> On Sep 5, 2023, at 9:03 PM, trondmy@xxxxxxxxxx wrote: > > From: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx> > > This reverts commit 0701214cd6e66585a999b132eb72ae0489beb724. > > The premise of this commit was incorrect. There are exactly 2 cases > where rpcauth_checkverf() will return an error: > > 1) If there was an XDR decode problem (i.e. garbage data). > 2) If gss_validate() had a problem verifying the RPCSEC_GSS MIC. There's also the AUTH_TLS probe: https://www.rfc-editor.org/rfc/rfc9289.html#section-4.1-7 That was the purpose of 0701214cd6e6. Reverting this commit is likely to cause problems when our TLS-capable client interacts with a server that knows nothing of AUTH_TLS. > In the second case, there are again 2 subcases: > > a) The GSS context expires, in which case gss_validate() will force a > new context negotiation on retry by invalidating the cred. > b) The sequence number check failed because an RPC call timed out, and > the client retransmitted the request using a new sequence number, > as required by RFC2203. > > In neither subcase is this a fatal error. > > Reported-by: Russell Cattelan <cattelan@xxxxxxxxxxx> > Fixes: 0701214cd6e6 ("SUNRPC: Fail faster on bad verifier") > Cc: stable@xxxxxxxxxxxxxxx > Signed-off-by: Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx> > --- > net/sunrpc/clnt.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c > index 12c46e129db8..5a7de7e55548 100644 > --- a/net/sunrpc/clnt.c > +++ b/net/sunrpc/clnt.c > @@ -2724,7 +2724,7 @@ rpc_decode_header(struct rpc_task *task, struct xdr_stream *xdr) > > out_verifier: > trace_rpc_bad_verifier(task); > - goto out_err; > + goto out_garbage; > > out_msg_denied: > error = -EACCES; > -- > 2.41.0 > -- Chuck Lever
