RPCSEC_GSS_SVC_PRIVACY failure.

Brought to you by: acharbon, astrand, steved12345

#17 RPCSEC_GSS_SVC_PRIVACY failure.

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2012-11-20

Created: 2011-03-02

Creator: Anonymous

Private: No

In authgss_prot.c:xdr_rpc_gss_wrap_data(), gss_wrap() is called in the svc == RPCSEC_GSS_SVC_PRIVACY conditional block with databuf.length uninitialized.

Initialization performed in the svc == RPCSEC_GSS_SVC_INTEGRITY conditional block should be moved.

Discussion

Nobody/Anonymous - 2011-03-02

Fix.

authgss_prot.c.patch

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

steved - 2011-03-02

At the top of each routine there is a 'memset(&databuf, 0, sizeof(databuf));' call...
So databuf.length is being initialized to zero

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Matthew N. Dodd - 2011-03-02

And passing databuf with length set to zero to gss_wrap() will do what, exactly?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Matthew N. Dodd - 2011-06-06

Could the bug tracker admin change the submitter to me so I can update this bug with a patch?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

RPCSEC_GSS_SVC_PRIVACY failure.

Group

Searches

Help

#17 RPCSEC_GSS_SVC_PRIVACY failure.

Discussion