mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net
History
Jeff Layton cf4c024b90 sunrpc: trim off EC bytes in GSSAPI v2 unwrap 
As Bruce points out in RFC 4121, section 4.2.3:

   "In Wrap tokens that provide for confidentiality, the first 16 octets
    of the Wrap token (the "header", as defined in section 4.2.6), SHALL
    be appended to the plaintext data before encryption.  Filler octets
    MAY be inserted between the plaintext data and the "header.""

...and...

   "In Wrap tokens with confidentiality, the EC field SHALL be used to
    encode the number of octets in the filler..."

It's possible for the client to stuff different data in that area on a
retransmission, which could make the checksum come out wrong in the DRC
code.

After decrypting the blob, we should trim off any extra count bytes in
addition to the checksum blob.

Reported-by: "J. Bruce Fields" <bfields@fieldses.org>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
 		2013-10-26 15:36:55 -04:00
..
9p for-linus-3.12-merge minor 9p fixes and tweaks for 3.12 merge window 2013-09-11 12:34:13 -07:00
802 net/802/mrp: fix lockdep splat 2013-05-14 13:02:30 -07:00
8021q net: vlan: inherit addr_assign_type along with dev_addr 2013-09-03 20:57:49 -04:00
appletalk net: proc_fs: trivial: print UIDs as unsigned int 2013-08-15 14:37:46 -07:00
atm net: always pass struct netdev_notifier_info to netdevice notifiers 2013-05-28 21:58:54 -07:00
ax25 net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
batman-adv batman-adv: set the TAG flag for the vid passed to BLA 2013-09-17 21:15:16 +02:00
bluetooth Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2013-09-06 09:30:36 -07:00
bridge bridge: fix NULL pointer deref of br_port_get_rcu 2013-09-15 22:03:33 -04:00
caif caif: Add missing braces to multiline if in cfctrl_linkup_request 2013-09-05 14:31:02 -04:00
can can: gw: add a per rule limitation of frame hops 2013-08-29 22:58:24 +02:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2013-09-19 12:50:37 -05:00
core netpoll: fix NULL pointer dereference in netpoll_cleanup 2013-09-19 14:15:53 -04:00
dcb
dccp net:dccp: do not report ICMP redirects to user space 2013-09-18 12:33:44 -04:00
decnet net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
dns_resolver net: strict_strtoul is obsolete, use kstrtoul instead 2013-07-12 16:09:14 -07:00
dsa net: dsa: inherit addr_assign_type along with dev_addr 2013-09-03 20:57:49 -04:00
ethernet net: Fix sysfs_format_mac() code duplication. 2013-07-16 17:09:22 -07:00
ieee802154 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-09-05 14:54:29 -07:00
ipv4 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-09-19 13:57:28 -05:00
ipv6 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2013-09-17 20:22:53 -04:00
ipx net: proc_fs: trivial: print UIDs as unsigned int 2013-08-15 14:37:46 -07:00
irda net/irda: fixed style issues in irttp 2013-07-19 17:34:40 -07:00
iucv net: delete __cpuinit usage from all net files 2013-07-14 19:36:58 -04:00
key xfrm: Remove rebundant address family checking 2013-08-07 10:12:58 +02:00
l2tp l2tp: make datapath resilient to packet loss when sequence numbers enabled 2013-07-02 16:33:25 -07:00
lapb
llc llc: Use normal etherdevice.h tests 2013-09-03 22:34:47 -04:00
mac80211 Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next 2013-08-28 13:51:40 -04:00
mac802154
mpls MPLS: Add limited GSO support 2013-05-27 22:50:59 -07:00
netfilter ip: generate unique IP identificator if local fragmentation is allowed 2013-09-19 14:11:15 -04:00
netlabel netlabel: use domain based selectors when address based selectors are not available 2013-08-02 16:57:01 -07:00
netlink net: netlink: filter particular protocols from analyzers 2013-09-06 14:43:48 -04:00
netrom net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
nfc NFC: Update secure element state 2013-08-14 01:13:40 +02:00
openvswitch net: ovs: flow: fix potential illegal memory access in __parse_flow_nlattrs 2013-09-11 16:09:58 -04:00
packet net: packet: use reciprocal_divide in fanout_demux_hash 2013-08-29 16:43:29 -04:00
phonet net: proc_fs: trivial: print UIDs as unsigned int 2013-08-15 14:37:46 -07:00
rds net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-09-05 14:54:29 -07:00
rose net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
rxrpc
sched net_sched: htb: fix a typo in htb_change_class() 2013-09-11 17:16:22 -04:00
sctp net: sctp: rfc4443: do not report ICMP redirects to user space 2013-09-16 21:40:15 -04:00
sunrpc sunrpc: trim off EC bytes in GSSAPI v2 unwrap 2013-10-26 15:36:55 -04:00
tipc tipc: set sk_err correctly when connection fails 2013-08-30 16:06:57 -04:00
unix af_unix: fix bug on large send() 2013-08-11 22:02:36 -07:00
vmw_vsock Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-08-16 15:37:26 -07:00
wimax
wireless Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-09-05 14:54:29 -07:00
x25 x25: add a sanity check parsing X.25 facilities 2013-09-04 00:27:27 -04:00
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-09-05 14:58:52 -04:00
Kconfig Remove GENERIC_HARDIRQ config option 2013-09-13 15:09:52 +02:00
Makefile MPLS: Add limited GSO support 2013-05-27 22:50:59 -07:00
compat.c net: Unbreak compat_sys_{send,recv}msg 2013-06-06 11:52:14 -07:00
nonet.c
socket.c Merge git://git.kvack.org/~bcrl/aio-next 2013-09-13 10:55:58 -07:00
sysctl_net.c