mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-07-16 17:57:38 -04:00
sunrpc: fix handling of unknown auth status codes
In the case of an unknown error code from svc_authenticate or pg_authenticate, return AUTH_ERROR with a status of AUTH_FAILED. Also add the other auth_stat value from RFC 5531, and document all the status codes. Signed-off-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
This commit is contained in:
@@ -69,15 +69,17 @@ enum rpc_reject_stat {
|
||||
};
|
||||
|
||||
enum rpc_auth_stat {
|
||||
RPC_AUTH_OK = 0,
|
||||
RPC_AUTH_BADCRED = 1,
|
||||
RPC_AUTH_REJECTEDCRED = 2,
|
||||
RPC_AUTH_BADVERF = 3,
|
||||
RPC_AUTH_REJECTEDVERF = 4,
|
||||
RPC_AUTH_TOOWEAK = 5,
|
||||
RPC_AUTH_OK = 0, /* success */
|
||||
RPC_AUTH_BADCRED = 1, /* bad credential (seal broken) */
|
||||
RPC_AUTH_REJECTEDCRED = 2, /* client must begin new session */
|
||||
RPC_AUTH_BADVERF = 3, /* bad verifier (seal broken) */
|
||||
RPC_AUTH_REJECTEDVERF = 4, /* verifier expired or replayed */
|
||||
RPC_AUTH_TOOWEAK = 5, /* rejected for security reasons */
|
||||
RPC_AUTH_INVALIDRESP = 6, /* bogus response verifier */
|
||||
RPC_AUTH_FAILED = 7, /* reason unknown */
|
||||
/* RPCSEC_GSS errors */
|
||||
RPCSEC_GSS_CREDPROBLEM = 13,
|
||||
RPCSEC_GSS_CTXPROBLEM = 14
|
||||
RPCSEC_GSS_CREDPROBLEM = 13, /* no credentials for user */
|
||||
RPCSEC_GSS_CTXPROBLEM = 14 /* problem with context */
|
||||
};
|
||||
|
||||
#define RPC_MAXNETNAMELEN 256
|
||||
|
||||
@@ -119,6 +119,8 @@ xdr_buf_init(struct xdr_buf *buf, void *start, size_t len)
|
||||
#define rpc_autherr_badverf cpu_to_be32(RPC_AUTH_BADVERF)
|
||||
#define rpc_autherr_rejectedverf cpu_to_be32(RPC_AUTH_REJECTEDVERF)
|
||||
#define rpc_autherr_tooweak cpu_to_be32(RPC_AUTH_TOOWEAK)
|
||||
#define rpc_autherr_invalidresp cpu_to_be32(RPC_AUTH_INVALIDRESP)
|
||||
#define rpc_autherr_failed cpu_to_be32(RPC_AUTH_FAILED)
|
||||
#define rpcsec_gsserr_credproblem cpu_to_be32(RPCSEC_GSS_CREDPROBLEM)
|
||||
#define rpcsec_gsserr_ctxproblem cpu_to_be32(RPCSEC_GSS_CTXPROBLEM)
|
||||
|
||||
|
||||
@@ -1387,7 +1387,8 @@ svc_process_common(struct svc_rqst *rqstp)
|
||||
goto sendit;
|
||||
default:
|
||||
pr_warn_once("Unexpected svc_auth_status (%d)\n", auth_res);
|
||||
goto err_system_err;
|
||||
rqstp->rq_auth_stat = rpc_autherr_failed;
|
||||
goto err_bad_auth;
|
||||
}
|
||||
|
||||
if (progp == NULL)
|
||||
|
||||
Reference in New Issue
Block a user