diff options
author | J. Bruce Fields <bfields@fieldses.org> | 2006-12-05 02:22:41 +0100 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2006-12-06 16:46:47 +0100 |
commit | 717757ad1038ab6aacb89bad579c89b006efd913 (patch) | |
tree | 19b93c59420a5195d36c333845af9fde4b2b5c7c | |
parent | rpcgss: krb5: sanity check sealalg value in the downcall (diff) | |
download | linux-717757ad1038ab6aacb89bad579c89b006efd913.tar.xz linux-717757ad1038ab6aacb89bad579c89b006efd913.zip |
rpcgss: krb5: ignore seed
We're currently not actually using seed or seed_init.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
-rw-r--r-- | include/linux/sunrpc/gss_krb5.h | 2 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_mech.c | 11 |
2 files changed, 6 insertions, 7 deletions
diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h index 01c5e4314632..5a4b1e0206e3 100644 --- a/include/linux/sunrpc/gss_krb5.h +++ b/include/linux/sunrpc/gss_krb5.h @@ -42,8 +42,6 @@ struct krb5_ctx { int initiate; /* 1 = initiating, 0 = accepting */ - int seed_init; - unsigned char seed[16]; struct crypto_blkcipher *enc; struct crypto_blkcipher *seq; s32 endtime; diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index bf5435db8785..05d4bee86fc0 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c @@ -137,12 +137,13 @@ gss_import_sec_context_kerberos(const void *p, p = simple_get_bytes(p, end, &ctx->initiate, sizeof(ctx->initiate)); if (IS_ERR(p)) goto out_err_free_ctx; - p = simple_get_bytes(p, end, &ctx->seed_init, sizeof(ctx->seed_init)); - if (IS_ERR(p)) - goto out_err_free_ctx; - p = simple_get_bytes(p, end, ctx->seed, sizeof(ctx->seed)); - if (IS_ERR(p)) + /* The downcall format was designed before we completely understood + * the uses of the context fields; so it includes some stuff we + * just give some minimal sanity-checking, and some we ignore + * completely (like the next twenty bytes): */ + if (unlikely(p + 20 > end || p + 20 < p)) goto out_err_free_ctx; + p += 20; p = simple_get_bytes(p, end, &tmp, sizeof(tmp)); if (IS_ERR(p)) goto out_err_free_ctx; |