mirror of
https://github.com/torvalds/linux.git
synced 2024-12-02 09:01:34 +00:00
a7e429a6fa
When the au_ralign field was added to gss_unwrap_resp_priv, the
wrong calculation was used. Setting au_rslack == au_ralign is
probably correct for kerberos_v1 privacy, but kerberos_v2 privacy
adds additional GSS data after the clear text RPC message.
au_ralign needs to be smaller than au_rslack in that fairly common
case.
When xdr_buf_trim() is restored to gss_unwrap_kerberos_v2(), it does
exactly what I feared it would: it trims off part of the clear text
RPC message. However, that's because rpc_prepare_reply_pages() does
not set up the rq_rcv_buf's tail correctly because au_ralign is too
large.
Fixing the au_ralign computation also corrects the alignment of
rq_rcv_buf->pages so that the client does not have to shift reply
data payloads after they are received.
Fixes:
|
||
|---|---|---|
| .. | ||
| auth_gss.c | ||
| gss_generic_token.c | ||
| gss_krb5_crypto.c | ||
| gss_krb5_keys.c | ||
| gss_krb5_mech.c | ||
| gss_krb5_seal.c | ||
| gss_krb5_seqnum.c | ||
| gss_krb5_unseal.c | ||
| gss_krb5_wrap.c | ||
| gss_mech_switch.c | ||
| gss_rpc_upcall.c | ||
| gss_rpc_upcall.h | ||
| gss_rpc_xdr.c | ||
| gss_rpc_xdr.h | ||
| Makefile | ||
| svcauth_gss.c | ||
| trace.c | ||