On 07/14/2011 12:59 AM, J. Bruce Fields wrote:
On Fedora 15 I'm seeing odd krb5 behavior: the context initialization
appears to work fine, but then gssd sends a malformed RPCSEC_GSS_DESTROY
packet just before closing the connection. The client's first operation
to the server using the context is rejected because the server's mic
verification fails.
Has anyone else seen this?
I have reported the same issue couple of weeks ago
http://www.spinics.net/lists/linux-nfs/msg22142.html
I use suse 11.4 x86_64 and can reproduce it with native kernel
2.6.37.xxx and 3.0.0-rc5.
To me it looks like that in rpc packet missing verifier. Nevertheless
the message length is up to verifier. What I failed to find out it the
message length did not take verifier in the account or verifier is
missing in the first place. I was looking the the kernel code, but may
be problem is in gssd. I don't know which part of gss handling in user
space and which part is in the kernel.
Tigran.
I'll keep investigating.
--b.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
