If I send a RPC_GSS_PROC_DESTROY message to NFSv4 server, I will reply
us a bad rpc reply which without an authentication verifier in it.
Maybe this patch is needed.
Send/recv packets as following:
send:
RemoteProcedureCall
xid
rpcvers = 2
prog = 100003
vers = 4
proc = 0
cred = AUTH_GSS
version = 1
gss_proc = 3 (RPCSEC_GSS_DESTROY)
service = 1 (RPC_GSS_SVC_NONE)
verf = AUTH_GSS
checksum
reply:
RemoteProcedureReply
xid
msg_type
reply_stat
accepted_reply
Signed-off-by: Wei Yongjun <[email protected]>
--- net/sunrpc/auth_gss/svcauth_gss.c.orig 2007-04-09 08:17:55.000000000 -0400
+++ net/sunrpc/auth_gss/svcauth_gss.c 2007-04-09 08:18:37.000000000 -0400
@@ -1088,6 +1088,8 @@ svcauth_gss_accept(struct svc_rqst *rqst
}
goto complete;
case RPC_GSS_PROC_DESTROY:
+ if (gss_write_verf(rqstp, rsci->mechctx, gc->gc_seq))
+ goto auth_err;
set_bit(CACHE_NEGATIVE, &rsci->h.flags);
if (resv->iov_len + 4 > PAGE_SIZE)
goto drop;
Does anyone think this is a BUG of kernel RPCGSS? Although this seems
not be used yet.
> If I send a RPC_GSS_PROC_DESTROY message to NFSv4 server, I will reply
> us a bad rpc reply which without an authentication verifier in it.
> Maybe this patch is needed.
>
> Send/recv packets as following:
>
> send:
>
> RemoteProcedureCall
> xid
> rpcvers = 2
> prog = 100003
> vers = 4
> proc = 0
> cred = AUTH_GSS
> version = 1
> gss_proc = 3 (RPCSEC_GSS_DESTROY)
> service = 1 (RPC_GSS_SVC_NONE)
> verf = AUTH_GSS
> checksum
>
> reply:
>
> RemoteProcedureReply
> xid
> msg_type
> reply_stat
> accepted_reply
>
> Signed-off-by: Wei Yongjun <[email protected]>
>
> --- net/sunrpc/auth_gss/svcauth_gss.c.orig 2007-04-09 08:17:55.000000000 -0400
> +++ net/sunrpc/auth_gss/svcauth_gss.c 2007-04-09 08:18:37.000000000 -0400
> @@ -1088,6 +1088,8 @@ svcauth_gss_accept(struct svc_rqst *rqst
> }
> goto complete;
> case RPC_GSS_PROC_DESTROY:
> + if (gss_write_verf(rqstp, rsci->mechctx, gc->gc_seq))
> + goto auth_err;
> set_bit(CACHE_NEGATIVE, &rsci->h.flags);
> if (resv->iov_len + 4 > PAGE_SIZE)
> goto drop;
>
--
A new email address of FJWAN is launched from Apr.1 2007.
The updated address is: [email protected]
--------------------------------------------------
Wei Yongjun
Development Dept.I
Nanjing Fujitsu Nanda Software Tech. Co., Ltd.(FNST)
8/F., Civil Defense Building, No.189 Guangzhou Road,
Nanjing, 210029, China
TEL: +86+25-86630523-858
COINS: 79955-858
FAX: +86+25-83317685
MAIL: [email protected]
--------------------------------------------------
On Tue, Apr 17, 2007 at 04:04:32PM +0800, Wei Yongjun wrote:
> Does anyone think this is a BUG of kernel RPCGSS? Although this seems
> not be used yet.
Apologies for not responding to the earlier mail; yes, I agree that this
patch is needed; thanks! Applied.--b.