summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2013-10-10 14:55:35 +0400
committerJ. Bruce Fields <bfields@redhat.com>2013-10-26 23:36:55 +0400
commitcf4c024b908353fcc48309374d39e3399d67dfd1 (patch)
tree856a7045ecc3a223701bb5660275375fbc5bef28
parent5d6baef9ab52d0d02b3106d8ccd1b05ec628e027 (diff)
downloadlinux-cf4c024b908353fcc48309374d39e3399d67dfd1.tar.xz
sunrpc: trim off EC bytes in GSSAPI v2 unwrap
As Bruce points out in RFC 4121, section 4.2.3: "In Wrap tokens that provide for confidentiality, the first 16 octets of the Wrap token (the "header", as defined in section 4.2.6), SHALL be appended to the plaintext data before encryption. Filler octets MAY be inserted between the plaintext data and the "header."" ...and... "In Wrap tokens with confidentiality, the EC field SHALL be used to encode the number of octets in the filler..." It's possible for the client to stuff different data in that area on a retransmission, which could make the checksum come out wrong in the DRC code. After decrypting the blob, we should trim off any extra count bytes in addition to the checksum blob. Reported-by: "J. Bruce Fields" <bfields@fieldses.org> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_wrap.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index 5040a460f1d9..42560e55d978 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -576,8 +576,8 @@ gss_unwrap_kerberos_v2(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf)
buf->head[0].iov_len -= GSS_KRB5_TOK_HDR_LEN + headskip;
buf->len -= GSS_KRB5_TOK_HDR_LEN + headskip;
- /* Trim off the checksum blob */
- xdr_buf_trim(buf, GSS_KRB5_TOK_HDR_LEN + tailskip);
+ /* Trim off the trailing "extra count" and checksum blob */
+ xdr_buf_trim(buf, ec + GSS_KRB5_TOK_HDR_LEN + tailskip);
return GSS_S_COMPLETE;
}