diff options
author | Chuck Lever <chuck.lever@oracle.com> | 2023-01-02 18:06:15 +0100 |
---|---|---|
committer | Chuck Lever <chuck.lever@oracle.com> | 2023-02-20 15:20:11 +0100 |
commit | 20ebe927ede7ad8f89c7826bea04264310fd3fff (patch) | |
tree | 4b28ae7a488ed1d6226a03a96667584dc6dc26da /net | |
parent | SUNRPC: Move the server-side GSS upcall to a noinline function (diff) | |
download | linux-20ebe927ede7ad8f89c7826bea04264310fd3fff.tar.xz linux-20ebe927ede7ad8f89c7826bea04264310fd3fff.zip |
SUNRPC: Hoist common verifier decoding code into svcauth_gss_proc_init()
Pre-requisite to replacing gss_read_common_verf().
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Diffstat (limited to 'net')
-rw-r--r-- | net/sunrpc/auth_gss/svcauth_gss.c | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index d320ccb17a5b..1bd9bbf2b11b 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c @@ -1095,18 +1095,6 @@ gss_read_common_verf(struct rpc_gss_wire_cred *gc, struct kvec *argv, __be32 *authp, struct xdr_netobj *in_handle) { - /* Read the verifier; should be NULL: */ - *authp = rpc_autherr_badverf; - if (argv->iov_len < 2 * 4) - return SVC_DENIED; - if (svc_getnl(argv) != RPC_AUTH_NULL) - return SVC_DENIED; - if (svc_getnl(argv) != 0) - return SVC_DENIED; - /* Martial context handle and token for upcall: */ - *authp = rpc_autherr_badcred; - if (gc->gc_proc == RPC_GSS_PROC_INIT && gc->gc_ctx.len != 0) - return SVC_DENIED; if (dup_netobj(in_handle, &gc->gc_ctx)) return SVC_CLOSE; *authp = rpc_autherr_badverf; @@ -1447,6 +1435,20 @@ static bool use_gss_proxy(struct net *net) static noinline_for_stack int svcauth_gss_proc_init(struct svc_rqst *rqstp, struct rpc_gss_wire_cred *gc) { + struct kvec *argv = rqstp->rq_arg.head; + + if (argv->iov_len < 2 * 4) + return SVC_DENIED; + if (svc_getnl(argv) != RPC_AUTH_NULL) + return SVC_DENIED; + if (svc_getnl(argv) != 0) + return SVC_DENIED; + + if (gc->gc_proc == RPC_GSS_PROC_INIT && gc->gc_ctx.len != 0) { + rqstp->rq_auth_stat = rpc_autherr_badcred; + return SVC_DENIED; + } + if (!use_gss_proxy(SVC_NET(rqstp))) return svcauth_gss_legacy_init(rqstp, gc); return svcauth_gss_proxy_init(rqstp, gc); |