[PATCH] svcrpc: gss: server context init failure handling
We require the server's gssd to create a completed context before asking the
kernel to send a final context init reply. However, gssd could be buggy, or
under some bizarre circumstances we might purge the context from our cache
before we get the chance to use it here.
Handle this case by returning GSS_S_NO_CONTEXT to the client.
Also move the relevant code here to a separate function rather than nesting
excessively.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index d2ccc7e..fdad66d 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -755,6 +755,21 @@
return SVC_OK;
}
+static inline int
+gss_write_init_verf(struct svc_rqst *rqstp, struct rsi *rsip)
+{
+ struct rsc *rsci;
+
+ if (rsip->major_status != GSS_S_COMPLETE)
+ return gss_write_null_verf(rqstp);
+ rsci = gss_svc_searchbyctx(&rsip->out_handle);
+ if (rsci == NULL) {
+ rsip->major_status = GSS_S_NO_CONTEXT;
+ return gss_write_null_verf(rqstp);
+ }
+ return gss_write_verf(rqstp, rsci->mechctx, GSS_SEQ_WIN);
+}
+
/*
* Accept an rpcsec packet.
* If context establishment, punt to user space
@@ -890,18 +905,8 @@
case -ENOENT:
goto drop;
case 0:
- if (rsip->major_status == GSS_S_COMPLETE) {
- rsci = gss_svc_searchbyctx(&rsip->out_handle);
- if (!rsci) {
- goto drop;
- }
- if (gss_write_verf(rqstp, rsci->mechctx,
- GSS_SEQ_WIN))
- goto drop;
- } else {
- if (gss_write_null_verf(rqstp))
- goto drop;
- }
+ if (gss_write_init_verf(rqstp, rsip))
+ goto drop;
if (resv->iov_len + 4 > PAGE_SIZE)
goto drop;
svc_putu32(resv, rpc_success);