diff options
| author | Kevin Coffman <kwc@citi.umich.edu> | 2010-03-17 13:03:02 -0400 |
|---|---|---|
| committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2010-05-14 15:09:19 -0400 |
| commit | 8b23707612cffdba694dcd18aa8a018918aa86dc (patch) | |
| tree | 3dd484658768c0a710b252a674c697124380b223 /net/sunrpc/auth_gss/gss_krb5_seal.c | |
| parent | bf6d359c508cf83401c942262a9749752598394d (diff) | |
gssd_krb5: arcfour-hmac support
For arcfour-hmac support, the make_checksum function needs a usage
field to correctly calculate the checksum differently for MIC and
WRAP tokens.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'net/sunrpc/auth_gss/gss_krb5_seal.c')
| -rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_seal.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c index 477a546d19bb..e22fed3d9a1b 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seal.c +++ b/net/sunrpc/auth_gss/gss_krb5_seal.c | |||
| @@ -142,7 +142,8 @@ gss_get_mic_v1(struct krb5_ctx *ctx, struct xdr_buf *text, | |||
| 142 | else | 142 | else |
| 143 | cksumkey = NULL; | 143 | cksumkey = NULL; |
| 144 | 144 | ||
| 145 | if (make_checksum(ctx, ptr, 8, text, 0, cksumkey, &md5cksum)) | 145 | if (make_checksum(ctx, ptr, 8, text, 0, cksumkey, |
| 146 | KG_USAGE_SIGN, &md5cksum)) | ||
| 146 | return GSS_S_FAILURE; | 147 | return GSS_S_FAILURE; |
| 147 | 148 | ||
| 148 | memcpy(ptr + GSS_KRB5_TOK_HDR_LEN, md5cksum.data, md5cksum.len); | 149 | memcpy(ptr + GSS_KRB5_TOK_HDR_LEN, md5cksum.data, md5cksum.len); |
| @@ -170,6 +171,7 @@ gss_get_mic_v2(struct krb5_ctx *ctx, struct xdr_buf *text, | |||
| 170 | s32 now; | 171 | s32 now; |
| 171 | u64 seq_send; | 172 | u64 seq_send; |
| 172 | u8 *cksumkey; | 173 | u8 *cksumkey; |
| 174 | unsigned int cksum_usage; | ||
| 173 | 175 | ||
| 174 | dprintk("RPC: %s\n", __func__); | 176 | dprintk("RPC: %s\n", __func__); |
| 175 | 177 | ||
| @@ -182,13 +184,16 @@ gss_get_mic_v2(struct krb5_ctx *ctx, struct xdr_buf *text, | |||
| 182 | spin_unlock(&krb5_seq_lock); | 184 | spin_unlock(&krb5_seq_lock); |
| 183 | *((u64 *)(krb5_hdr + 8)) = cpu_to_be64(seq_send); | 185 | *((u64 *)(krb5_hdr + 8)) = cpu_to_be64(seq_send); |
| 184 | 186 | ||
| 185 | if (ctx->initiate) | 187 | if (ctx->initiate) { |
| 186 | cksumkey = ctx->initiator_sign; | 188 | cksumkey = ctx->initiator_sign; |
| 187 | else | 189 | cksum_usage = KG_USAGE_INITIATOR_SIGN; |
| 190 | } else { | ||
| 188 | cksumkey = ctx->acceptor_sign; | 191 | cksumkey = ctx->acceptor_sign; |
| 192 | cksum_usage = KG_USAGE_ACCEPTOR_SIGN; | ||
| 193 | } | ||
| 189 | 194 | ||
| 190 | if (make_checksum_v2(ctx, krb5_hdr, GSS_KRB5_TOK_HDR_LEN, | 195 | if (make_checksum_v2(ctx, krb5_hdr, GSS_KRB5_TOK_HDR_LEN, |
| 191 | text, 0, cksumkey, &cksumobj)) | 196 | text, 0, cksumkey, cksum_usage, &cksumobj)) |
| 192 | return GSS_S_FAILURE; | 197 | return GSS_S_FAILURE; |
| 193 | 198 | ||
| 194 | memcpy(krb5_hdr + GSS_KRB5_TOK_HDR_LEN, cksumobj.data, cksumobj.len); | 199 | memcpy(krb5_hdr + GSS_KRB5_TOK_HDR_LEN, cksumobj.data, cksumobj.len); |