diff options
| author | Harshula Jayasuriya <harshula@sgi.com> | 2008-02-20 10:56:56 +1100 |
|---|---|---|
| committer | J. Bruce Fields <bfields@citi.umich.edu> | 2008-04-23 16:13:39 -0400 |
| commit | dd35210e1e2cb46d6dba5c97f1bc3784c4f97998 (patch) | |
| tree | f220067718db3bb3a263566eea30e9089a59c163 | |
| parent | 93245d11fcaccdebccabe86a2b92db524f82d8b4 (diff) | |
| download | olio-linux-3.10-dd35210e1e2cb46d6dba5c97f1bc3784c4f97998.tar.xz olio-linux-3.10-dd35210e1e2cb46d6dba5c97f1bc3784c4f97998.zip | |
sunrpc: GSS integrity and decryption failures should return GARBAGE_ARGS
In function svcauth_gss_accept() (net/sunrpc/auth_gss/svcauth_gss.c) the
code that handles GSS integrity and decryption failures should be
returning GARBAGE_ARGS as specified in RFC 2203, sections 5.3.3.4.2 and
5.3.3.4.3.
Reviewed-by: Greg Banks <gnb@sgi.com>
Signed-off-by: Harshula Jayasuriya <harshula@sgi.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
| -rw-r--r-- | net/sunrpc/auth_gss/svcauth_gss.c | 9 | ||||
| -rw-r--r-- | net/sunrpc/svc.c | 3 |
2 files changed, 8 insertions, 4 deletions
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index 481f984e9a2..5905d56737d 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -1146,7 +1146,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) case RPC_GSS_SVC_INTEGRITY: if (unwrap_integ_data(&rqstp->rq_arg, gc->gc_seq, rsci->mechctx)) - goto auth_err; + goto garbage_args; /* placeholders for length and seq. number: */ svc_putnl(resv, 0); svc_putnl(resv, 0); @@ -1154,7 +1154,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) case RPC_GSS_SVC_PRIVACY: if (unwrap_priv_data(rqstp, &rqstp->rq_arg, gc->gc_seq, rsci->mechctx)) - goto auth_err; + goto garbage_args; /* placeholders for length and seq. number: */ svc_putnl(resv, 0); svc_putnl(resv, 0); @@ -1169,6 +1169,11 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) ret = SVC_OK; goto out; } +garbage_args: + /* Restore write pointer to its original value: */ + xdr_ressize_check(rqstp, reject_stat); + ret = SVC_GARBAGE; + goto out; auth_err: /* Restore write pointer to its original value: */ xdr_ressize_check(rqstp, reject_stat); diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c index 090af78d68b..7efb5133eb7 100644 --- a/net/sunrpc/svc.c +++ b/net/sunrpc/svc.c @@ -921,8 +921,7 @@ svc_process(struct svc_rqst *rqstp) case SVC_OK: break; case SVC_GARBAGE: - rpc_stat = rpc_garbage_args; - goto err_bad; + goto err_garbage; case SVC_SYSERR: rpc_stat = rpc_system_err; goto err_bad; |