summaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss/gss_krb5_unseal.c
diff options
context:
space:
mode:
authorJ. Bruce Fields2013-10-09 21:59:29 +0200
committerJ. Bruce Fields2013-10-10 17:04:48 +0200
commit5d6baef9ab52d0d02b3106d8ccd1b05ec628e027 (patch)
treee983e2d40f2e1db8aaa04902d26208eb259a79d6 /net/sunrpc/auth_gss/gss_krb5_unseal.c
parentsvcrpc: handle some gssproxy encoding errors (diff)
downloadkernel-qcow2-linux-5d6baef9ab52d0d02b3106d8ccd1b05ec628e027.tar.gz
kernel-qcow2-linux-5d6baef9ab52d0d02b3106d8ccd1b05ec628e027.tar.xz
kernel-qcow2-linux-5d6baef9ab52d0d02b3106d8ccd1b05ec628e027.zip
gss_krb5: document that we ignore sequence number
A couple times recently somebody has noticed that we're ignoring a sequence number here and wondered whether there's a bug. In fact, there's not. Thanks to Andy Adamson for pointing out a useful explanation in rfc 2203. Add comments citing that rfc, and remove "seqnum" to prevent static checkers complaining about unused variables. Reported-by: Andi Kleen <andi@firstfloor.org> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'net/sunrpc/auth_gss/gss_krb5_unseal.c')
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_unseal.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index 6cd930f3678f..6c981ddc19f8 100644
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -150,7 +150,6 @@ gss_verify_mic_v2(struct krb5_ctx *ctx,
struct xdr_netobj cksumobj = {.len = sizeof(cksumdata),
.data = cksumdata};
s32 now;
- u64 seqnum;
u8 *ptr = read_token->data;
u8 *cksumkey;
u8 flags;
@@ -197,9 +196,10 @@ gss_verify_mic_v2(struct krb5_ctx *ctx,
if (now > ctx->endtime)
return GSS_S_CONTEXT_EXPIRED;
- /* do sequencing checks */
-
- seqnum = be64_to_cpup((__be64 *)ptr + 8);
+ /*
+ * NOTE: the sequence number at ptr + 8 is skipped, rpcsec_gss
+ * doesn't want it checked; see page 6 of rfc 2203.
+ */
return GSS_S_COMPLETE;
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-07-07 22:55:09 +0200