tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

sunrpc: fix handling of unknown auth status codes

In the case of an unknown error code from svc_authenticate or
pg_authenticate, return AUTH_ERROR with a status of AUTH_FAILED. Also
add the other auth_stat value from RFC 5531, and document all the status
codes.

Signed-off-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

authored by

Jeff Layton and committed by
Chuck Lever d49afc90 03963793

+14 -9
+10 -8
include/linux/sunrpc/msg_prot.h
··· 69 69 }; 70 70 71 71 enum rpc_auth_stat { 72 - RPC_AUTH_OK = 0, 73 - RPC_AUTH_BADCRED = 1, 74 - RPC_AUTH_REJECTEDCRED = 2, 75 - RPC_AUTH_BADVERF = 3, 76 - RPC_AUTH_REJECTEDVERF = 4, 77 - RPC_AUTH_TOOWEAK = 5, 72 + RPC_AUTH_OK = 0, /* success */ 73 + RPC_AUTH_BADCRED = 1, /* bad credential (seal broken) */ 74 + RPC_AUTH_REJECTEDCRED = 2, /* client must begin new session */ 75 + RPC_AUTH_BADVERF = 3, /* bad verifier (seal broken) */ 76 + RPC_AUTH_REJECTEDVERF = 4, /* verifier expired or replayed */ 77 + RPC_AUTH_TOOWEAK = 5, /* rejected for security reasons */ 78 + RPC_AUTH_INVALIDRESP = 6, /* bogus response verifier */ 79 + RPC_AUTH_FAILED = 7, /* reason unknown */ 78 80 /* RPCSEC_GSS errors */ 79 - RPCSEC_GSS_CREDPROBLEM = 13, 80 - RPCSEC_GSS_CTXPROBLEM = 14 81 + RPCSEC_GSS_CREDPROBLEM = 13, /* no credentials for user */ 82 + RPCSEC_GSS_CTXPROBLEM = 14 /* problem with context */ 81 83 }; 82 84 83 85 #define RPC_MAXNETNAMELEN 256
+2
include/linux/sunrpc/xdr.h
··· 119 119 #define rpc_autherr_badverf cpu_to_be32(RPC_AUTH_BADVERF) 120 120 #define rpc_autherr_rejectedverf cpu_to_be32(RPC_AUTH_REJECTEDVERF) 121 121 #define rpc_autherr_tooweak cpu_to_be32(RPC_AUTH_TOOWEAK) 122 + #define rpc_autherr_invalidresp cpu_to_be32(RPC_AUTH_INVALIDRESP) 123 + #define rpc_autherr_failed cpu_to_be32(RPC_AUTH_FAILED) 122 124 #define rpcsec_gsserr_credproblem cpu_to_be32(RPCSEC_GSS_CREDPROBLEM) 123 125 #define rpcsec_gsserr_ctxproblem cpu_to_be32(RPCSEC_GSS_CTXPROBLEM) 124 126
+2 -1
net/sunrpc/svc.c
··· 1387 1387 goto sendit; 1388 1388 default: 1389 1389 pr_warn_once("Unexpected svc_auth_status (%d)\n", auth_res); 1390 - goto err_system_err; 1390 + rqstp->rq_auth_stat = rpc_autherr_failed; 1391 + goto err_bad_auth; 1391 1392 } 1392 1393 1393 1394 if (progp == NULL)