Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7d22fc11 authored by J. Bruce Fields's avatar J. Bruce Fields
Browse files

nfsd4: setclientid_confirm with unmatched verifier should fail 

A setclientid_confirm with (clientid, verifier) both matching an
existing confirmed record is assumed to be a replay, but if the verifier
doesn't match, it shouldn't be.

This would be a very rare case, except that clients following
https://tools.ietf.org/html/rfc7931#section-5.8

 may depend on the
failure.

Reviewed-by: default avatarJeff Layton <jlayton@redhat.com>
Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
parent ebd7c72c

fs/nfsd/nfs4state.c

+3 −2
Original line number Diff line number Diff line
@@ -3304,9 +3304,10 @@ nfsd4_setclientid_confirm(struct svc_rqst *rqstp, 
		goto out;

	/* cases below refer to rfc 3530 section 14.2.34: */

	if (!unconf || !same_verf(&confirm, &unconf->cl_confirm)) {

		if (conf && !unconf) /* case 2: probable retransmit */

		if (conf && same_verf(&confirm, &conf->cl_confirm)) {

			/* case 2: probable retransmit */

			status = nfs_ok;

		else /* case 4: client hasn't noticed we rebooted yet? */

		} else /* case 4: client hasn't noticed we rebooted yet? */

			status = nfserr_stale_clientid;

		goto out;

	}