On 11 Sep 2019, at 13:29, Chuck Lever wrote:
On Sep 11, 2019, at 1:26 PM, Benjamin Coddington
<bcodding@xxxxxxxxxx> wrote:
On 11 Sep 2019, at 12:39, Chuck Lever wrote:
On Sep 11, 2019, at 12:25 PM, Benjamin Coddington
<bcodding@xxxxxxxxxx> wrote:
Instead, I think we want to make sure the mic falls squarely into
the tail
every time.
I'm not clear how you could do that. The length of the page data is
not
known to the client before it parses the reply. Are you suggesting
that
gss_unwrap should do it somehow?
Is it too niave to always put the mic at the end of the tail?
The size of the page content is variable.
The only way the MIC will fall into the tail is if the page content is
exactly the largest expected size. When the page content is smaller
than
that, the receive logic will place part or all of the MIC in ->pages.
Ok, right. But what I meant is that xdr_buf_read_netobj() should be
renamed
and repurposed to be "move the mic from wherever it is to the end of
xdr_buf's tail".
But now I see what you mean, and I also see that it is already trying to
do
that.. and we don't want to overlap the copy..
So, really, we need the tail to be larger than twice the mic.. less 1.
That
means the fix is probably just increasing rslack for krb5i.
Ben