diff options
| author | J. Bruce Fields <bfields@redhat.com> | 2013-10-09 15:59:29 -0400 |
|---|---|---|
| committer | J. Bruce Fields <bfields@redhat.com> | 2013-10-10 11:04:48 -0400 |
| commit | 5d6baef9ab52d0d02b3106d8ccd1b05ec628e027 (patch) | |
| tree | e983e2d40f2e1db8aaa04902d26208eb259a79d6 /net/sunrpc/auth_gss/gss_krb5_wrap.c | |
| parent | b26ec9b11b309acd9f6bb15fcc9bb396091384e8 (diff) | |
| download | linux-5d6baef9ab52d0d02b3106d8ccd1b05ec628e027.tar.gz | |
gss_krb5: document that we ignore sequence number
A couple times recently somebody has noticed that we're ignoring a
sequence number here and wondered whether there's a bug.
In fact, there's not. Thanks to Andy Adamson for pointing out a useful
explanation in rfc 2203. Add comments citing that rfc, and remove
"seqnum" to prevent static checkers complaining about unused variables.
Reported-by: Andi Kleen <andi@firstfloor.org>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'net/sunrpc/auth_gss/gss_krb5_wrap.c')
| -rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_wrap.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c index 1da52d1406fc..5040a460f1d9 100644 --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c @@ -489,7 +489,6 @@ static u32 gss_unwrap_kerberos_v2(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf) { s32 now; - u64 seqnum; u8 *ptr; u8 flags = 0x00; u16 ec, rrc; @@ -525,7 +524,10 @@ gss_unwrap_kerberos_v2(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf) ec = be16_to_cpup((__be16 *)(ptr + 4)); rrc = be16_to_cpup((__be16 *)(ptr + 6)); - seqnum = be64_to_cpup((__be64 *)(ptr + 8)); + /* + * NOTE: the sequence number at ptr + 8 is skipped, rpcsec_gss + * doesn't want it checked; see page 6 of rfc 2203. + */ if (rrc != 0) rotate_left(offset + 16, buf, rrc); |