[PATCH] libtirpc: disallow calling auth_refresh from clnt_call with RPCSEC_GSS

Scott Mayhew <smayhew@xxxxxxxxxx> · Thu, 4 Mar 2021 14:19:55 -0500

Disallow calling auth_refresh from clnt_{dg,vc}_call if the client is
using RPCSEC_GSS.  Doing so can recurse back into clnt_{dg,vc}_call,
where we'll self-deadlock waiting on the condition variable.

Signed-off-by: Scott Mayhew <smayhew@xxxxxxxxxx>
---
 src/auth_gss.c       | 6 ++++++
 src/clnt_dg.c        | 8 ++++++++
 src/clnt_vc.c        | 9 +++++++++
 tirpc/rpc/auth_gss.h | 2 ++
 4 files changed, 25 insertions(+)

diff --git a/src/auth_gss.c b/src/auth_gss.c
index d871672..e317664 100644
--- a/src/auth_gss.c
+++ b/src/auth_gss.c
@@ -982,3 +982,9 @@ rpc_gss_max_data_length(AUTH *auth, int maxlen)
 	rpc_gss_clear_error();
 	return result;
 }
+
+bool_t
+is_authgss_client(CLIENT *clnt)
+{
+	return (clnt->cl_auth->ah_ops == &authgss_ops);
+}
diff --git a/src/clnt_dg.c b/src/clnt_dg.c
index abc09f1..e1255de 100644
--- a/src/clnt_dg.c
+++ b/src/clnt_dg.c
@@ -61,6 +61,9 @@
 #include <sys/uio.h>
 #endif
 
+#ifdef HAVE_RPCSEC_GSS
+#include <rpc/auth_gss.h>
+#endif
 
 #define MAX_DEFAULT_FDS                 20000
 
@@ -334,6 +337,11 @@ clnt_dg_call(cl, proc, xargs, argsp, xresults, resultsp, utimeout)
 		salen = cu->cu_rlen;
 	}
 
+#ifdef HAVE_RPCSEC_GSS
+	if (is_authgss_client(cl))
+		nrefreshes = 0;
+#endif
+
 	/* Clean up in case the last call ended in a longjmp(3) call. */
 call_again:
 	xdrs = &(cu->cu_outxdrs);
diff --git a/src/clnt_vc.c b/src/clnt_vc.c
index 6f7f7da..a07e297 100644
--- a/src/clnt_vc.c
+++ b/src/clnt_vc.c
@@ -69,6 +69,10 @@
 #include "rpc_com.h"
 #include "clnt_fd_locks.h"
 
+#ifdef HAVE_RPCSEC_GSS
+#include <rpc/auth_gss.h>
+#endif
+
 #define MCALL_MSG_SIZE 24
 
 #define CMGROUP_MAX    16
@@ -363,6 +367,11 @@ clnt_vc_call(cl, proc, xdr_args, args_ptr, xdr_results, results_ptr, timeout)
 	    (xdr_results == NULL && timeout.tv_sec == 0
 	    && timeout.tv_usec == 0) ? FALSE : TRUE;
 
+#ifdef HAVE_RPCSEC_GSS
+	if (is_authgss_client(cl))
+		refreshes = 0;
+#endif
+
 call_again:
 	xdrs->x_op = XDR_ENCODE;
 	ct->ct_error.re_status = RPC_SUCCESS;
diff --git a/tirpc/rpc/auth_gss.h b/tirpc/rpc/auth_gss.h
index 5316ed6..f2af6e9 100644
--- a/tirpc/rpc/auth_gss.h
+++ b/tirpc/rpc/auth_gss.h
@@ -120,6 +120,8 @@ void	gss_log_debug		(const char *fmt, ...);
 void	gss_log_status		(char *m, OM_uint32 major, OM_uint32 minor);
 void	gss_log_hexdump		(const u_char *buf, int len, int offset);
 
+bool_t	is_authgss_client	(CLIENT *);
+
 #ifdef __cplusplus
 }
 #endif
-- 
2.25.4







