diff options
author | Kevin Coffman <kwc@citi.umich.edu> | 2007-11-09 18:42:09 -0500 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2007-11-17 13:08:46 -0500 |
commit | ef338bee3f4f509e82066e100f76fecbbbbc4cca (patch) | |
tree | 833662511977c31a81374ee1627be950d59fafd2 /net | |
parent | ffc40f569272b6be60c66441aeae79a686ff54d9 (diff) |
sunrpc: return error if unsupported enctype or cksumtype is encountered
Return an error from gss_import_sec_context_kerberos if the
negotiated context contains encryption or checksum types not
supported by the kernel code.
This fixes an Oops because success was assumed and later code found
no internal_ctx_id.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net')
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_mech.c | 8 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_seal.c | 1 |
2 files changed, 7 insertions, 2 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index 9843eacef11d..60c3dba545d7 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c | |||
@@ -147,13 +147,17 @@ gss_import_sec_context_kerberos(const void *p, | |||
147 | p = simple_get_bytes(p, end, &tmp, sizeof(tmp)); | 147 | p = simple_get_bytes(p, end, &tmp, sizeof(tmp)); |
148 | if (IS_ERR(p)) | 148 | if (IS_ERR(p)) |
149 | goto out_err_free_ctx; | 149 | goto out_err_free_ctx; |
150 | if (tmp != SGN_ALG_DES_MAC_MD5) | 150 | if (tmp != SGN_ALG_DES_MAC_MD5) { |
151 | p = ERR_PTR(-ENOSYS); | ||
151 | goto out_err_free_ctx; | 152 | goto out_err_free_ctx; |
153 | } | ||
152 | p = simple_get_bytes(p, end, &tmp, sizeof(tmp)); | 154 | p = simple_get_bytes(p, end, &tmp, sizeof(tmp)); |
153 | if (IS_ERR(p)) | 155 | if (IS_ERR(p)) |
154 | goto out_err_free_ctx; | 156 | goto out_err_free_ctx; |
155 | if (tmp != SEAL_ALG_DES) | 157 | if (tmp != SEAL_ALG_DES) { |
158 | p = ERR_PTR(-ENOSYS); | ||
156 | goto out_err_free_ctx; | 159 | goto out_err_free_ctx; |
160 | } | ||
157 | p = simple_get_bytes(p, end, &ctx->endtime, sizeof(ctx->endtime)); | 161 | p = simple_get_bytes(p, end, &ctx->endtime, sizeof(ctx->endtime)); |
158 | if (IS_ERR(p)) | 162 | if (IS_ERR(p)) |
159 | goto out_err_free_ctx; | 163 | goto out_err_free_ctx; |
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c index 1c6eda5077c1..dedcbd6108f4 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seal.c +++ b/net/sunrpc/auth_gss/gss_krb5_seal.c | |||
@@ -83,6 +83,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text, | |||
83 | u32 seq_send; | 83 | u32 seq_send; |
84 | 84 | ||
85 | dprintk("RPC: gss_krb5_seal\n"); | 85 | dprintk("RPC: gss_krb5_seal\n"); |
86 | BUG_ON(ctx == NULL); | ||
86 | 87 | ||
87 | now = get_seconds(); | 88 | now = get_seconds(); |
88 | 89 | ||