summaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
authorKevin Coffman <kwc@citi.umich.edu>2006-01-19 02:43:25 +0100
committerLinus Torvalds <torvalds@g5.osdl.org>2006-01-19 04:20:25 +0100
commit91a4762e0ab0880fa00e8f0b7a052e4929d867a6 (patch)
tree994b9183eddb0b5c2e14d43c522a16528a297dd6 /net/sunrpc/auth_gss
parent[PATCH] svcrpc: gss: handle the GSS_S_CONTINUE (diff)
downloadlinux-91a4762e0ab0880fa00e8f0b7a052e4929d867a6.tar.xz
linux-91a4762e0ab0880fa00e8f0b7a052e4929d867a6.zip
[PATCH] svcrpc: gss: server context init failure handling
We require the server's gssd to create a completed context before asking the kernel to send a final context init reply. However, gssd could be buggy, or under some bizarre circumstances we might purge the context from our cache before we get the chance to use it here. Handle this case by returning GSS_S_NO_CONTEXT to the client. Also move the relevant code here to a separate function rather than nesting excessively. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c29
1 files changed, 17 insertions, 12 deletions
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index d2ccc7e8faab..fdad66dc9a9f 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -755,6 +755,21 @@ svcauth_gss_set_client(struct svc_rqst *rqstp)
return SVC_OK;
}
+static inline int
+gss_write_init_verf(struct svc_rqst *rqstp, struct rsi *rsip)
+{
+ struct rsc *rsci;
+
+ if (rsip->major_status != GSS_S_COMPLETE)
+ return gss_write_null_verf(rqstp);
+ rsci = gss_svc_searchbyctx(&rsip->out_handle);
+ if (rsci == NULL) {
+ rsip->major_status = GSS_S_NO_CONTEXT;
+ return gss_write_null_verf(rqstp);
+ }
+ return gss_write_verf(rqstp, rsci->mechctx, GSS_SEQ_WIN);
+}
+
/*
* Accept an rpcsec packet.
* If context establishment, punt to user space
@@ -890,18 +905,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp)
case -ENOENT:
goto drop;
case 0:
- if (rsip->major_status == GSS_S_COMPLETE) {
- rsci = gss_svc_searchbyctx(&rsip->out_handle);
- if (!rsci) {
- goto drop;
- }
- if (gss_write_verf(rqstp, rsci->mechctx,
- GSS_SEQ_WIN))
- goto drop;
- } else {
- if (gss_write_null_verf(rqstp))
- goto drop;
- }
+ if (gss_write_init_verf(rqstp, rsip))
+ goto drop;
if (resv->iov_len + 4 > PAGE_SIZE)
goto drop;
svc_putu32(resv, rpc_success);