SUNRPC: Fail quickly when server does not recognize TLS

rpcauth_checkverf() should return a distinct error code when a server recognizes the AUTH_TLS probe but does not support TLS so that the client's header decoder can respond appropriately and quickly. No retries are necessary is in this case, since the server has already affirmatively answered "TLS is unsupported". Suggested-by: Trond Myklebust <trondmy@hammerspace.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
author: Chuck Lever <chuck.lever@oracle.com> 2023-09-06 16:05:26 -0400
committer: Anna Schumaker <Anna.Schumaker@Netapp.com> 2023-09-27 15:16:40 -0400
commit: 5623ecfcbec165f040a23248d39680f0cc5c0854 (patch)
tree: d9f06f6152942a54996062b877f7c27079c09d89 /net/sunrpc/clnt.c
parent: 6465e260f48790807eef06b583b38ca9789b6072 (diff)
download: linux-5623ecfcbec165f040a23248d39680f0cc5c0854.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/net/sunrpc/clnt.c b/net/sunrpc/clnt.c
index 37b0b212b93475..ea12ed3c70ba4c 100644
--- a/net/sunrpc/clnt.c
+++ b/net/sunrpc/clnt.c
@@ -2725,7 +2725,15 @@ out_unparsable:
 
 out_verifier:
 	trace_rpc_bad_verifier(task);
-	goto out_garbage;
+	switch (error) {
+	case -EPROTONOSUPPORT:
+		goto out_err;
+	case -EACCES:
+		/* Re-encode with a fresh cred */
+		fallthrough;
+	default:
+		goto out_garbage;
+	}
 
 out_msg_denied:
 	error = -EACCES;
author	Chuck Lever <chuck.lever@oracle.com>	2023-09-06 16:05:26 -0400
committer	Anna Schumaker <Anna.Schumaker@Netapp.com>	2023-09-27 15:16:40 -0400
commit	5623ecfcbec165f040a23248d39680f0cc5c0854 (patch)
tree	d9f06f6152942a54996062b877f7c27079c09d89 /net/sunrpc/clnt.c
parent	6465e260f48790807eef06b583b38ca9789b6072 (diff)
download	linux-5623ecfcbec165f040a23248d39680f0cc5c0854.tar.gz