|
|
e8e939e |
From 5cdbcf4aa78b57c4f10892f20725174829cca191 Mon Sep 17 00:00:00 2001
|
|
|
e8e939e |
From: Eric Biggers <ebiggers@google.com>
|
|
|
e8e939e |
Date: Wed, 28 Mar 2018 10:57:22 -0700
|
|
|
e8e939e |
Subject: [PATCH] sunrpc: remove incorrect HMAC request initialization
|
|
|
e8e939e |
|
|
|
e8e939e |
make_checksum_hmac_md5() is allocating an HMAC transform and doing
|
|
|
e8e939e |
crypto API calls in the following order:
|
|
|
e8e939e |
|
|
|
e8e939e |
crypto_ahash_init()
|
|
|
e8e939e |
crypto_ahash_setkey()
|
|
|
e8e939e |
crypto_ahash_digest()
|
|
|
e8e939e |
|
|
|
e8e939e |
This is wrong because it makes no sense to init() the request before a
|
|
|
e8e939e |
key has been set, given that the initial state depends on the key. And
|
|
|
e8e939e |
digest() is short for init() + update() + final(), so in this case
|
|
|
e8e939e |
there's no need to explicitly call init() at all.
|
|
|
e8e939e |
|
|
|
e8e939e |
Before commit 9fa68f620041 ("crypto: hash - prevent using keyed hashes
|
|
|
e8e939e |
without setting key") the extra init() had no real effect, at least for
|
|
|
e8e939e |
the software HMAC implementation. (There are also hardware drivers that
|
|
|
e8e939e |
implement HMAC-MD5, and it's not immediately obvious how gracefully they
|
|
|
e8e939e |
handle init() before setkey().) But now the crypto API detects this
|
|
|
e8e939e |
incorrect initialization and returns -ENOKEY. This is breaking NFS
|
|
|
e8e939e |
mounts in some cases.
|
|
|
e8e939e |
|
|
|
e8e939e |
Fix it by removing the incorrect call to crypto_ahash_init().
|
|
|
e8e939e |
|
|
|
e8e939e |
Reported-by: Michael Young <m.a.young@durham.ac.uk>
|
|
|
e8e939e |
Fixes: 9fa68f620041 ("crypto: hash - prevent using keyed hashes without setting key")
|
|
|
e8e939e |
Fixes: fffdaef2eb4a ("gss_krb5: Add support for rc4-hmac encryption")
|
|
|
e8e939e |
Cc: stable@vger.kernel.org
|
|
|
e8e939e |
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
|
|
e8e939e |
Signed-off-by: Jeremy Cline <jeremy@jcline.org>
|
|
|
e8e939e |
---
|
|
|
e8e939e |
net/sunrpc/auth_gss/gss_krb5_crypto.c | 3 ---
|
|
|
e8e939e |
1 file changed, 3 deletions(-)
|
|
|
e8e939e |
|
|
|
e8e939e |
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
|
|
|
e8e939e |
index 12649c9fedab..8654494b4d0a 100644
|
|
|
e8e939e |
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
|
|
|
e8e939e |
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
|
|
|
e8e939e |
@@ -237,9 +237,6 @@ make_checksum_hmac_md5(struct krb5_ctx *kctx, char *header, int hdrlen,
|
|
|
e8e939e |
|
|
|
e8e939e |
ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL);
|
|
|
e8e939e |
|
|
|
e8e939e |
- err = crypto_ahash_init(req);
|
|
|
e8e939e |
- if (err)
|
|
|
e8e939e |
- goto out;
|
|
|
e8e939e |
err = crypto_ahash_setkey(hmac_md5, cksumkey, kctx->gk5e->keylength);
|
|
|
e8e939e |
if (err)
|
|
|
e8e939e |
goto out;
|
|
|
e8e939e |
--
|
|
|
e8e939e |
2.16.2
|
|
|
e8e939e |
|