfo(res);

+			return false;

+		}

+	}

+#endif /* IPV6_SUPPORTED */

+

+	memcpy(sa, res->ai_addr, res->ai_addrlen);

+	freeaddrinfo(res);

+	return true;

+}

+

+/*

+ * convert a sockaddr to a hostname

+ */

+static char *

+gssd_get_servername(const char *name, const struct sockaddr *sa, const char *addr)

+{

+	socklen_t		addrlen;

+	int			err;

+	char			hbuf[NI_MAXHOST];

+	unsigned char		buf[sizeof(struct in6_addr)];

+

+	while (avoid_dns) {

+		/*

+		 * Determine if this is a server name, or an IP address.

+		 * If it is an IP address, do the DNS lookup otherwise

+		 * skip the DNS lookup.

+		 */

+		if (strchr(name, '.') == NULL)

+			break; /* local name */

+		else if (inet_pton(AF_INET, name, buf) == 1)

+			break; /* IPv4 address */

+		else if (inet_pton(AF_INET6, name, buf) == 1)

+			break; /* IPv6 addrss */

+

+		return strdup(name);

+	}

+

+	switch (sa->sa_family) {

+	case AF_INET:

+		addrlen = sizeof(struct sockaddr_in);

+		break;

+#ifdef IPV6_SUPPORTED

+	case AF_INET6:

+		addrlen = sizeof(struct sockaddr_in6);

+		break;

+#endif /* IPV6_SUPPORTED */

+	default:

+		printerr(0, "ERROR: unrecognized addr family %d\n",

+			 sa->sa_family);

+		return NULL;

+	}

+

+	err = getnameinfo(sa, addrlen, hbuf, sizeof(hbuf), NULL, 0,

+			  NI_NAMEREQD);

+	if (err) {

+		printerr(0, "ERROR: unable to resolve %s to hostname: %s\n",

+			 addr, err == EAI_SYSTEM ? strerror(errno) :

+						   gai_strerror(err));

+		return NULL;

+	}

+

+	return strdup(hbuf);

+}

+

+static void

+gssd_read_service_info(int dirfd, struct clnt_info *clp)

+{

+	int fd;

+	FILE *info = NULL;

+	int numfields;

+	char *server = NULL;

+	char *service = NULL;

+	int program;

+	int version;

+	char *address = NULL;

+	char *protoname = NULL;

+	char *port = NULL;

+	char *servername = NULL;

+

+	fd = openat(dirfd, "info", O_RDONLY);

+	if (fd < 0) {

+		printerr(0, "ERROR: can't open %s/info: %s\n",

+			 clp->relpath, strerror(errno));

+		goto fail;

+	}

+

+	info = fdopen(fd, "r");

+	if (!info) {

+		printerr(0, "ERROR: can't fdopen %s/info: %s\n",

+			 clp->relpath, strerror(errno));

+		close(fd);

+		goto fail;

+	}

+

+	/*

+	 * Some history:

+	 *

+	 * The first three lines were added with rpc_pipefs in 2003-01-13.

+	 * (commit af2f003391786fb632889c02142c941b212ba4ff)

+	 * 

+	 * The 'protocol' line was added in 2003-06-11.

+	 * (commit 9bd741ae48785d0c0e75cf906ff66f893d600c2d)

+	 *

+	 * The 'port' line was added in 2007-09-26.

+	 * (commit bf19aacecbeebccb2c3d150a8bd9416b7dba81fe)

+	 */

+	numfields = fscanf(info,

+			   "RPC server: %ms\n"

+			   "service: %ms (%d) version %d\n"

+			   "address: %ms\n"

+			   "protocol: %ms\n"

+			   "port: %ms\n",

+			   &server,

+			   &service, &program, &version,

+			   &address,

+			   &protoname,

+			   &port);

+

+

+	switch (numfields) {

+	case 5:

+		protoname = strdup("tcp");

+		if (!protoname)

+			goto fail;

+		/* fall through */

+	case 6:

+		/* fall through */

+	case 7:

+		break;

+	default:

+		goto fail;

+	}

+

+	if (!gssd_addrstr_to_sockaddr((struct sockaddr *)&clp->addr,

+				 address, port ? port : ""))

+		goto fail;

+