diff options
| author | Sage Weil <sage@newdream.net> | 2010-03-15 18:52:17 -0400 |
|---|---|---|
| committer | Sage Weil <sage@newdream.net> | 2010-03-21 00:33:10 -0400 |
| commit | 807c86e2ceba8febe79b289d50cd0d5e0b0af917 (patch) | |
| tree | ff7ef8edfd4aab41ea32e735afc9c7fd4eb8f35a /fs | |
| parent | 63733a0fc55cca74b1911769633dc5dfd1a45907 (diff) | |
ceph: fix authenticator buffer size calculation
The buffer size was incorrectly calculated for the ceph_x_encrypt()
encapsulated ticket blob. Use a helper (with correct arithmetic) and
BUG out if we were wrong.
Signed-off-by: Sage Weil <sage@newdream.net>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/ceph/auth_x.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/fs/ceph/auth_x.c b/fs/ceph/auth_x.c index f0318427b6da..96e7aaa77678 100644 --- a/fs/ceph/auth_x.c +++ b/fs/ceph/auth_x.c | |||
| @@ -28,6 +28,12 @@ static int ceph_x_is_authenticated(struct ceph_auth_client *ac) | |||
| 28 | return (ac->want_keys & xi->have_keys) == ac->want_keys; | 28 | return (ac->want_keys & xi->have_keys) == ac->want_keys; |
| 29 | } | 29 | } |
| 30 | 30 | ||
| 31 | static int ceph_x_encrypt_buflen(int ilen) | ||
| 32 | { | ||
| 33 | return sizeof(struct ceph_x_encrypt_header) + ilen + 16 + | ||
| 34 | sizeof(u32); | ||
| 35 | } | ||
| 36 | |||
| 31 | static int ceph_x_encrypt(struct ceph_crypto_key *secret, | 37 | static int ceph_x_encrypt(struct ceph_crypto_key *secret, |
| 32 | void *ibuf, int ilen, void *obuf, size_t olen) | 38 | void *ibuf, int ilen, void *obuf, size_t olen) |
| 33 | { | 39 | { |
| @@ -242,7 +248,7 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac, | |||
| 242 | struct ceph_x_ticket_handler *th, | 248 | struct ceph_x_ticket_handler *th, |
| 243 | struct ceph_x_authorizer *au) | 249 | struct ceph_x_authorizer *au) |
| 244 | { | 250 | { |
| 245 | int len; | 251 | int maxlen; |
| 246 | struct ceph_x_authorize_a *msg_a; | 252 | struct ceph_x_authorize_a *msg_a; |
| 247 | struct ceph_x_authorize_b msg_b; | 253 | struct ceph_x_authorize_b msg_b; |
| 248 | void *p, *end; | 254 | void *p, *end; |
| @@ -253,15 +259,15 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac, | |||
| 253 | dout("build_authorizer for %s %p\n", | 259 | dout("build_authorizer for %s %p\n", |
| 254 | ceph_entity_type_name(th->service), au); | 260 | ceph_entity_type_name(th->service), au); |
| 255 | 261 | ||
| 256 | len = sizeof(*msg_a) + sizeof(msg_b) + sizeof(u32) + | 262 | maxlen = sizeof(*msg_a) + sizeof(msg_b) + |
| 257 | ticket_blob_len + 16; | 263 | ceph_x_encrypt_buflen(ticket_blob_len); |
| 258 | dout(" need len %d\n", len); | 264 | dout(" need len %d\n", maxlen); |
| 259 | if (au->buf && au->buf->alloc_len < len) { | 265 | if (au->buf && au->buf->alloc_len < maxlen) { |
| 260 | ceph_buffer_put(au->buf); | 266 | ceph_buffer_put(au->buf); |
| 261 | au->buf = NULL; | 267 | au->buf = NULL; |
| 262 | } | 268 | } |
| 263 | if (!au->buf) { | 269 | if (!au->buf) { |
| 264 | au->buf = ceph_buffer_new(len, GFP_NOFS); | 270 | au->buf = ceph_buffer_new(maxlen, GFP_NOFS); |
| 265 | if (!au->buf) | 271 | if (!au->buf) |
| 266 | return -ENOMEM; | 272 | return -ENOMEM; |
| 267 | } | 273 | } |
| @@ -296,6 +302,7 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac, | |||
| 296 | au->buf->vec.iov_len = p - au->buf->vec.iov_base; | 302 | au->buf->vec.iov_len = p - au->buf->vec.iov_base; |
| 297 | dout(" built authorizer nonce %llx len %d\n", au->nonce, | 303 | dout(" built authorizer nonce %llx len %d\n", au->nonce, |
| 298 | (int)au->buf->vec.iov_len); | 304 | (int)au->buf->vec.iov_len); |
| 305 | BUG_ON(au->buf->vec.iov_len > maxlen); | ||
| 299 | return 0; | 306 | return 0; |
| 300 | 307 | ||
| 301 | out_buf: | 308 | out_buf: |