mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-11 09:50:12 +00:00
Code Issues Releases Activity

Add a comment describing why r241097 was done.

Browse Source 
Suggested by:	rwatson
MFC after:	1 week
This commit is contained in:
Rick Macklem 2012-10-15 13:38:25 +00:00
parent 429233171b
commit 798a34fe09
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=241582
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
View File

@ -1024,6 +1024,17 @@ svc_rpc_gss_validate(struct svc_rpc_gss_client *client, struct rpc_msg *msg,
if (maj_stat != GSS_S_COMPLETE) { if (maj_stat != GSS_S_COMPLETE) {
rpc_gss_log_status("gss_verify_mic", client->cl_mech, rpc_gss_log_status("gss_verify_mic", client->cl_mech,
maj_stat, min_stat); maj_stat, min_stat);
/*
* Attila Bogar and Herbert Poeckl reported similar problems
* w.r.t. a Linux NFS client doing a krb5 NFS mount against the
* FreeBSD server. We determined this was a Linux bug:
* http://www.spinics.net/lists/linux-nfs/msg32466.html, where
* the mount failed to work because a Destroy operation with a
* bogus encrypted checksum destroyed the authenticator handle.
* Since the checksum is bogus (gss_verify_mic() failed), it
* doesn't make sense to destroy the handle and not doing so
* fixes the Linux mount.
*/
if (gcproc != RPCSEC_GSS_DESTROY) if (gcproc != RPCSEC_GSS_DESTROY)
client->cl_state = CLIENT_STALE; client->cl_state = CLIENT_STALE;
return (FALSE); return (FALSE);