Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Rewrite GSS sequence state tracking code
Replace util_ordering.c with a new file util_seqstate.c, implemented
using a bitmap of previously received sequence numbers instead of a
20-element circular queue.  This approach has slightly different
limitations--it can check for replays for values within 64 of the
expected next number, where the old code could check within the range
of the last 20 received numbers regardless of how far apart they are.
The new approach should work as well or better for any realistic
packet reordering scenario.

ticket: 7879 (new)
  • Loading branch information
greghudson committed Mar 18, 2014
1 parent 23a3780 commit cb3db58
Show file tree
Hide file tree
Showing 7 changed files with 190 additions and 277 deletions.
10 changes: 5 additions & 5 deletions src/lib/gssapi/generic/Makefile.in
Expand Up @@ -66,8 +66,8 @@ SRCS = \
$(srcdir)/util_buffer.c \
$(srcdir)/util_buffer_set.c \
$(srcdir)/util_errmap.c \
$(srcdir)/util_ordering.c \
$(srcdir)/util_set.c \
$(srcdir)/util_seqstate.c \
$(srcdir)/util_token.c \
gssapi_err_generic.c

Expand All @@ -83,8 +83,8 @@ OBJS = \
$(OUTPRE)util_buffer.$(OBJEXT) \
$(OUTPRE)util_buffer_set.$(OBJEXT) \
$(OUTPRE)util_errmap.$(OBJEXT) \
$(OUTPRE)util_ordering.$(OBJEXT) \
$(OUTPRE)util_set.$(OBJEXT) \
$(OUTPRE)util_seqstate.$(OBJEXT) \
$(OUTPRE)util_token.$(OBJEXT) \
$(OUTPRE)gssapi_err_generic.$(OBJEXT)

Expand All @@ -98,8 +98,8 @@ STLIBOBJS = \
util_buffer.o \
util_buffer_set.o \
util_errmap.o \
util_ordering.o \
util_set.o \
util_seqstate.o \
util_token.o \
gssapi_err_generic.o

Expand Down Expand Up @@ -146,8 +146,8 @@ clean-windows::
$(RM) $(HDRS) maptest.h
-if exist $(EHDRDIR)\nul rmdir $(EHDRDIR)

t_seqstate: t_seqstate.o util_ordering.o
$(CC_LINK) $(ALL_CFLAGS) -o $@ t_seqstate.o util_ordering.o
t_seqstate: t_seqstate.o util_seqstate.o
$(CC_LINK) $(ALL_CFLAGS) -o $@ t_seqstate.o util_seqstate.o

check-unix:: t_seqstate
$(RUN_SETUP) $(VALGRIND) ./t_seqstate
Expand Down
8 changes: 4 additions & 4 deletions src/lib/gssapi/generic/deps
Expand Up @@ -64,20 +64,20 @@ util_errmap.so util_errmap.po $(OUTPRE)util_errmap.$(OBJEXT): \
$(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/krb5.h \
errmap.h gssapiP_generic.h gssapi_err_generic.h gssapi_ext.h \
gssapi_generic.h util_errmap.c
util_ordering.so util_ordering.po $(OUTPRE)util_ordering.$(OBJEXT): \
util_set.so util_set.po $(OUTPRE)util_set.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_alloc.h $(COM_ERR_DEPS) \
$(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \
$(top_srcdir)/include/k5-thread.h gssapiP_generic.h \
gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \
util_ordering.c
util_set.so util_set.po $(OUTPRE)util_set.$(OBJEXT): \
util_set.c
util_seqstate.so util_seqstate.po $(OUTPRE)util_seqstate.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_alloc.h $(COM_ERR_DEPS) \
$(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-platform.h \
$(top_srcdir)/include/k5-thread.h gssapiP_generic.h \
gssapi_err_generic.h gssapi_ext.h gssapi_generic.h \
util_set.c
util_seqstate.c
util_token.so util_token.po $(OUTPRE)util_token.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_alloc.h $(COM_ERR_DEPS) \
Expand Down
15 changes: 12 additions & 3 deletions src/lib/gssapi/generic/t_seqstate.c
Expand Up @@ -115,11 +115,10 @@ struct test {
3, { { UINT32_MAX - 1, NOERR }, { UINT32_MAX, NOERR }, { 0, GAP } }
},

/* Replay without the replay flag set. Current code reports a replay
* anyway. */
/* Replay without the replay flag set. */
{
250, NO_REPLAY, DO_SEQUENCE, BOTH,
2, { { 250, NOERR }, { 250, REPLAY } }
2, { { 250, NOERR }, { 250, UNSEQ } }
},

/* Basic replay detection with and without sequence checking. */
Expand Down Expand Up @@ -152,6 +151,16 @@ struct test {
{ 2, GAP }, { 0, REPLAY }, { 1, UNSEQ },
{ UINT32_MAX - 2, REPLAY }, { UINT32_MAX - 6, GAP } }
},

/* Old token edge cases. The current code can detect replays up to 64
* numbers behind the expected sequence number (1164 in this case). */
{
1000, DO_REPLAY, NO_SEQUENCE, BOTH,
10, { { 1163, NOERR }, { 1100, NOERR }, { 1100, REPLAY },
{ 1163, REPLAY }, { 1099, OLD }, { 1100, REPLAY },
{ 1150, NOERR }, { 1150, REPLAY }, { 1000, OLD },
{ 999, NOERR } }
},
};

int
Expand Down
259 changes: 0 additions & 259 deletions src/lib/gssapi/generic/util_ordering.c

This file was deleted.

0 comments on commit cb3db58

Please sign in to comment.