From ef338bee3f4f509e82066e100f76fecbbbbc4cca Mon Sep 17 00:00:00 2001 From: Kevin Coffman Date: Fri, 9 Nov 2007 18:42:09 -0500 Subject: sunrpc: return error if unsupported enctype or cksumtype is encountered Return an error from gss_import_sec_context_kerberos if the negotiated context contains encryption or checksum types not supported by the kernel code. This fixes an Oops because success was assumed and later code found no internal_ctx_id. Signed-off-by: Kevin Coffman Signed-off-by: Trond Myklebust --- net/sunrpc/auth_gss/gss_krb5_mech.c | 8 ++++++-- net/sunrpc/auth_gss/gss_krb5_seal.c | 1 + 2 files changed, 7 insertions(+), 2 deletions(-) (limited to 'net') diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index 9843eac..60c3dba 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c @@ -147,13 +147,17 @@ gss_import_sec_context_kerberos(const void *p, p = simple_get_bytes(p, end, &tmp, sizeof(tmp)); if (IS_ERR(p)) goto out_err_free_ctx; - if (tmp != SGN_ALG_DES_MAC_MD5) + if (tmp != SGN_ALG_DES_MAC_MD5) { + p = ERR_PTR(-ENOSYS); goto out_err_free_ctx; + } p = simple_get_bytes(p, end, &tmp, sizeof(tmp)); if (IS_ERR(p)) goto out_err_free_ctx; - if (tmp != SEAL_ALG_DES) + if (tmp != SEAL_ALG_DES) { + p = ERR_PTR(-ENOSYS); goto out_err_free_ctx; + } p = simple_get_bytes(p, end, &ctx->endtime, sizeof(ctx->endtime)); if (IS_ERR(p)) goto out_err_free_ctx; diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c index 1c6eda5..dedcbd6 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seal.c +++ b/net/sunrpc/auth_gss/gss_krb5_seal.c @@ -83,6 +83,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text, u32 seq_send; dprintk("RPC: gss_krb5_seal\n"); + BUG_ON(ctx == NULL); now = get_seconds(); -- cgit v1.1