iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c0cb8bf3a8
linux/net
History
Tomáš Trnka c0cb8bf3a8 sunrpc: fix stripping of padded MIC tokens 
The length of the GSS MIC token need not be a multiple of four bytes.
It is then padded by XDR to a multiple of 4 B, but unwrap_integ_data()
would previously only trim mic.len + 4 B. The remaining up to three
bytes would then trigger a check in nfs4svc_decode_compoundargs(),
leading to a "garbage args" error and mount failure:

nfs4svc_decode_compoundargs: compound not properly padded!
nfsd: failed to decode arguments!

This would prevent older clients using the pre-RFC 4121 MIC format
(37-byte MIC including a 9-byte OID) from mounting exports from v3.9+
servers using krb5i.

The trimming was introduced by commit 4c190e2f91 ("sunrpc: trim off
trailing checksum before returning decrypted or integrity authenticated
buffer").

Fixes: 4c190e2f91 "unrpc: trim off trailing checksum..."
Signed-off-by: Tomáš Trnka <ttrnka@mail.muni.cz>
Cc: stable@vger.kernel.org
Acked-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2016-05-23 10:58:21 -04:00
..
6lowpan 6lowpan: iphc: fix SAM/DAM bit comment 2016-03-10 19:51:29 +01:00
9p net/9p: convert to new CQ API 2016-03-10 20:54:09 -05:00
802
8021q vlan: propagate gso_max_segs 2016-03-17 21:05:01 -04:00
appletalk appletalk: fix erroneous return value 2016-02-18 14:59:34 -05:00
atm net: Generalise wq_has_sleeper helper 2015-11-30 14:47:33 -05:00
ax25 ax25: add link layer header validation function 2016-03-09 22:13:01 -05:00
batman-adv batman-adv: clarify CFG80211 dependency 2016-03-02 13:45:47 -05:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2016-03-19 10:05:34 -07:00
bridge netfilter: ebtables: Fix extension lookup with identical name 2016-04-13 01:16:57 +02:00
caif net: caif: fix misleading indentation 2016-03-14 13:09:50 -04:00
can
ceph mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros 2016-04-04 10:41:08 -07:00
core vlan: pull on __vlan_insert_tag error path and fix csum correction 2016-04-15 23:20:11 -04:00
dcb
dccp tcp/dccp: remove obsolete WARN_ON() in icmp handlers 2016-03-17 21:06:40 -04:00
decnet decnet: Do not build routes to devices without decnet private data. 2016-04-10 23:01:30 -04:00
dns_resolver
dsa net: dsa: refine netdev event notifier 2016-03-14 16:05:32 -04:00
ethernet eth: Pull header from first fragment via eth_get_headlen 2016-02-24 13:58:05 -05:00
hsr net/hsr: fix a warning message 2015-11-23 14:56:15 -05:00
ieee802154 ieee802154: 6lowpan: fix return of netdev notifier 2016-02-23 20:29:40 +01:00
ipv4 tcp: Merge tx_flags and tskey in tcp_shifted_skb 2016-04-21 14:40:55 -04:00
ipv6 ipv6: udp: Do a route lookup and update during release_cb 2016-04-14 16:29:53 -04:00
ipx
irda Merge 4.5-rc4 into tty-next 2016-02-14 14:36:04 -08:00
iucv af_iucv: Validate socket address length in iucv_sock_bind() 2016-01-19 14:21:08 -05:00
kcm kcm: Add receive message timeout 2016-03-09 16:36:15 -05:00
key
l2tp ipv6: l2tp: fix a potential issue in l2tp_ip6_recv 2016-04-04 16:00:28 -04:00
l3mdev net: l3mdev: address selection should only consider devices in L3 domain 2016-02-26 14:22:26 -05:00
lapb
llc af_llc: fix types on llc_ui_wait_for_conn 2016-02-17 16:12:13 -05:00
mac80211 mac80211: fix "warning: ‘target_metric’ may be used uninitialized" 2016-04-06 15:10:25 +02:00
mac802154 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2016-03-19 10:05:34 -07:00
mpls mpls: find_outdev: check for err ptr in addition to NULL check 2016-04-08 12:43:20 -04:00
netfilter netfilter: nf_conntrack_tcp: Fix stack out of bounds when parsing TCP options 2016-04-07 18:42:37 +02:00
netlabel netlabel: do not initialise statics to NULL 2016-03-07 11:08:26 -05:00
netlink netlink: don't send NETLINK_URELEASE for unbound sockets 2016-04-10 23:32:23 -04:00
netrom
nfc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2016-03-19 10:05:34 -07:00
openvswitch openvswitch: use flow protocol when recalculating ipv6 checksums 2016-04-21 15:28:47 -04:00
packet packet: fix heap info leak in PACKET_DIAG_MCLIST sock_diag interface 2016-04-14 00:46:39 -04:00
phonet sock: struct proto hash function may error 2016-02-11 03:54:14 -05:00
rds RDS: Fix the atomicity for congestion map update 2016-04-16 19:01:05 -04:00
rfkill Here's another round of updates for -next: 2016-03-01 17:03:27 -05:00
rose
rxrpc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2016-03-19 10:05:34 -07:00
sched net: sched: do not requeue a NULL skb 2016-04-14 01:28:51 -04:00
sctp sctp: avoid refreshing heartbeat timer too often 2016-04-10 22:22:34 -04:00
sunrpc sunrpc: fix stripping of padded MIC tokens 2016-05-23 10:58:21 -04:00
switchdev switchdev: fix typo in comments/doc 2016-03-24 14:51:24 -04:00
tipc tipc: purge deferred updates from dead nodes 2016-04-11 15:22:20 -04:00
unix Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-02-23 00:09:14 -05:00
vmw_vsock VSOCK: Only check error on skb_recv_datagram when skb is NULL 2016-04-19 20:42:01 -04:00
wimax
wireless nl80211: check netlink protocol in socket release notification 2016-04-12 15:39:06 +02:00
x25
xfrm xfrm: Fix crash observed during device unregistration and decryption 2016-03-24 14:29:36 -04:00
compat.c
Kconfig Make DST_CACHE a silent config option 2016-03-21 22:56:38 -04:00
Makefile kcm: Kernel Connection Multiplexor module 2016-03-09 16:36:14 -05:00
socket.c net: Fix use after free in the recvmmsg exit path 2016-03-14 12:41:49 -04:00
sysctl_net.c