diff options
author | David Howells <dhowells@redhat.com> | 2009-09-13 21:17:35 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2009-09-15 05:44:23 -0400 |
commit | 339412841d7620f93fea805fbd7469f08186f458 (patch) | |
tree | e2d385d76e3b9361671411442c5253417f95d5a6 /net/rxrpc/ar-security.c | |
parent | 8b815477f382f96deefbe5bd4404fa7b31cf5dcf (diff) |
RxRPC: Allow key payloads to be passed in XDR form
Allow add_key() and KEYCTL_INSTANTIATE to accept key payloads in XDR form as
described by openafs-1.4.10/src/auth/afs_token.xg. This provides a way of
passing kaserver, Kerberos 4, Kerberos 5 and GSSAPI keys from userspace, and
allows for future expansion.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/rxrpc/ar-security.c')
-rw-r--r-- | net/rxrpc/ar-security.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/net/rxrpc/ar-security.c b/net/rxrpc/ar-security.c index dc62920ee19a..49b3cc31ee1f 100644 --- a/net/rxrpc/ar-security.c +++ b/net/rxrpc/ar-security.c | |||
@@ -16,6 +16,7 @@ | |||
16 | #include <linux/crypto.h> | 16 | #include <linux/crypto.h> |
17 | #include <net/sock.h> | 17 | #include <net/sock.h> |
18 | #include <net/af_rxrpc.h> | 18 | #include <net/af_rxrpc.h> |
19 | #include <keys/rxrpc-type.h> | ||
19 | #include "ar-internal.h" | 20 | #include "ar-internal.h" |
20 | 21 | ||
21 | static LIST_HEAD(rxrpc_security_methods); | 22 | static LIST_HEAD(rxrpc_security_methods); |
@@ -122,6 +123,7 @@ EXPORT_SYMBOL_GPL(rxrpc_unregister_security); | |||
122 | */ | 123 | */ |
123 | int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) | 124 | int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) |
124 | { | 125 | { |
126 | struct rxrpc_key_token *token; | ||
125 | struct rxrpc_security *sec; | 127 | struct rxrpc_security *sec; |
126 | struct key *key = conn->key; | 128 | struct key *key = conn->key; |
127 | int ret; | 129 | int ret; |
@@ -135,7 +137,11 @@ int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) | |||
135 | if (ret < 0) | 137 | if (ret < 0) |
136 | return ret; | 138 | return ret; |
137 | 139 | ||
138 | sec = rxrpc_security_lookup(key->type_data.x[0]); | 140 | if (!key->payload.data) |
141 | return -EKEYREJECTED; | ||
142 | token = key->payload.data; | ||
143 | |||
144 | sec = rxrpc_security_lookup(token->security_index); | ||
139 | if (!sec) | 145 | if (!sec) |
140 | return -EKEYREJECTED; | 146 | return -EKEYREJECTED; |
141 | conn->security = sec; | 147 | conn->security = sec; |