svcrpc: fix potential GSSX_ACCEPT_SEC_CONTEXT decoding failures
authorScott Mayhew <smayhew@redhat.com>
Tue, 28 Apr 2015 20:29:53 +0000 (16:29 -0400)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 6 Jun 2015 06:19:59 +0000 (23:19 -0700)
commitc709ca10c52b9bf7f0e4cb2e0d689f37eee991d0
tree33208dac2c794daa20f0f6342ed7bacfece41c47
parent68507f74d96c86b778deb3b11c0f924e85b6b986
svcrpc: fix potential GSSX_ACCEPT_SEC_CONTEXT decoding failures

commit 9507271d960a1911a51683888837d75c171cd91f upstream.

In an environment where the KDC is running Active Directory, the
exported composite name field returned in the context could be large
enough to span a page boundary.  Attaching a scratch buffer to the
decoding xdr_stream helps deal with those cases.

The case where we saw this was actually due to behavior that's been
fixed in newer gss-proxy versions, but we're fixing it here too.

Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/sunrpc/auth_gss/gss_rpc_xdr.c