aboutsummaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2008-04-24 14:45:00 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2008-04-24 14:45:00 -0400
commit10c993a6b5418cb1026775765ba4c70ffb70853d (patch)
tree717deba79b938c2f3f786ff6fe908d30582f06f8 /net/sunrpc/auth_gss
parentc328d54cd4ad120d76284e46dcca6c6cf996154a (diff)
parentca456252db0521e5e88024fa2b67535e9739e030 (diff)
Merge branch 'for-linus' of git://linux-nfs.org/~bfields/linux
* 'for-linus' of git://linux-nfs.org/~bfields/linux: (52 commits) knfsd: clear both setuid and setgid whenever a chown is done knfsd: get rid of imode variable in nfsd_setattr SUNRPC: Use unsigned loop and array index in svc_init_buffer() SUNRPC: Use unsigned index when looping over arrays SUNRPC: Update RPC server's TCP record marker decoder SUNRPC: RPC server still uses 2.4 method for disabling TCP Nagle NLM: don't let lockd exit on unexpected svc_recv errors (try #2) NFS: don't let nfs_callback_svc exit on unexpected svc_recv errors (try #2) Use a zero sized array for raw field in struct fid nfsd: use static memory for callback program and stats SUNRPC: remove svc_create_thread() nfsd: fix comment lockd: Fix stale nlmsvc_unlink_block comment NFSD: Strip __KERNEL__ testing from unexported header files. sunrpc: make token header values less confusing gss_krb5: consistently use unsigned for seqnum NFSD: Remove NFSv4 dependency on NFSv3 SUNRPC: Remove PROC_FS dependency NFSD: Use "depends on" for PROC_FS dependency nfsd: move most of fh_verify to separate function ...
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/gss_generic_token.c4
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_crypto.c6
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seal.c9
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seqnum.c4
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_unseal.c2
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_wrap.c8
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_seal.c4
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c9
8 files changed, 24 insertions, 22 deletions
diff --git a/net/sunrpc/auth_gss/gss_generic_token.c b/net/sunrpc/auth_gss/gss_generic_token.c
index ea8c92ecdae5..d83b881685fe 100644
--- a/net/sunrpc/auth_gss/gss_generic_token.c
+++ b/net/sunrpc/auth_gss/gss_generic_token.c
@@ -148,7 +148,7 @@ int
148g_token_size(struct xdr_netobj *mech, unsigned int body_size) 148g_token_size(struct xdr_netobj *mech, unsigned int body_size)
149{ 149{
150 /* set body_size to sequence contents size */ 150 /* set body_size to sequence contents size */
151 body_size += 4 + (int) mech->len; /* NEED overflow check */ 151 body_size += 2 + (int) mech->len; /* NEED overflow check */
152 return(1 + der_length_size(body_size) + body_size); 152 return(1 + der_length_size(body_size) + body_size);
153} 153}
154 154
@@ -161,7 +161,7 @@ void
161g_make_token_header(struct xdr_netobj *mech, int body_size, unsigned char **buf) 161g_make_token_header(struct xdr_netobj *mech, int body_size, unsigned char **buf)
162{ 162{
163 *(*buf)++ = 0x60; 163 *(*buf)++ = 0x60;
164 der_write_length(buf, 4 + mech->len + body_size); 164 der_write_length(buf, 2 + mech->len + body_size);
165 *(*buf)++ = 0x06; 165 *(*buf)++ = 0x06;
166 *(*buf)++ = (unsigned char) mech->len; 166 *(*buf)++ = (unsigned char) mech->len;
167 TWRITE_STR(*buf, mech->data, ((int) mech->len)); 167 TWRITE_STR(*buf, mech->data, ((int) mech->len));
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index 0dd792338fa9..1d52308ca324 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -66,8 +66,8 @@ krb5_encrypt(
66 goto out; 66 goto out;
67 67
68 if (crypto_blkcipher_ivsize(tfm) > 16) { 68 if (crypto_blkcipher_ivsize(tfm) > 16) {
69 dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", 69 dprintk("RPC: gss_k5encrypt: tfm iv size too large %d\n",
70 crypto_blkcipher_ivsize(tfm)); 70 crypto_blkcipher_ivsize(tfm));
71 goto out; 71 goto out;
72 } 72 }
73 73
@@ -102,7 +102,7 @@ krb5_decrypt(
102 goto out; 102 goto out;
103 103
104 if (crypto_blkcipher_ivsize(tfm) > 16) { 104 if (crypto_blkcipher_ivsize(tfm) > 16) {
105 dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", 105 dprintk("RPC: gss_k5decrypt: tfm iv size too large %d\n",
106 crypto_blkcipher_ivsize(tfm)); 106 crypto_blkcipher_ivsize(tfm));
107 goto out; 107 goto out;
108 } 108 }
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c
index dedcbd6108f4..5f1d36dfbcf7 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
@@ -87,10 +87,10 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
87 87
88 now = get_seconds(); 88 now = get_seconds();
89 89
90 token->len = g_token_size(&ctx->mech_used, 22); 90 token->len = g_token_size(&ctx->mech_used, 24);
91 91
92 ptr = token->data; 92 ptr = token->data;
93 g_make_token_header(&ctx->mech_used, 22, &ptr); 93 g_make_token_header(&ctx->mech_used, 24, &ptr);
94 94
95 *ptr++ = (unsigned char) ((KG_TOK_MIC_MSG>>8)&0xff); 95 *ptr++ = (unsigned char) ((KG_TOK_MIC_MSG>>8)&0xff);
96 *ptr++ = (unsigned char) (KG_TOK_MIC_MSG&0xff); 96 *ptr++ = (unsigned char) (KG_TOK_MIC_MSG&0xff);
@@ -109,15 +109,14 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
109 md5cksum.data, md5cksum.len)) 109 md5cksum.data, md5cksum.len))
110 return GSS_S_FAILURE; 110 return GSS_S_FAILURE;
111 111
112 memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH, 112 memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - 8, 8);
113 KRB5_CKSUM_LENGTH);
114 113
115 spin_lock(&krb5_seq_lock); 114 spin_lock(&krb5_seq_lock);
116 seq_send = ctx->seq_send++; 115 seq_send = ctx->seq_send++;
117 spin_unlock(&krb5_seq_lock); 116 spin_unlock(&krb5_seq_lock);
118 117
119 if (krb5_make_seq_num(ctx->seq, ctx->initiate ? 0 : 0xff, 118 if (krb5_make_seq_num(ctx->seq, ctx->initiate ? 0 : 0xff,
120 ctx->seq_send, krb5_hdr + 16, krb5_hdr + 8)) 119 seq_send, krb5_hdr + 16, krb5_hdr + 8))
121 return GSS_S_FAILURE; 120 return GSS_S_FAILURE;
122 121
123 return (ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE; 122 return (ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE;
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
index 43f3421f1e6a..f160be6c1a46 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
@@ -43,7 +43,7 @@
43s32 43s32
44krb5_make_seq_num(struct crypto_blkcipher *key, 44krb5_make_seq_num(struct crypto_blkcipher *key,
45 int direction, 45 int direction,
46 s32 seqnum, 46 u32 seqnum,
47 unsigned char *cksum, unsigned char *buf) 47 unsigned char *cksum, unsigned char *buf)
48{ 48{
49 unsigned char plain[8]; 49 unsigned char plain[8];
@@ -65,7 +65,7 @@ s32
65krb5_get_seq_num(struct crypto_blkcipher *key, 65krb5_get_seq_num(struct crypto_blkcipher *key,
66 unsigned char *cksum, 66 unsigned char *cksum,
67 unsigned char *buf, 67 unsigned char *buf,
68 int *direction, s32 * seqnum) 68 int *direction, u32 *seqnum)
69{ 69{
70 s32 code; 70 s32 code;
71 unsigned char plain[8]; 71 unsigned char plain[8];
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index e30a993466bc..d91a5d004803 100644
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -82,7 +82,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
82 struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata}; 82 struct xdr_netobj md5cksum = {.len = 0, .data = cksumdata};
83 s32 now; 83 s32 now;
84 int direction; 84 int direction;
85 s32 seqnum; 85 u32 seqnum;
86 unsigned char *ptr = (unsigned char *)read_token->data; 86 unsigned char *ptr = (unsigned char *)read_token->data;
87 int bodysize; 87 int bodysize;
88 88
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index 3bdc527ee64a..b00b1b426301 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -137,7 +137,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
137 BUG_ON((buf->len - offset) % blocksize); 137 BUG_ON((buf->len - offset) % blocksize);
138 plainlen = blocksize + buf->len - offset; 138 plainlen = blocksize + buf->len - offset;
139 139
140 headlen = g_token_size(&kctx->mech_used, 22 + plainlen) - 140 headlen = g_token_size(&kctx->mech_used, 24 + plainlen) -
141 (buf->len - offset); 141 (buf->len - offset);
142 142
143 ptr = buf->head[0].iov_base + offset; 143 ptr = buf->head[0].iov_base + offset;
@@ -149,7 +149,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
149 buf->len += headlen; 149 buf->len += headlen;
150 BUG_ON((buf->len - offset - headlen) % blocksize); 150 BUG_ON((buf->len - offset - headlen) % blocksize);
151 151
152 g_make_token_header(&kctx->mech_used, 22 + plainlen, &ptr); 152 g_make_token_header(&kctx->mech_used, 24 + plainlen, &ptr);
153 153
154 154
155 *ptr++ = (unsigned char) ((KG_TOK_WRAP_MSG>>8)&0xff); 155 *ptr++ = (unsigned char) ((KG_TOK_WRAP_MSG>>8)&0xff);
@@ -176,9 +176,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
176 if (krb5_encrypt(kctx->seq, NULL, md5cksum.data, 176 if (krb5_encrypt(kctx->seq, NULL, md5cksum.data,
177 md5cksum.data, md5cksum.len)) 177 md5cksum.data, md5cksum.len))
178 return GSS_S_FAILURE; 178 return GSS_S_FAILURE;
179 memcpy(krb5_hdr + 16, 179 memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - 8, 8);
180 md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH,
181 KRB5_CKSUM_LENGTH);
182 180
183 spin_lock(&krb5_seq_lock); 181 spin_lock(&krb5_seq_lock);
184 seq_send = kctx->seq_send++; 182 seq_send = kctx->seq_send++;
diff --git a/net/sunrpc/auth_gss/gss_spkm3_seal.c b/net/sunrpc/auth_gss/gss_spkm3_seal.c
index abf17ce2e3b1..c832712f8d55 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_seal.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_seal.c
@@ -107,10 +107,10 @@ spkm3_make_token(struct spkm3_ctx *ctx,
107 tokenlen = 10 + ctxelen + 1 + md5elen + 1; 107 tokenlen = 10 + ctxelen + 1 + md5elen + 1;
108 108
109 /* Create token header using generic routines */ 109 /* Create token header using generic routines */
110 token->len = g_token_size(&ctx->mech_used, tokenlen); 110 token->len = g_token_size(&ctx->mech_used, tokenlen + 2);
111 111
112 ptr = token->data; 112 ptr = token->data;
113 g_make_token_header(&ctx->mech_used, tokenlen, &ptr); 113 g_make_token_header(&ctx->mech_used, tokenlen + 2, &ptr);
114 114
115 spkm3_make_mic_token(&ptr, tokenlen, &mic_hdr, &md5cksum, md5elen, md5zbit); 115 spkm3_make_mic_token(&ptr, tokenlen, &mic_hdr, &md5cksum, md5elen, md5zbit);
116 } else if (toktype == SPKM_WRAP_TOK) { /* Not Supported */ 116 } else if (toktype == SPKM_WRAP_TOK) { /* Not Supported */
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index 481f984e9a22..5905d56737d6 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -1146,7 +1146,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
1146 case RPC_GSS_SVC_INTEGRITY: 1146 case RPC_GSS_SVC_INTEGRITY:
1147 if (unwrap_integ_data(&rqstp->rq_arg, 1147 if (unwrap_integ_data(&rqstp->rq_arg,
1148 gc->gc_seq, rsci->mechctx)) 1148 gc->gc_seq, rsci->mechctx))
1149 goto auth_err; 1149 goto garbage_args;
1150 /* placeholders for length and seq. number: */ 1150 /* placeholders for length and seq. number: */
1151 svc_putnl(resv, 0); 1151 svc_putnl(resv, 0);
1152 svc_putnl(resv, 0); 1152 svc_putnl(resv, 0);
@@ -1154,7 +1154,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
1154 case RPC_GSS_SVC_PRIVACY: 1154 case RPC_GSS_SVC_PRIVACY:
1155 if (unwrap_priv_data(rqstp, &rqstp->rq_arg, 1155 if (unwrap_priv_data(rqstp, &rqstp->rq_arg,
1156 gc->gc_seq, rsci->mechctx)) 1156 gc->gc_seq, rsci->mechctx))
1157 goto auth_err; 1157 goto garbage_args;
1158 /* placeholders for length and seq. number: */ 1158 /* placeholders for length and seq. number: */
1159 svc_putnl(resv, 0); 1159 svc_putnl(resv, 0);
1160 svc_putnl(resv, 0); 1160 svc_putnl(resv, 0);
@@ -1169,6 +1169,11 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
1169 ret = SVC_OK; 1169 ret = SVC_OK;
1170 goto out; 1170 goto out;
1171 } 1171 }
1172garbage_args:
1173 /* Restore write pointer to its original value: */
1174 xdr_ressize_check(rqstp, reject_stat);
1175 ret = SVC_GARBAGE;
1176 goto out;
1172auth_err: 1177auth_err:
1173 /* Restore write pointer to its original value: */ 1178 /* Restore write pointer to its original value: */
1174 xdr_ressize_check(rqstp, reject_stat); 1179 xdr_ressize_check(rqstp, reject_stat);
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-15 20:23:33 -0500