mirror of
https://github.com/adulau/aha.git
synced 2024-12-28 19:56:18 +00:00
sunrpc: GSS integrity and decryption failures should return GARBAGE_ARGS
In function svcauth_gss_accept() (net/sunrpc/auth_gss/svcauth_gss.c) the code that handles GSS integrity and decryption failures should be returning GARBAGE_ARGS as specified in RFC 2203, sections 5.3.3.4.2 and 5.3.3.4.3. Reviewed-by: Greg Banks <gnb@sgi.com> Signed-off-by: Harshula Jayasuriya <harshula@sgi.com> Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
This commit is contained in:
parent
93245d11fc
commit
dd35210e1e
2 changed files with 8 additions and 4 deletions
|
@ -1146,7 +1146,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
|
|||
case RPC_GSS_SVC_INTEGRITY:
|
||||
if (unwrap_integ_data(&rqstp->rq_arg,
|
||||
gc->gc_seq, rsci->mechctx))
|
||||
goto auth_err;
|
||||
goto garbage_args;
|
||||
/* placeholders for length and seq. number: */
|
||||
svc_putnl(resv, 0);
|
||||
svc_putnl(resv, 0);
|
||||
|
@ -1154,7 +1154,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
|
|||
case RPC_GSS_SVC_PRIVACY:
|
||||
if (unwrap_priv_data(rqstp, &rqstp->rq_arg,
|
||||
gc->gc_seq, rsci->mechctx))
|
||||
goto auth_err;
|
||||
goto garbage_args;
|
||||
/* placeholders for length and seq. number: */
|
||||
svc_putnl(resv, 0);
|
||||
svc_putnl(resv, 0);
|
||||
|
@ -1169,6 +1169,11 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
|
|||
ret = SVC_OK;
|
||||
goto out;
|
||||
}
|
||||
garbage_args:
|
||||
/* Restore write pointer to its original value: */
|
||||
xdr_ressize_check(rqstp, reject_stat);
|
||||
ret = SVC_GARBAGE;
|
||||
goto out;
|
||||
auth_err:
|
||||
/* Restore write pointer to its original value: */
|
||||
xdr_ressize_check(rqstp, reject_stat);
|
||||
|
|
|
@ -921,8 +921,7 @@ svc_process(struct svc_rqst *rqstp)
|
|||
case SVC_OK:
|
||||
break;
|
||||
case SVC_GARBAGE:
|
||||
rpc_stat = rpc_garbage_args;
|
||||
goto err_bad;
|
||||
goto err_garbage;
|
||||
case SVC_SYSERR:
|
||||
rpc_stat = rpc_system_err;
|
||||
goto err_bad;
|
||||
|
|
Loading…
Reference in a new issue