On 11 Sep 2019, at 13:43, Chuck Lever wrote:
On Sep 11, 2019, at 1:40 PM, Benjamin Coddington
<bcodding@xxxxxxxxxx> wrote:
On 11 Sep 2019, at 13:29, Chuck Lever wrote:
On Sep 11, 2019, at 1:26 PM, Benjamin Coddington
<bcodding@xxxxxxxxxx> wrote:
On 11 Sep 2019, at 12:39, Chuck Lever wrote:
On Sep 11, 2019, at 12:25 PM, Benjamin Coddington
<bcodding@xxxxxxxxxx> wrote:
Instead, I think we want to make sure the mic falls squarely into
the tail
every time.
I'm not clear how you could do that. The length of the page data
is not
known to the client before it parses the reply. Are you suggesting
that
gss_unwrap should do it somehow?
Is it too niave to always put the mic at the end of the tail?
The size of the page content is variable.
The only way the MIC will fall into the tail is if the page content
is
exactly the largest expected size. When the page content is smaller
than
that, the receive logic will place part or all of the MIC in
->pages.
Ok, right. But what I meant is that xdr_buf_read_netobj() should be
renamed
and repurposed to be "move the mic from wherever it is to the end of
xdr_buf's tail".
But now I see what you mean, and I also see that it is already trying
to do
that.. and we don't want to overlap the copy..
So, really, we need the tail to be larger than twice the mic.. less
1. That
means the fix is probably just increasing rslack for krb5i.
What's the justification for that particular maximum size? Are you
sure the
page contents are not spilling into the tail?
In the problem case, I am sure they are not.
The justification is that if the mic straddles pages and tail, today we
try
to copy it to the end of the tail. The room we'd need for that is the
size
of the mic less any of it that is up in the pages.