2006-01-13 01:01:06

by NeilBrown

[permalink] [raw]
Subject: [PATCH kNFSd 011 of 26] svcrpc: gss: server context init failure handling


We require the server's gssd to create a completed context before asking the
kernel to send a final context init reply. However, gssd could be buggy, or
under some bizarre circumstances we might purge the context from our cache
before we get the chance to use it here.

Handle this case by returning GSS_S_NO_CONTEXT to the client.

Also move the relevant code here to a separate function rather than nesting
excessively.

>From Kevin Coffman <[email protected]>

Signed-off-by: J. Bruce Fields <[email protected]>
Signed-off-by: Neil Brown <[email protected]>

### Diffstat output
./net/sunrpc/auth_gss/svcauth_gss.c | 29 +++++++++++++++++------------
1 file changed, 17 insertions(+), 12 deletions(-)

diff ./net/sunrpc/auth_gss/svcauth_gss.c~current~ ./net/sunrpc/auth_gss/svcauth_gss.c
--- ./net/sunrpc/auth_gss/svcauth_gss.c~current~ 2006-01-13 11:51:06.000000000 +1100
+++ ./net/sunrpc/auth_gss/svcauth_gss.c 2006-01-13 11:51:06.000000000 +1100
@@ -755,6 +755,21 @@ svcauth_gss_set_client(struct svc_rqst *
return SVC_OK;
}

+static inline int
+gss_write_init_verf(struct svc_rqst *rqstp, struct rsi *rsip)
+{
+ struct rsc *rsci;
+
+ if (rsip->major_status != GSS_S_COMPLETE)
+ return gss_write_null_verf(rqstp);
+ rsci = gss_svc_searchbyctx(&rsip->out_handle);
+ if (rsci == NULL) {
+ rsip->major_status = GSS_S_NO_CONTEXT;
+ return gss_write_null_verf(rqstp);
+ }
+ return gss_write_verf(rqstp, rsci->mechctx, GSS_SEQ_WIN);
+}
+
/*
* Accept an rpcsec packet.
* If context establishment, punt to user space
@@ -890,18 +905,8 @@ svcauth_gss_accept(struct svc_rqst *rqst
case -ENOENT:
goto drop;
case 0:
- if (rsip->major_status == GSS_S_COMPLETE) {
- rsci = gss_svc_searchbyctx(&rsip->out_handle);
- if (!rsci) {
- goto drop;
- }
- if (gss_write_verf(rqstp, rsci->mechctx,
- GSS_SEQ_WIN))
- goto drop;
- } else {
- if (gss_write_null_verf(rqstp))
- goto drop;
- }
+ if (gss_write_init_verf(rqstp, rsip))
+ goto drop;
if (resv->iov_len + 4 > PAGE_SIZE)
goto drop;
svc_putu32(resv, rpc_success);


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs