diff options
author | J. Bruce Fields <bfields@fieldses.org> | 2006-12-04 20:22:40 -0500 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2006-12-06 10:46:47 -0500 |
commit | d922a84a8bf1d627810906d033223d4fa629fdbf (patch) | |
tree | 8150e29f36f3e14df0c1fea1caa1936f7cfa0e3a /include/linux/sunrpc | |
parent | 39a21dd1b0eec3f5eac84ee42bda5ab4915098ae (diff) |
rpcgss: krb5: sanity check sealalg value in the downcall
The sealalg is checked in several places, giving the impression it could be
either SEAL_ALG_NONE or SEAL_ALG_DES. But in fact SEAL_ALG_NONE seems to
be sufficient only for making mic's, and all the contexts we get must be
capable of wrapping as well. So the sealalg must be SEAL_ALG_DES. As
with signalg, just check for the right value on the downcall and ignore it
otherwise. Similarly, tighten expectations for the sealalg on incoming
tokens, in case we do support other values eventually.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'include/linux/sunrpc')
-rw-r--r-- | include/linux/sunrpc/gss_krb5.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h index abfa1f32d914..01c5e4314632 100644 --- a/include/linux/sunrpc/gss_krb5.h +++ b/include/linux/sunrpc/gss_krb5.h | |||
@@ -44,7 +44,6 @@ struct krb5_ctx { | |||
44 | int initiate; /* 1 = initiating, 0 = accepting */ | 44 | int initiate; /* 1 = initiating, 0 = accepting */ |
45 | int seed_init; | 45 | int seed_init; |
46 | unsigned char seed[16]; | 46 | unsigned char seed[16]; |
47 | int sealalg; | ||
48 | struct crypto_blkcipher *enc; | 47 | struct crypto_blkcipher *enc; |
49 | struct crypto_blkcipher *seq; | 48 | struct crypto_blkcipher *seq; |
50 | s32 endtime; | 49 | s32 endtime; |