nfsd4: setclientid_confirm with unmatched verifier should fail
A setclientid_confirm with (clientid, verifier) both matching an existing confirmed record is assumed to be a replay, but if the verifier doesn't match, it shouldn't be. This would be a very rare case, except that clients following https://tools.ietf.org/html/rfc7931#section-5.8 may depend on the failure. Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
This commit is contained in:
parent
ebd7c72c63
commit
7d22fc11c7
@ -3304,9 +3304,10 @@ nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
|
||||
goto out;
|
||||
/* cases below refer to rfc 3530 section 14.2.34: */
|
||||
if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
|
||||
if (conf && !unconf) /* case 2: probable retransmit */
|
||||
if (conf && same_verf(&confirm, &conf->cl_confirm)) {
|
||||
/* case 2: probable retransmit */
|
||||
status = nfs_ok;
|
||||
else /* case 4: client hasn't noticed we rebooted yet? */
|
||||
} else /* case 4: client hasn't noticed we rebooted yet? */
|
||||
status = nfserr_stale_clientid;
|
||||
goto out;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user