aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSage Weil <sage@newdream.net>2010-03-15 18:52:17 -0400
committerSage Weil <sage@newdream.net>2010-03-21 00:33:10 -0400
commit807c86e2ceba8febe79b289d50cd0d5e0b0af917 (patch)
treeff7ef8edfd4aab41ea32e735afc9c7fd4eb8f35a
parent63733a0fc55cca74b1911769633dc5dfd1a45907 (diff)
ceph: fix authenticator buffer size calculation
The buffer size was incorrectly calculated for the ceph_x_encrypt() encapsulated ticket blob. Use a helper (with correct arithmetic) and BUG out if we were wrong. Signed-off-by: Sage Weil <sage@newdream.net>
-rw-r--r--fs/ceph/auth_x.c19
1 files changed, 13 insertions, 6 deletions
diff --git a/fs/ceph/auth_x.c b/fs/ceph/auth_x.c
index f0318427b6da..96e7aaa77678 100644
--- a/fs/ceph/auth_x.c
+++ b/fs/ceph/auth_x.c
@@ -28,6 +28,12 @@ static int ceph_x_is_authenticated(struct ceph_auth_client *ac)
28 return (ac->want_keys & xi->have_keys) == ac->want_keys; 28 return (ac->want_keys & xi->have_keys) == ac->want_keys;
29} 29}
30 30
31static int ceph_x_encrypt_buflen(int ilen)
32{
33 return sizeof(struct ceph_x_encrypt_header) + ilen + 16 +
34 sizeof(u32);
35}
36
31static int ceph_x_encrypt(struct ceph_crypto_key *secret, 37static int ceph_x_encrypt(struct ceph_crypto_key *secret,
32 void *ibuf, int ilen, void *obuf, size_t olen) 38 void *ibuf, int ilen, void *obuf, size_t olen)
33{ 39{
@@ -242,7 +248,7 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
242 struct ceph_x_ticket_handler *th, 248 struct ceph_x_ticket_handler *th,
243 struct ceph_x_authorizer *au) 249 struct ceph_x_authorizer *au)
244{ 250{
245 int len; 251 int maxlen;
246 struct ceph_x_authorize_a *msg_a; 252 struct ceph_x_authorize_a *msg_a;
247 struct ceph_x_authorize_b msg_b; 253 struct ceph_x_authorize_b msg_b;
248 void *p, *end; 254 void *p, *end;
@@ -253,15 +259,15 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
253 dout("build_authorizer for %s %p\n", 259 dout("build_authorizer for %s %p\n",
254 ceph_entity_type_name(th->service), au); 260 ceph_entity_type_name(th->service), au);
255 261
256 len = sizeof(*msg_a) + sizeof(msg_b) + sizeof(u32) + 262 maxlen = sizeof(*msg_a) + sizeof(msg_b) +
257 ticket_blob_len + 16; 263 ceph_x_encrypt_buflen(ticket_blob_len);
258 dout(" need len %d\n", len); 264 dout(" need len %d\n", maxlen);
259 if (au->buf && au->buf->alloc_len < len) { 265 if (au->buf && au->buf->alloc_len < maxlen) {
260 ceph_buffer_put(au->buf); 266 ceph_buffer_put(au->buf);
261 au->buf = NULL; 267 au->buf = NULL;
262 } 268 }
263 if (!au->buf) { 269 if (!au->buf) {
264 au->buf = ceph_buffer_new(len, GFP_NOFS); 270 au->buf = ceph_buffer_new(maxlen, GFP_NOFS);
265 if (!au->buf) 271 if (!au->buf)
266 return -ENOMEM; 272 return -ENOMEM;
267 } 273 }
@@ -296,6 +302,7 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
296 au->buf->vec.iov_len = p - au->buf->vec.iov_base; 302 au->buf->vec.iov_len = p - au->buf->vec.iov_base;
297 dout(" built authorizer nonce %llx len %d\n", au->nonce, 303 dout(" built authorizer nonce %llx len %d\n", au->nonce,
298 (int)au->buf->vec.iov_len); 304 (int)au->buf->vec.iov_len);
305 BUG_ON(au->buf->vec.iov_len > maxlen);
299 return 0; 306 return 0;
300 307
301out_buf: 308out_buf: