nfsd4: setclientid_confirm with unmatched verifier should fail
authorJ. Bruce Fields <bfields@redhat.com>
Wed, 21 Sep 2016 00:55:36 +0000 (20:55 -0400)
committerJ. Bruce Fields <bfields@redhat.com>
Mon, 26 Sep 2016 19:20:38 +0000 (15:20 -0400)
A setclientid_confirm with (clientid, verifier) both matching an
existing confirmed record is assumed to be a replay, but if the verifier
doesn't match, it shouldn't be.

This would be a very rare case, except that clients following
https://tools.ietf.org/html/rfc7931#section-5.8 may depend on the
failure.

Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
fs/nfsd/nfs4state.c

index 4062f4fbfc6dee0dc38cf80427c9bd3f63b72758..a0e5128ec53974662bb96f47cce4898ed8b60107 100644 (file)
@@ -3304,9 +3304,10 @@ nfsd4_setclientid_confirm(struct svc_rqst *rqstp,
                goto out;
        /* cases below refer to rfc 3530 section 14.2.34: */
        if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {
-               if (conf && !unconf) /* case 2: probable retransmit */
+               if (conf && same_verf(&confirm, &conf->cl_confirm)) {
+                       /* case 2: probable retransmit */
                        status = nfs_ok;
-               else /* case 4: client hasn't noticed we rebooted yet? */
+               else /* case 4: client hasn't noticed we rebooted yet? */
                        status = nfserr_stale_clientid;
                goto out;
        }