diff options
| author | Mi Jinlong <mijinlong@cn.fujitsu.com> | 2010-11-08 20:39:23 -0500 |
|---|---|---|
| committer | J. Bruce Fields <bfields@redhat.com> | 2010-11-19 18:35:12 -0500 |
| commit | 5afa040b307952bb804eba34b21646da2842e14d (patch) | |
| tree | 3c7b1c14f3a9bb1a3a438d7f116be358ff4310e8 | |
| parent | 9c335c0b8daf56b9f73479d00b1dd726e1fcca09 (diff) | |
NFSv4.1: Make sure nfsd can decode SP4_SSV correctly at exchange_id
According to RFC, the argument of ssv_sp_parms4 is:
struct ssv_sp_parms4 {
state_protect_ops4 ssp_ops;
sec_oid4 ssp_hash_algs<>;
sec_oid4 ssp_encr_algs<>;
uint32_t ssp_window;
uint32_t ssp_num_gss_handles;
};
If client send a exchange_id with SP4_SSV, server cann't decode
the SP4_SSV's ssp_hash_algs and ssp_encr_algs arguments correctly.
Because the kernel treat the two arguments as a signal
sec_oid4 struct, but should be a set of sec_oid4 struct.
Signed-off-by: Mi Jinlong <mijinlong@cn.fujitsu.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
| -rw-r--r-- | fs/nfsd/nfs4xdr.c | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c index f35a94a04026..71d7d339e44a 100644 --- a/fs/nfsd/nfs4xdr.c +++ b/fs/nfsd/nfs4xdr.c | |||
| @@ -1005,7 +1005,7 @@ static __be32 | |||
| 1005 | nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp, | 1005 | nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp, |
| 1006 | struct nfsd4_exchange_id *exid) | 1006 | struct nfsd4_exchange_id *exid) |
| 1007 | { | 1007 | { |
| 1008 | int dummy; | 1008 | int dummy, tmp; |
| 1009 | DECODE_HEAD; | 1009 | DECODE_HEAD; |
| 1010 | 1010 | ||
| 1011 | READ_BUF(NFS4_VERIFIER_SIZE); | 1011 | READ_BUF(NFS4_VERIFIER_SIZE); |
| @@ -1053,15 +1053,23 @@ nfsd4_decode_exchange_id(struct nfsd4_compoundargs *argp, | |||
| 1053 | 1053 | ||
| 1054 | /* ssp_hash_algs<> */ | 1054 | /* ssp_hash_algs<> */ |
| 1055 | READ_BUF(4); | 1055 | READ_BUF(4); |
| 1056 | READ32(dummy); | 1056 | READ32(tmp); |
| 1057 | READ_BUF(dummy); | 1057 | while (tmp--) { |
| 1058 | p += XDR_QUADLEN(dummy); | 1058 | READ_BUF(4); |
| 1059 | READ32(dummy); | ||
| 1060 | READ_BUF(dummy); | ||
| 1061 | p += XDR_QUADLEN(dummy); | ||
| 1062 | } | ||
| 1059 | 1063 | ||
| 1060 | /* ssp_encr_algs<> */ | 1064 | /* ssp_encr_algs<> */ |
| 1061 | READ_BUF(4); | 1065 | READ_BUF(4); |
| 1062 | READ32(dummy); | 1066 | READ32(tmp); |
| 1063 | READ_BUF(dummy); | 1067 | while (tmp--) { |
| 1064 | p += XDR_QUADLEN(dummy); | 1068 | READ_BUF(4); |
| 1069 | READ32(dummy); | ||
| 1070 | READ_BUF(dummy); | ||
| 1071 | p += XDR_QUADLEN(dummy); | ||
| 1072 | } | ||
| 1065 | 1073 | ||
| 1066 | /* ssp_window and ssp_num_gss_handles */ | 1074 | /* ssp_window and ssp_num_gss_handles */ |
| 1067 | READ_BUF(8); | 1075 | READ_BUF(8); |