• Andy Adamson's avatar
    SUNRPC handle EKEYEXPIRED in call_refreshresult · eb96d5c9
    Andy Adamson authored
    Currently, when an RPCSEC_GSS context has expired or is non-existent
    and the users (Kerberos) credentials have also expired or are non-existent,
    the client receives the -EKEYEXPIRED error and tries to refresh the context
    forever.  If an application is performing I/O, or other work against the share,
    the application hangs, and the user is not prompted to refresh/establish their
    credentials. This can result in a denial of service for other users.
    
    Users are expected to manage their Kerberos credential lifetimes to mitigate
    this issue.
    
    Move the -EKEYEXPIRED handling into the RPC layer. Try tk_cred_retry number
    of times to refresh the gss_context, and then return -EACCES to the application.
    Signed-off-by: default avatarAndy Adamson <andros@netapp.com>
    Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
    eb96d5c9
proc.c 19.7 KB