diff options
author | Kevin Coffman <kwc@citi.umich.edu> | 2006-01-18 20:43:25 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-01-18 22:20:25 -0500 |
commit | 91a4762e0ab0880fa00e8f0b7a052e4929d867a6 (patch) | |
tree | 994b9183eddb0b5c2e14d43c522a16528a297dd6 /net/sunrpc/auth_gss | |
parent | 822f1005ae1f3a4a8b136f38a6933d3f719f4c4a (diff) |
[PATCH] svcrpc: gss: server context init failure handling
We require the server's gssd to create a completed context before asking the
kernel to send a final context init reply. However, gssd could be buggy, or
under some bizarre circumstances we might purge the context from our cache
before we get the chance to use it here.
Handle this case by returning GSS_S_NO_CONTEXT to the client.
Also move the relevant code here to a separate function rather than nesting
excessively.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r-- | net/sunrpc/auth_gss/svcauth_gss.c | 29 |
1 files changed, 17 insertions, 12 deletions
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index d2ccc7e8faab..fdad66dc9a9f 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c | |||
@@ -755,6 +755,21 @@ svcauth_gss_set_client(struct svc_rqst *rqstp) | |||
755 | return SVC_OK; | 755 | return SVC_OK; |
756 | } | 756 | } |
757 | 757 | ||
758 | static inline int | ||
759 | gss_write_init_verf(struct svc_rqst *rqstp, struct rsi *rsip) | ||
760 | { | ||
761 | struct rsc *rsci; | ||
762 | |||
763 | if (rsip->major_status != GSS_S_COMPLETE) | ||
764 | return gss_write_null_verf(rqstp); | ||
765 | rsci = gss_svc_searchbyctx(&rsip->out_handle); | ||
766 | if (rsci == NULL) { | ||
767 | rsip->major_status = GSS_S_NO_CONTEXT; | ||
768 | return gss_write_null_verf(rqstp); | ||
769 | } | ||
770 | return gss_write_verf(rqstp, rsci->mechctx, GSS_SEQ_WIN); | ||
771 | } | ||
772 | |||
758 | /* | 773 | /* |
759 | * Accept an rpcsec packet. | 774 | * Accept an rpcsec packet. |
760 | * If context establishment, punt to user space | 775 | * If context establishment, punt to user space |
@@ -890,18 +905,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp) | |||
890 | case -ENOENT: | 905 | case -ENOENT: |
891 | goto drop; | 906 | goto drop; |
892 | case 0: | 907 | case 0: |
893 | if (rsip->major_status == GSS_S_COMPLETE) { | 908 | if (gss_write_init_verf(rqstp, rsip)) |
894 | rsci = gss_svc_searchbyctx(&rsip->out_handle); | 909 | goto drop; |
895 | if (!rsci) { | ||
896 | goto drop; | ||
897 | } | ||
898 | if (gss_write_verf(rqstp, rsci->mechctx, | ||
899 | GSS_SEQ_WIN)) | ||
900 | goto drop; | ||
901 | } else { | ||
902 | if (gss_write_null_verf(rqstp)) | ||
903 | goto drop; | ||
904 | } | ||
905 | if (resv->iov_len + 4 > PAGE_SIZE) | 910 | if (resv->iov_len + 4 > PAGE_SIZE) |
906 | goto drop; | 911 | goto drop; |
907 | svc_putu32(resv, rpc_success); | 912 | svc_putu32(resv, rpc_success); |