aboutsummaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
authorKevin Coffman <kwc@citi.umich.edu>2006-01-18 20:43:25 -0500
committerLinus Torvalds <torvalds@g5.osdl.org>2006-01-18 22:20:25 -0500
commit91a4762e0ab0880fa00e8f0b7a052e4929d867a6 (patch)
tree994b9183eddb0b5c2e14d43c522a16528a297dd6 /net/sunrpc/auth_gss
parent822f1005ae1f3a4a8b136f38a6933d3f719f4c4a (diff)
[PATCH] svcrpc: gss: server context init failure handling
We require the server's gssd to create a completed context before asking the kernel to send a final context init reply. However, gssd could be buggy, or under some bizarre circumstances we might purge the context from our cache before we get the chance to use it here. Handle this case by returning GSS_S_NO_CONTEXT to the client. Also move the relevant code here to a separate function rather than nesting excessively. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c29
1 files changed, 17 insertions, 12 deletions
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index d2ccc7e8faab..fdad66dc9a9f 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -755,6 +755,21 @@ svcauth_gss_set_client(struct svc_rqst *rqstp)
755 return SVC_OK; 755 return SVC_OK;
756} 756}
757 757
758static inline int
759gss_write_init_verf(struct svc_rqst *rqstp, struct rsi *rsip)
760{
761 struct rsc *rsci;
762
763 if (rsip->major_status != GSS_S_COMPLETE)
764 return gss_write_null_verf(rqstp);
765 rsci = gss_svc_searchbyctx(&rsip->out_handle);
766 if (rsci == NULL) {
767 rsip->major_status = GSS_S_NO_CONTEXT;
768 return gss_write_null_verf(rqstp);
769 }
770 return gss_write_verf(rqstp, rsci->mechctx, GSS_SEQ_WIN);
771}
772
758/* 773/*
759 * Accept an rpcsec packet. 774 * Accept an rpcsec packet.
760 * If context establishment, punt to user space 775 * If context establishment, punt to user space
@@ -890,18 +905,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp)
890 case -ENOENT: 905 case -ENOENT:
891 goto drop; 906 goto drop;
892 case 0: 907 case 0:
893 if (rsip->major_status == GSS_S_COMPLETE) { 908 if (gss_write_init_verf(rqstp, rsip))
894 rsci = gss_svc_searchbyctx(&rsip->out_handle); 909 goto drop;
895 if (!rsci) {
896 goto drop;
897 }
898 if (gss_write_verf(rqstp, rsci->mechctx,
899 GSS_SEQ_WIN))
900 goto drop;
901 } else {
902 if (gss_write_null_verf(rqstp))
903 goto drop;
904 }
905 if (resv->iov_len + 4 > PAGE_SIZE) 910 if (resv->iov_len + 4 > PAGE_SIZE)
906 goto drop; 911 goto drop;
907 svc_putu32(resv, rpc_success); 912 svc_putu32(resv, rpc_success);