OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net
History
Jeff Layton cf4c024b90 sunrpc: trim off EC bytes in GSSAPI v2 unwrap 
As Bruce points out in RFC 4121, section 4.2.3:

   "In Wrap tokens that provide for confidentiality, the first 16 octets
    of the Wrap token (the "header", as defined in section 4.2.6), SHALL
    be appended to the plaintext data before encryption.  Filler octets
    MAY be inserted between the plaintext data and the "header.""

...and...

   "In Wrap tokens with confidentiality, the EC field SHALL be used to
    encode the number of octets in the filler..."

It's possible for the client to stuff different data in that area on a
retransmission, which could make the checksum come out wrong in the DRC
code.

After decrypting the blob, we should trim off any extra count bytes in
addition to the checksum blob.

Reported-by: "J. Bruce Fields" <bfields@fieldses.org>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
 		2013-10-26 15:36:55 -04:00
..
9p for-linus-3.12-merge minor 9p fixes and tweaks for 3.12 merge window 2013-09-11 12:34:13 -07:00
802
8021q net: vlan: inherit addr_assign_type along with dev_addr 2013-09-03 20:57:49 -04:00
appletalk net: proc_fs: trivial: print UIDs as unsigned int 2013-08-15 14:37:46 -07:00
atm
ax25
batman-adv batman-adv: set the TAG flag for the vid passed to BLA 2013-09-17 21:15:16 +02:00
bluetooth Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2013-09-06 09:30:36 -07:00
bridge bridge: fix NULL pointer deref of br_port_get_rcu 2013-09-15 22:03:33 -04:00
caif caif: Add missing braces to multiline if in cfctrl_linkup_request 2013-09-05 14:31:02 -04:00
can can: gw: add a per rule limitation of frame hops 2013-08-29 22:58:24 +02:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2013-09-19 12:50:37 -05:00
core netpoll: fix NULL pointer dereference in netpoll_cleanup 2013-09-19 14:15:53 -04:00
dcb
dccp net:dccp: do not report ICMP redirects to user space 2013-09-18 12:33:44 -04:00
decnet
dns_resolver net: strict_strtoul is obsolete, use kstrtoul instead 2013-07-12 16:09:14 -07:00
dsa net: dsa: inherit addr_assign_type along with dev_addr 2013-09-03 20:57:49 -04:00
ethernet net: Fix sysfs_format_mac() code duplication. 2013-07-16 17:09:22 -07:00
ieee802154 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-09-05 14:54:29 -07:00
ipv4 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-09-19 13:57:28 -05:00
ipv6 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2013-09-17 20:22:53 -04:00
ipx net: proc_fs: trivial: print UIDs as unsigned int 2013-08-15 14:37:46 -07:00
irda net/irda: fixed style issues in irttp 2013-07-19 17:34:40 -07:00
iucv net: delete __cpuinit usage from all net files 2013-07-14 19:36:58 -04:00
key xfrm: Remove rebundant address family checking 2013-08-07 10:12:58 +02:00
l2tp
lapb
llc llc: Use normal etherdevice.h tests 2013-09-03 22:34:47 -04:00
mac80211 Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next 2013-08-28 13:51:40 -04:00
mac802154
mpls
netfilter ip: generate unique IP identificator if local fragmentation is allowed 2013-09-19 14:11:15 -04:00
netlabel netlabel: use domain based selectors when address based selectors are not available 2013-08-02 16:57:01 -07:00
netlink net: netlink: filter particular protocols from analyzers 2013-09-06 14:43:48 -04:00
netrom
nfc NFC: Update secure element state 2013-08-14 01:13:40 +02:00
openvswitch net: ovs: flow: fix potential illegal memory access in __parse_flow_nlattrs 2013-09-11 16:09:58 -04:00
packet net: packet: use reciprocal_divide in fanout_demux_hash 2013-08-29 16:43:29 -04:00
phonet net: proc_fs: trivial: print UIDs as unsigned int 2013-08-15 14:37:46 -07:00
rds
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-09-05 14:54:29 -07:00
rose
rxrpc
sched net_sched: htb: fix a typo in htb_change_class() 2013-09-11 17:16:22 -04:00
sctp net: sctp: rfc4443: do not report ICMP redirects to user space 2013-09-16 21:40:15 -04:00
sunrpc sunrpc: trim off EC bytes in GSSAPI v2 unwrap 2013-10-26 15:36:55 -04:00
tipc tipc: set sk_err correctly when connection fails 2013-08-30 16:06:57 -04:00
unix af_unix: fix bug on large send() 2013-08-11 22:02:36 -07:00
vmw_vsock Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-08-16 15:37:26 -07:00
wimax
wireless Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-09-05 14:54:29 -07:00
x25 x25: add a sanity check parsing X.25 facilities 2013-09-04 00:27:27 -04:00
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-09-05 14:58:52 -04:00
Kconfig Remove GENERIC_HARDIRQ config option 2013-09-13 15:09:52 +02:00
Makefile
compat.c
nonet.c
socket.c Merge git://git.kvack.org/~bcrl/aio-next 2013-09-13 10:55:58 -07:00
sysctl_net.c