Malahal, I'm told you know this GSS code best, or at least test it. And Marcus might have written it.
In svc_auth_gss.c, svcauth_gss_accept_sec_context(), it calls svc_getargs() -- same as standard tirpc. On the UDP side, that calls SVCAUTH_UNWRAP() and possibly svc_dg_freeargs() on failure. No checksum is done here, it is in svc_dg_recv() over the raw data. On the TCP side, that calls SVCAUTH_UNWRAP() and possibly svc_dg_freeargs() on failure. But on success, it does the checksum over the authenticated/decrypted data. Also, for UDP I'm changing to match the TCP code, so that we don't have the checksum expense for non-cached error returns. This means that for GSS, the checksum is done twice? Standard tirpc has no checksum. (RDMA doesn't do the checksum at all.) Would it be OK to remove the GSS call to svc_getargs() and call SVCAUTH_UNWRAP() directly? ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Nfs-ganesha-devel mailing list Nfs-ganesha-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel
