From 5d6baef9ab52d0d02b3106d8ccd1b05ec628e027 Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Wed, 9 Oct 2013 15:59:29 -0400 Subject: gss_krb5: document that we ignore sequence number A couple times recently somebody has noticed that we're ignoring a sequence number here and wondered whether there's a bug. In fact, there's not. Thanks to Andy Adamson for pointing out a useful explanation in rfc 2203. Add comments citing that rfc, and remove "seqnum" to prevent static checkers complaining about unused variables. Reported-by: Andi Kleen Signed-off-by: J. Bruce Fields --- net/sunrpc/auth_gss/gss_krb5_wrap.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'net/sunrpc/auth_gss/gss_krb5_wrap.c') diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c index 1da52d1406fc..5040a460f1d9 100644 --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c @@ -489,7 +489,6 @@ static u32 gss_unwrap_kerberos_v2(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf) { s32 now; - u64 seqnum; u8 *ptr; u8 flags = 0x00; u16 ec, rrc; @@ -525,7 +524,10 @@ gss_unwrap_kerberos_v2(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf) ec = be16_to_cpup((__be16 *)(ptr + 4)); rrc = be16_to_cpup((__be16 *)(ptr + 6)); - seqnum = be64_to_cpup((__be64 *)(ptr + 8)); + /* + * NOTE: the sequence number at ptr + 8 is skipped, rpcsec_gss + * doesn't want it checked; see page 6 of rfc 2203. + */ if (rrc != 0) rotate_left(offset + 16, buf, rrc); -- cgit v1.2.1