@@ -693,28 +693,6 @@ static bool gss_check_seq_num(const struct svc_rqst *rqstp, struct rsc *rsci,
693
693
goto out ;
694
694
}
695
695
696
- static inline u32 round_up_to_quad (u32 i )
697
- {
698
- return (i + 3 ) & ~3 ;
699
- }
700
-
701
- static inline int
702
- svc_safe_putnetobj (struct kvec * resv , struct xdr_netobj * o )
703
- {
704
- u8 * p ;
705
-
706
- if (resv -> iov_len + 4 > PAGE_SIZE )
707
- return -1 ;
708
- svc_putnl (resv , o -> len );
709
- p = resv -> iov_base + resv -> iov_len ;
710
- resv -> iov_len += round_up_to_quad (o -> len );
711
- if (resv -> iov_len > PAGE_SIZE )
712
- return -1 ;
713
- memcpy (p , o -> data , o -> len );
714
- memset (p + o -> len , 0 , round_up_to_quad (o -> len ) - o -> len );
715
- return 0 ;
716
- }
717
-
718
696
/*
719
697
* Decode and verify a Call's verifier field. For RPC_AUTH_GSS Calls,
720
698
* the body of this field contains a variable length checksum.
@@ -772,42 +750,6 @@ svcauth_gss_verify_header(struct svc_rqst *rqstp, struct rsc *rsci,
772
750
return SVC_OK ;
773
751
}
774
752
775
- static int
776
- gss_write_verf (struct svc_rqst * rqstp , struct gss_ctx * ctx_id , u32 seq )
777
- {
778
- __be32 * xdr_seq ;
779
- u32 maj_stat ;
780
- struct xdr_buf verf_data ;
781
- struct xdr_netobj mic ;
782
- __be32 * p ;
783
- struct kvec iov ;
784
- int err = -1 ;
785
-
786
- svc_putnl (rqstp -> rq_res .head , RPC_AUTH_GSS );
787
- xdr_seq = kmalloc (4 , GFP_KERNEL );
788
- if (!xdr_seq )
789
- return - ENOMEM ;
790
- * xdr_seq = htonl (seq );
791
-
792
- iov .iov_base = xdr_seq ;
793
- iov .iov_len = 4 ;
794
- xdr_buf_from_iov (& iov , & verf_data );
795
- p = rqstp -> rq_res .head -> iov_base + rqstp -> rq_res .head -> iov_len ;
796
- mic .data = (u8 * )(p + 1 );
797
- maj_stat = gss_get_mic (ctx_id , & verf_data , & mic );
798
- if (maj_stat != GSS_S_COMPLETE )
799
- goto out ;
800
- * p ++ = htonl (mic .len );
801
- memset ((u8 * )p + mic .len , 0 , round_up_to_quad (mic .len ) - mic .len );
802
- p += XDR_QUADLEN (mic .len );
803
- if (!xdr_ressize_check (rqstp , p ))
804
- goto out ;
805
- err = 0 ;
806
- out :
807
- kfree (xdr_seq );
808
- return err ;
809
- }
810
-
811
753
/*
812
754
* Construct and encode a Reply's verifier field. The verifier's body
813
755
* field contains a variable-length checksum of the GSS sequence
@@ -1454,8 +1396,6 @@ svcauth_gss_proc_init(struct svc_rqst *rqstp, struct rpc_gss_wire_cred *gc)
1454
1396
u32 flavor , len ;
1455
1397
void * body ;
1456
1398
1457
- svcxdr_init_encode (rqstp );
1458
-
1459
1399
/* Call's verf field: */
1460
1400
if (xdr_stream_decode_opaque_auth (xdr , & flavor , & body , & len ) < 0 )
1461
1401
return SVC_GARBAGE ;
@@ -1642,15 +1582,15 @@ svcauth_gss_decode_credbody(struct xdr_stream *xdr,
1642
1582
static int
1643
1583
svcauth_gss_accept (struct svc_rqst * rqstp )
1644
1584
{
1645
- struct kvec * resv = & rqstp -> rq_res .head [0 ];
1646
1585
struct gss_svc_data * svcdata = rqstp -> rq_auth_data ;
1647
1586
__be32 * rpcstart ;
1648
1587
struct rpc_gss_wire_cred * gc ;
1649
1588
struct rsc * rsci = NULL ;
1650
- __be32 * reject_stat = resv -> iov_base + resv -> iov_len ;
1651
1589
int ret ;
1652
1590
struct sunrpc_net * sn = net_generic (SVC_NET (rqstp ), sunrpc_net_id );
1653
1591
1592
+ svcxdr_init_encode (rqstp );
1593
+
1654
1594
rqstp -> rq_auth_stat = rpc_autherr_badcred ;
1655
1595
if (!svcdata )
1656
1596
svcdata = kmalloc (sizeof (* svcdata ), GFP_KERNEL );
@@ -1700,28 +1640,25 @@ svcauth_gss_accept(struct svc_rqst *rqstp)
1700
1640
/* now act upon the command: */
1701
1641
switch (gc -> gc_proc ) {
1702
1642
case RPC_GSS_PROC_DESTROY :
1703
- if (gss_write_verf (rqstp , rsci -> mechctx , gc -> gc_seq ))
1643
+ if (! svcauth_gss_encode_verf (rqstp , rsci -> mechctx , gc -> gc_seq ))
1704
1644
goto auth_err ;
1705
1645
/* Delete the entry from the cache_list and call cache_put */
1706
1646
sunrpc_cache_unhash (sn -> rsc_cache , & rsci -> h );
1707
- if (resv -> iov_len + 4 > PAGE_SIZE )
1708
- goto drop ;
1709
- svc_putnl (resv , RPC_SUCCESS );
1647
+ if (xdr_stream_encode_u32 (& rqstp -> rq_res_stream , RPC_SUCCESS ) < 0 )
1648
+ goto auth_err ;
1710
1649
goto complete ;
1711
1650
case RPC_GSS_PROC_DATA :
1712
1651
rqstp -> rq_auth_stat = rpcsec_gsserr_ctxproblem ;
1713
- svcdata -> verf_start = resv -> iov_base + resv -> iov_len ;
1714
- if (gss_write_verf (rqstp , rsci -> mechctx , gc -> gc_seq ))
1652
+ svcdata -> verf_start = xdr_reserve_space ( & rqstp -> rq_res_stream , 0 ) ;
1653
+ if (! svcauth_gss_encode_verf (rqstp , rsci -> mechctx , gc -> gc_seq ))
1715
1654
goto auth_err ;
1716
1655
rqstp -> rq_cred = rsci -> cred ;
1717
1656
get_group_info (rsci -> cred .cr_group_info );
1718
1657
rqstp -> rq_auth_stat = rpc_autherr_badcred ;
1719
1658
switch (gc -> gc_svc ) {
1720
1659
case RPC_GSS_SVC_NONE :
1721
- svcxdr_init_encode (rqstp );
1722
1660
break ;
1723
1661
case RPC_GSS_SVC_INTEGRITY :
1724
- svcxdr_init_encode (rqstp );
1725
1662
/* placeholders for body length and seq. number: */
1726
1663
xdr_reserve_space (& rqstp -> rq_res_stream , XDR_UNIT * 2 );
1727
1664
if (svcauth_gss_unwrap_integ (rqstp , gc -> gc_seq ,
@@ -1730,7 +1667,6 @@ svcauth_gss_accept(struct svc_rqst *rqstp)
1730
1667
svcxdr_set_auth_slack (rqstp , RPC_MAX_AUTH_SIZE );
1731
1668
break ;
1732
1669
case RPC_GSS_SVC_PRIVACY :
1733
- svcxdr_init_encode (rqstp );
1734
1670
/* placeholders for body length and seq. number: */
1735
1671
xdr_reserve_space (& rqstp -> rq_res_stream , XDR_UNIT * 2 );
1736
1672
if (svcauth_gss_unwrap_priv (rqstp , gc -> gc_seq ,
@@ -1755,8 +1691,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp)
1755
1691
ret = SVC_GARBAGE ;
1756
1692
goto out ;
1757
1693
auth_err :
1758
- /* Restore write pointer to its original value: */
1759
- xdr_ressize_check (rqstp , reject_stat );
1694
+ xdr_truncate_encode (& rqstp -> rq_res_stream , XDR_UNIT * 2 );
1760
1695
ret = SVC_DENIED ;
1761
1696
goto out ;
1762
1697
complete :
0 commit comments