diff options
| author |   Wei Yongjun <yjwei@cn.fujitsu.com> | 2007-05-09 02:34:54 -0700 |
|---|---|---|
| committer |   Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-05-09 12:30:54 -0700 |
| commit | c5e434c98b49f4877ea1614a629499e082b1a818 (patch) | |
| tree | 782331ad72eb4920825d3a0e9b99fef74e3d3c5f /net | |
| parent | knfsd: fix resource leak resulting in module refcount leak for rpcsec_gss_krb5.ko (diff) | |
| download | linux-dev-c5e434c98b49f4877ea1614a629499e082b1a818.tar.xz linux-dev-c5e434c98b49f4877ea1614a629499e082b1a818.zip | |
knfsd: rpcgss: RPC_GSS_PROC_ DESTROY request will get a bad rpc
If I send a RPC_GSS_PROC_DESTROY message to NFSv4 server, it will reply with a
bad rpc reply which lacks an authentication verifier. Maybe this patch is
needed.
Send/recv packets as following:
send:
RemoteProcedureCall
xid
rpcvers = 2
prog = 100003
vers = 4
proc = 0
cred = AUTH_GSS
version = 1
gss_proc = 3 (RPCSEC_GSS_DESTROY)
service = 1 (RPC_GSS_SVC_NONE)
verf = AUTH_GSS
checksum
reply:
RemoteProcedureReply
xid
msg_type
reply_stat
accepted_reply
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/sunrpc/auth_gss/svcauth_gss.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index 9c0508e5493d..099a983797da 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -1092,6 +1092,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) } goto complete; case RPC_GSS_PROC_DESTROY: + if (gss_write_verf(rqstp, rsci->mechctx, gc->gc_seq)) + goto auth_err; set_bit(CACHE_NEGATIVE, &rsci->h.flags); if (resv->iov_len + 4 > PAGE_SIZE) goto drop; |