diff options
Diffstat (limited to 'net/rxrpc/rxkad.c')
-rw-r--r-- | net/rxrpc/rxkad.c | 61 |
1 files changed, 25 insertions, 36 deletions
diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index f0aeb8163688..6b726a046a7d 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c | |||
@@ -20,7 +20,6 @@ | |||
20 | #include <net/sock.h> | 20 | #include <net/sock.h> |
21 | #include <net/af_rxrpc.h> | 21 | #include <net/af_rxrpc.h> |
22 | #include <keys/rxrpc-type.h> | 22 | #include <keys/rxrpc-type.h> |
23 | #define rxrpc_debug rxkad_debug | ||
24 | #include "ar-internal.h" | 23 | #include "ar-internal.h" |
25 | 24 | ||
26 | #define RXKAD_VERSION 2 | 25 | #define RXKAD_VERSION 2 |
@@ -31,10 +30,6 @@ | |||
31 | #define REALM_SZ 40 /* size of principal's auth domain */ | 30 | #define REALM_SZ 40 /* size of principal's auth domain */ |
32 | #define SNAME_SZ 40 /* size of service name */ | 31 | #define SNAME_SZ 40 /* size of service name */ |
33 | 32 | ||
34 | unsigned int rxrpc_debug; | ||
35 | module_param_named(debug, rxrpc_debug, uint, S_IWUSR | S_IRUGO); | ||
36 | MODULE_PARM_DESC(debug, "rxkad debugging mask"); | ||
37 | |||
38 | struct rxkad_level1_hdr { | 33 | struct rxkad_level1_hdr { |
39 | __be32 data_size; /* true data size (excluding padding) */ | 34 | __be32 data_size; /* true data size (excluding padding) */ |
40 | }; | 35 | }; |
@@ -44,10 +39,6 @@ struct rxkad_level2_hdr { | |||
44 | __be32 checksum; /* decrypted data checksum */ | 39 | __be32 checksum; /* decrypted data checksum */ |
45 | }; | 40 | }; |
46 | 41 | ||
47 | MODULE_DESCRIPTION("RxRPC network protocol type-2 security (Kerberos 4)"); | ||
48 | MODULE_AUTHOR("Red Hat, Inc."); | ||
49 | MODULE_LICENSE("GPL"); | ||
50 | |||
51 | /* | 42 | /* |
52 | * this holds a pinned cipher so that keventd doesn't get called by the cipher | 43 | * this holds a pinned cipher so that keventd doesn't get called by the cipher |
53 | * alloc routine, but since we have it to hand, we use it to decrypt RESPONSE | 44 | * alloc routine, but since we have it to hand, we use it to decrypt RESPONSE |
@@ -1164,12 +1155,35 @@ static void rxkad_clear(struct rxrpc_connection *conn) | |||
1164 | } | 1155 | } |
1165 | 1156 | ||
1166 | /* | 1157 | /* |
1158 | * Initialise the rxkad security service. | ||
1159 | */ | ||
1160 | static int rxkad_init(void) | ||
1161 | { | ||
1162 | /* pin the cipher we need so that the crypto layer doesn't invoke | ||
1163 | * keventd to go get it */ | ||
1164 | rxkad_ci = crypto_alloc_skcipher("pcbc(fcrypt)", 0, CRYPTO_ALG_ASYNC); | ||
1165 | if (IS_ERR(rxkad_ci)) | ||
1166 | return PTR_ERR(rxkad_ci); | ||
1167 | return 0; | ||
1168 | } | ||
1169 | |||
1170 | /* | ||
1171 | * Clean up the rxkad security service. | ||
1172 | */ | ||
1173 | static void rxkad_exit(void) | ||
1174 | { | ||
1175 | if (rxkad_ci) | ||
1176 | crypto_free_skcipher(rxkad_ci); | ||
1177 | } | ||
1178 | |||
1179 | /* | ||
1167 | * RxRPC Kerberos-based security | 1180 | * RxRPC Kerberos-based security |
1168 | */ | 1181 | */ |
1169 | static struct rxrpc_security rxkad = { | 1182 | const struct rxrpc_security rxkad = { |
1170 | .owner = THIS_MODULE, | ||
1171 | .name = "rxkad", | 1183 | .name = "rxkad", |
1172 | .security_index = RXRPC_SECURITY_RXKAD, | 1184 | .security_index = RXRPC_SECURITY_RXKAD, |
1185 | .init = rxkad_init, | ||
1186 | .exit = rxkad_exit, | ||
1173 | .init_connection_security = rxkad_init_connection_security, | 1187 | .init_connection_security = rxkad_init_connection_security, |
1174 | .prime_packet_security = rxkad_prime_packet_security, | 1188 | .prime_packet_security = rxkad_prime_packet_security, |
1175 | .secure_packet = rxkad_secure_packet, | 1189 | .secure_packet = rxkad_secure_packet, |
@@ -1179,28 +1193,3 @@ static struct rxrpc_security rxkad = { | |||
1179 | .verify_response = rxkad_verify_response, | 1193 | .verify_response = rxkad_verify_response, |
1180 | .clear = rxkad_clear, | 1194 | .clear = rxkad_clear, |
1181 | }; | 1195 | }; |
1182 | |||
1183 | static __init int rxkad_init(void) | ||
1184 | { | ||
1185 | _enter(""); | ||
1186 | |||
1187 | /* pin the cipher we need so that the crypto layer doesn't invoke | ||
1188 | * keventd to go get it */ | ||
1189 | rxkad_ci = crypto_alloc_skcipher("pcbc(fcrypt)", 0, CRYPTO_ALG_ASYNC); | ||
1190 | if (IS_ERR(rxkad_ci)) | ||
1191 | return PTR_ERR(rxkad_ci); | ||
1192 | |||
1193 | return rxrpc_register_security(&rxkad); | ||
1194 | } | ||
1195 | |||
1196 | module_init(rxkad_init); | ||
1197 | |||
1198 | static __exit void rxkad_exit(void) | ||
1199 | { | ||
1200 | _enter(""); | ||
1201 | |||
1202 | rxrpc_unregister_security(&rxkad); | ||
1203 | crypto_free_skcipher(rxkad_ci); | ||
1204 | } | ||
1205 | |||
1206 | module_exit(rxkad_exit); | ||