Bug #8106
Updated by Marcel Telka about 5 years ago
This bug addresses two tightly related problems in the @authloopback_marshal()@ function: *1. The @authloopback_marshal()@ function can violate the RPC specification* In a case a user is in a large number of groups, let say 80, and the machine nodename is long enough, let say 100 characters long, the @authloopback_marshal()@ could create too long authentication body that won't fit to the opaque_auth structure. The size of the auth body is limited to 400 bytes by RFC 5531, but in the example above we will create (and successfully encode and send to the other party) 5 * 4 + 100 + 80 * 4 = 440 bytes of the auth body. This will happen only in a case the @XDR_INLINE()@ call in the @authloopback_marshal()@ function succeeds. *2. The @authloopback_marshal()@ function will fail for large number of groups* When a user is in more groups than @NGRPS_LOOPBACK@ the @authloopback_marshal()@ function will fail immediately here: <pre> 138 gidlen = crgetngroups(cr); 139 if (gidlen > NGRPS_LOOPBACK) 140 return (FALSE); </pre> The @authloopback_marshal()@ should try to encode as much as possible groups, up to the auth body limit, similarly as @authkern_marshal()@ does here: <pre> 135 gidlen = crgetngroups(cr); 136 if (gidlen > NGRPS) 137 gidlen = NGRPS; </pre>