diff options
author | Scott Mayhew <smayhew@redhat.com> | 2021-03-15 16:46:12 -0400 |
---|---|---|
committer | Steve Dickson <steved@redhat.com> | 2021-03-15 17:01:02 -0400 |
commit | 9359a704e50df111d4646c2233076dd56d545489 (patch) | |
tree | 06bcbfd25a13c5e51204e882a5f7fdbb84fb8940 /src | |
parent | 70be47354154ea32e12af6dd9252fdc5c5e27815 (diff) | |
download | ti-rpc-9359a704e50df111d4646c2233076dd56d545489.tar.gz |
libtirpc: disallow calling auth_refresh from clnt_call with RPCSEC_GSSlibtirpc-1-3-2-rc1
Disallow calling auth_refresh from clnt_{dg,vc}_call if the client is
using RPCSEC_GSS. Doing so can recurse back into clnt_{dg,vc}_call,
where we'll self-deadlock waiting on the condition variable.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/auth_gss.c | 6 | ||||
-rw-r--r-- | src/clnt_dg.c | 8 | ||||
-rw-r--r-- | src/clnt_vc.c | 9 |
3 files changed, 23 insertions, 0 deletions
diff --git a/src/auth_gss.c b/src/auth_gss.c index d871672..e317664 100644 --- a/src/auth_gss.c +++ b/src/auth_gss.c @@ -982,3 +982,9 @@ rpc_gss_max_data_length(AUTH *auth, int maxlen) rpc_gss_clear_error(); return result; } + +bool_t +is_authgss_client(CLIENT *clnt) +{ + return (clnt->cl_auth->ah_ops == &authgss_ops); +} diff --git a/src/clnt_dg.c b/src/clnt_dg.c index abc09f1..e1255de 100644 --- a/src/clnt_dg.c +++ b/src/clnt_dg.c @@ -61,6 +61,9 @@ #include <sys/uio.h> #endif +#ifdef HAVE_RPCSEC_GSS +#include <rpc/auth_gss.h> +#endif #define MAX_DEFAULT_FDS 20000 @@ -334,6 +337,11 @@ clnt_dg_call(cl, proc, xargs, argsp, xresults, resultsp, utimeout) salen = cu->cu_rlen; } +#ifdef HAVE_RPCSEC_GSS + if (is_authgss_client(cl)) + nrefreshes = 0; +#endif + /* Clean up in case the last call ended in a longjmp(3) call. */ call_again: xdrs = &(cu->cu_outxdrs); diff --git a/src/clnt_vc.c b/src/clnt_vc.c index 6f7f7da..a07e297 100644 --- a/src/clnt_vc.c +++ b/src/clnt_vc.c @@ -69,6 +69,10 @@ #include "rpc_com.h" #include "clnt_fd_locks.h" +#ifdef HAVE_RPCSEC_GSS +#include <rpc/auth_gss.h> +#endif + #define MCALL_MSG_SIZE 24 #define CMGROUP_MAX 16 @@ -363,6 +367,11 @@ clnt_vc_call(cl, proc, xdr_args, args_ptr, xdr_results, results_ptr, timeout) (xdr_results == NULL && timeout.tv_sec == 0 && timeout.tv_usec == 0) ? FALSE : TRUE; +#ifdef HAVE_RPCSEC_GSS + if (is_authgss_client(cl)) + refreshes = 0; +#endif + call_again: xdrs->x_op = XDR_ENCODE; ct->ct_error.re_status = RPC_SUCCESS; |