gss_krb5: document that we ignore sequence number A couple times recently somebody has noticed that we're ignoring a sequence number here and wondered whether there's a bug. In fact, there's not. Thanks to Andy Adamson for pointing out a useful explanation in rfc 2203. Add comments citing that rfc, and remove "seqnum" to prevent static checkers complaining about unused variables. Reported-by: Andi Kleen <andi@firstfloor.org> Signed-off-by: J. Bruce Fields <bfields@redhat.com>

commit: 5d6baef9ab52d0d02b3106d8ccd1b05ec628e027 [log] [tgz]
author: J. Bruce Fields <bfields@redhat.com> Wed Oct 09 15:59:29 2013 -0400
committer: J. Bruce Fields <bfields@redhat.com> Thu Oct 10 11:04:48 2013 -0400
tree: e983e2d40f2e1db8aaa04902d26208eb259a79d6
parent: b26ec9b11b309acd9f6bb15fcc9bb396091384e8 [diff] [blame]
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index 1da52d1..5040a46 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c

@@ -489,7 +489,6 @@
 gss_unwrap_kerberos_v2(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf)
 {
 	s32		now;
-	u64		seqnum;
 	u8		*ptr;
 	u8		flags = 0x00;
 	u16		ec, rrc;
@@ -525,7 +524,10 @@
 	ec = be16_to_cpup((__be16 *)(ptr + 4));
 	rrc = be16_to_cpup((__be16 *)(ptr + 6));
 
-	seqnum = be64_to_cpup((__be64 *)(ptr + 8));
+	/*
+	 * NOTE: the sequence number at ptr + 8 is skipped, rpcsec_gss
+	 * doesn't want it checked; see page 6 of rfc 2203.
+	 */
 
 	if (rrc != 0)
 		rotate_left(offset + 16, buf, rrc);
commit	5d6baef9ab52d0d02b3106d8ccd1b05ec628e027	[log] [tgz]
author	J. Bruce Fields <bfields@redhat.com>	Wed Oct 09 15:59:29 2013 -0400
committer	J. Bruce Fields <bfields@redhat.com>	Thu Oct 10 11:04:48 2013 -0400
tree	e983e2d40f2e1db8aaa04902d26208eb259a79d6
parent	b26ec9b11b309acd9f6bb15fcc9bb396091384e8 [diff] [blame]