diff options
| author | Harshula Jayasuriya <harshula@sgi.com> | 2008-02-19 18:56:56 -0500 |
|---|---|---|
| committer | J. Bruce Fields <bfields@citi.umich.edu> | 2008-04-23 16:13:39 -0400 |
| commit | dd35210e1e2cb46d6dba5c97f1bc3784c4f97998 (patch) | |
| tree | f220067718db3bb3a263566eea30e9089a59c163 /net/sunrpc/auth_gss | |
| parent | 93245d11fcaccdebccabe86a2b92db524f82d8b4 (diff) | |
sunrpc: GSS integrity and decryption failures should return GARBAGE_ARGS
In function svcauth_gss_accept() (net/sunrpc/auth_gss/svcauth_gss.c) the
code that handles GSS integrity and decryption failures should be
returning GARBAGE_ARGS as specified in RFC 2203, sections 5.3.3.4.2 and
5.3.3.4.3.
Reviewed-by: Greg Banks <gnb@sgi.com>
Signed-off-by: Harshula Jayasuriya <harshula@sgi.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Diffstat (limited to 'net/sunrpc/auth_gss')
| -rw-r--r-- | net/sunrpc/auth_gss/svcauth_gss.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index 481f984e9a22..5905d56737d6 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c | |||
| @@ -1146,7 +1146,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) | |||
| 1146 | case RPC_GSS_SVC_INTEGRITY: | 1146 | case RPC_GSS_SVC_INTEGRITY: |
| 1147 | if (unwrap_integ_data(&rqstp->rq_arg, | 1147 | if (unwrap_integ_data(&rqstp->rq_arg, |
| 1148 | gc->gc_seq, rsci->mechctx)) | 1148 | gc->gc_seq, rsci->mechctx)) |
| 1149 | goto auth_err; | 1149 | goto garbage_args; |
| 1150 | /* placeholders for length and seq. number: */ | 1150 | /* placeholders for length and seq. number: */ |
| 1151 | svc_putnl(resv, 0); | 1151 | svc_putnl(resv, 0); |
| 1152 | svc_putnl(resv, 0); | 1152 | svc_putnl(resv, 0); |
| @@ -1154,7 +1154,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) | |||
| 1154 | case RPC_GSS_SVC_PRIVACY: | 1154 | case RPC_GSS_SVC_PRIVACY: |
| 1155 | if (unwrap_priv_data(rqstp, &rqstp->rq_arg, | 1155 | if (unwrap_priv_data(rqstp, &rqstp->rq_arg, |
| 1156 | gc->gc_seq, rsci->mechctx)) | 1156 | gc->gc_seq, rsci->mechctx)) |
| 1157 | goto auth_err; | 1157 | goto garbage_args; |
| 1158 | /* placeholders for length and seq. number: */ | 1158 | /* placeholders for length and seq. number: */ |
| 1159 | svc_putnl(resv, 0); | 1159 | svc_putnl(resv, 0); |
| 1160 | svc_putnl(resv, 0); | 1160 | svc_putnl(resv, 0); |
| @@ -1169,6 +1169,11 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) | |||
| 1169 | ret = SVC_OK; | 1169 | ret = SVC_OK; |
| 1170 | goto out; | 1170 | goto out; |
| 1171 | } | 1171 | } |
| 1172 | garbage_args: | ||
| 1173 | /* Restore write pointer to its original value: */ | ||
| 1174 | xdr_ressize_check(rqstp, reject_stat); | ||
| 1175 | ret = SVC_GARBAGE; | ||
| 1176 | goto out; | ||
| 1172 | auth_err: | 1177 | auth_err: |
| 1173 | /* Restore write pointer to its original value: */ | 1178 | /* Restore write pointer to its original value: */ |
| 1174 | xdr_ressize_check(rqstp, reject_stat); | 1179 | xdr_ressize_check(rqstp, reject_stat); |