aboutsummaryrefslogtreecommitdiff
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
authorKevin Coffman <kwc@citi.umich.edu>2007-11-09 18:42:09 -0500
committerTrond Myklebust <Trond.Myklebust@netapp.com>2007-11-17 13:08:46 -0500
commitef338bee3f4f509e82066e100f76fecbbbbc4cca (patch)
tree833662511977c31a81374ee1627be950d59fafd2 /net/sunrpc/auth_gss
parentffc40f569272b6be60c66441aeae79a686ff54d9 (diff)
sunrpc: return error if unsupported enctype or cksumtype is encountered
Return an error from gss_import_sec_context_kerberos if the negotiated context contains encryption or checksum types not supported by the kernel code. This fixes an Oops because success was assumed and later code found no internal_ctx_id. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_mech.c8
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seal.c1
2 files changed, 7 insertions, 2 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 9843eacef11..60c3dba545d 100644
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -147,13 +147,17 @@ gss_import_sec_context_kerberos(const void *p,
p = simple_get_bytes(p, end, &tmp, sizeof(tmp));
if (IS_ERR(p))
goto out_err_free_ctx;
- if (tmp != SGN_ALG_DES_MAC_MD5)
+ if (tmp != SGN_ALG_DES_MAC_MD5) {
+ p = ERR_PTR(-ENOSYS);
goto out_err_free_ctx;
+ }
p = simple_get_bytes(p, end, &tmp, sizeof(tmp));
if (IS_ERR(p))
goto out_err_free_ctx;
- if (tmp != SEAL_ALG_DES)
+ if (tmp != SEAL_ALG_DES) {
+ p = ERR_PTR(-ENOSYS);
goto out_err_free_ctx;
+ }
p = simple_get_bytes(p, end, &ctx->endtime, sizeof(ctx->endtime));
if (IS_ERR(p))
goto out_err_free_ctx;
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c
index 1c6eda5077c..dedcbd6108f 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
@@ -83,6 +83,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
u32 seq_send;
dprintk("RPC: gss_krb5_seal\n");
+ BUG_ON(ctx == NULL);
now = get_seconds();