rpcgss: krb5: ignore seed

We're currently not actually using seed or seed_init. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

rpcgss: krb5: ignore seed
We're currently not actually using seed or seed_init. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
717757ad · J. Bruce Fields · Trond Myklebust · d922a84a · 717757ad · 717757ad
Commit 717757ad authored Dec 04, 2006 by J. Bruce Fields Committed by Trond Myklebust Dec 06, 2006
Show whitespace changes
Inline Side-by-side

Showing with 6 additions and 7 deletions

include/linux/sunrpc/gss_krb5.h include/linux/sunrpc/gss_krb5.h +0 -2

net/sunrpc/auth_gss/gss_krb5_mech.c net/sunrpc/auth_gss/gss_krb5_mech.c +6 -5

No files found.
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -42,8 +42,6 @@
 struct krb5_ctx {
 	int			initiate; /* 1 = initiating, 0 = accepting */
-	int			seed_init;
-	unsigned char		seed[16];
 	struct crypto_blkcipher	*enc;
 	struct crypto_blkcipher	*seq;
 	s32			endtime;

--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -137,12 +137,13 @@ gss_import_sec_context_kerberos(const void *p,
 	p = simple_get_bytes(p, end, &ctx->initiate, sizeof(ctx->initiate));
 	if (IS_ERR(p))
 		goto out_err_free_ctx;
-	p = simple_get_bytes(p, end, &ctx->seed_init, sizeof(ctx->seed_init));
+	/* The downcall format was designed before we completely understood
-	if (IS_ERR(p))
+	 * the uses of the context fields; so it includes some stuff we
-		goto out_err_free_ctx;
+	 * just give some minimal sanity-checking, and some we ignore
-	p = simple_get_bytes(p, end, ctx->seed, sizeof(ctx->seed));
+	 * completely (like the next twenty bytes): */
-	if (IS_ERR(p))
+	if (unlikely(p + 20 > end || p + 20 < p))
 		goto out_err_free_ctx;
+	p += 20;
 	p = simple_get_bytes(p, end, &tmp, sizeof(tmp));
 	if (IS_ERR(p))
 		goto out_err_free_ctx;