4c190e2f91
When GSSAPI integrity signatures are in use, or when we're using GSSAPI privacy with the v2 token format, there is a trailing checksum on the xdr_buf that is returned. It's checked during the authentication stage, and afterward nothing cares about it. Ordinarily, it's not a problem since the XDR code generally ignores it, but it will be when we try to compute a checksum over the buffer to help prevent XID collisions in the duplicate reply cache. Fix the code to trim off the checksums after verifying them. Note that in unwrap_integ_data, we must avoid trying to reverify the checksum if the request was deferred since it will no longer be present when it's revisited. Signed-off-by: Jeff Layton <jlayton@redhat.com> |
||
|---|---|---|
| .. | ||
| addr.h | ||
| auth_gss.h | ||
| auth.h | ||
| bc_xprt.h | ||
| cache.h | ||
| clnt.h | ||
| debug.h | ||
| gss_api.h | ||
| gss_asn1.h | ||
| gss_err.h | ||
| gss_krb5_enctypes.h | ||
| gss_krb5.h | ||
| metrics.h | ||
| msg_prot.h | ||
| rpc_pipe_fs.h | ||
| rpc_rdma.h | ||
| sched.h | ||
| stats.h | ||
| svc_rdma.h | ||
| svc_xprt.h | ||
| svc.h | ||
| svcauth_gss.h | ||
| svcauth.h | ||
| svcsock.h | ||
| timer.h | ||
| types.h | ||
| xdr.h | ||
| xprt.h | ||
| xprtrdma.h | ||
| xprtsock.h | ||