Linux-2.6.12-rc2v2.6.12-rc2

Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!
author: Linus Torvalds <torvalds@ppc970.osdl.org> 2005-04-16 18:20:36 -0400
committer: Linus Torvalds <torvalds@ppc970.osdl.org> 2005-04-16 18:20:36 -0400
commit: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (patch)
tree: 0bba044c4ce775e45a88a51686b5d9f90697ea9d /net/sunrpc/auth_gss/gss_mech_switch.c
1 files changed, 301 insertions, 0 deletions
diff --git a/net/sunrpc/auth_gss/gss_mech_switch.c b/net/sunrpc/auth_gss/gss_mech_switch.c
new file mode 100644
index 000000000000..9dfb68377d69
--- /dev/null
+++ b/net/sunrpc/auth_gss/gss_mech_switch.c
@@ -0,0 +1,301 @@
+/*
+ *  linux/net/sunrpc/gss_mech_switch.c
+ *
+ *  Copyright (c) 2001 The Regents of the University of Michigan.
+ *  All rights reserved.
+ *
+ *  J. Bruce Fields   <bfields@umich.edu>
+ *
+ *  Redistribution and use in source and binary forms, with or without 
+ *  modification, are permitted provided that the following conditions
+ *  are met:
+ *
+ *  1. Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *  2. Redistributions in binary form must reproduce the above copyright
+ *     notice, this list of conditions and the following disclaimer in the 
+ *     documentation and/or other materials provided with the distribution.
+ *  3. Neither the name of the University nor the names of its
+ *     contributors may be used to endorse or promote products derived
+ *     from this software without specific prior written permission.
+ *
+ *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+#include <linux/types.h>
+#include <linux/slab.h>
+#include <linux/socket.h>
+#include <linux/module.h>
+#include <linux/sunrpc/msg_prot.h>
+#include <linux/sunrpc/gss_asn1.h>
+#include <linux/sunrpc/auth_gss.h>
+#include <linux/sunrpc/svcauth_gss.h>
+#include <linux/sunrpc/gss_err.h>
+#include <linux/sunrpc/sched.h>
+#include <linux/sunrpc/gss_api.h>
+#include <linux/sunrpc/clnt.h>
+#ifdef RPC_DEBUG
+# define RPCDBG_FACILITY        RPCDBG_AUTH
+#endif
+static LIST_HEAD(registered_mechs);
+static DEFINE_SPINLOCK(registered_mechs_lock);
+static void
+gss_mech_free(struct gss_api_mech *gm)
+{
+        struct pf_desc *pf;
+        int i;
+        for (i = 0; i < gm->gm_pf_num; i++) {
+                pf = &gm->gm_pfs[i];
+                if (pf->auth_domain_name)
+                        kfree(pf->auth_domain_name);
+                pf->auth_domain_name = NULL;
+        }
+}
+static inline char *
+make_auth_domain_name(char *name)
+{
+        static char     *prefix = "gss/";
+        char            *new;
+        new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL);
+        if (new) {
+                strcpy(new, prefix);
+                strcat(new, name);
+        }
+        return new;
+}
+static int
+gss_mech_svc_setup(struct gss_api_mech *gm)
+{
+        struct pf_desc *pf;
+        int i, status;
+        for (i = 0; i < gm->gm_pf_num; i++) {
+                pf = &gm->gm_pfs[i];
+                pf->auth_domain_name = make_auth_domain_name(pf->name);
+                status = -ENOMEM;
+                if (pf->auth_domain_name == NULL)
+                        goto out;
+                status = svcauth_gss_register_pseudoflavor(pf->pseudoflavor,
+                                                        pf->auth_domain_name);
+                if (status)
+                        goto out;
+        }
+        return 0;
+out:
+        gss_mech_free(gm);
+        return status;
+}
+int
+gss_mech_register(struct gss_api_mech *gm)
+{
+        int status;
+        status = gss_mech_svc_setup(gm);
+        if (status)
+                return status;
+        spin_lock(&registered_mechs_lock);
+        list_add(&gm->gm_list, &registered_mechs);
+        spin_unlock(&registered_mechs_lock);
+        dprintk("RPC:      registered gss mechanism %s\n", gm->gm_name);
+        return 0;
+}
+EXPORT_SYMBOL(gss_mech_register);
+void
+gss_mech_unregister(struct gss_api_mech *gm)
+{
+        spin_lock(&registered_mechs_lock);
+        list_del(&gm->gm_list);
+        spin_unlock(&registered_mechs_lock);
+        dprintk("RPC:      unregistered gss mechanism %s\n", gm->gm_name);
+        gss_mech_free(gm);
+}
+EXPORT_SYMBOL(gss_mech_unregister);
+struct gss_api_mech *
+gss_mech_get(struct gss_api_mech *gm)
+{
+        __module_get(gm->gm_owner);
+        return gm;
+}
+EXPORT_SYMBOL(gss_mech_get);
+struct gss_api_mech *
+gss_mech_get_by_name(const char *name)
+{
+        struct gss_api_mech     *pos, *gm = NULL;
+        spin_lock(&registered_mechs_lock);
+        list_for_each_entry(pos, &registered_mechs, gm_list) {
+                if (0 == strcmp(name, pos->gm_name)) {
+                        if (try_module_get(pos->gm_owner))
+                                gm = pos;
+                        break;
+                }
+        }
+        spin_unlock(&registered_mechs_lock);
+        return gm;
+}
+EXPORT_SYMBOL(gss_mech_get_by_name);
+static inline int
+mech_supports_pseudoflavor(struct gss_api_mech *gm, u32 pseudoflavor)
+{
+        int i;
+        for (i = 0; i < gm->gm_pf_num; i++) {
+                if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
+                        return 1;
+        }
+        return 0;
+}
+struct gss_api_mech *
+gss_mech_get_by_pseudoflavor(u32 pseudoflavor)
+{
+        struct gss_api_mech *pos, *gm = NULL;
+        spin_lock(&registered_mechs_lock);
+        list_for_each_entry(pos, &registered_mechs, gm_list) {
+                if (!mech_supports_pseudoflavor(pos, pseudoflavor)) {
+                        module_put(pos->gm_owner);
+                        continue;
+                }
+                if (try_module_get(pos->gm_owner))
+                        gm = pos;
+                break;
+        }
+        spin_unlock(&registered_mechs_lock);
+        return gm;
+}
+EXPORT_SYMBOL(gss_mech_get_by_pseudoflavor);
+u32
+gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor)
+{
+        int i;
+        for (i = 0; i < gm->gm_pf_num; i++) {
+                if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
+                        return gm->gm_pfs[i].service;
+        }
+        return 0;
+}
+EXPORT_SYMBOL(gss_pseudoflavor_to_service);
+char *
+gss_service_to_auth_domain_name(struct gss_api_mech *gm, u32 service)
+{
+        int i;
+        for (i = 0; i < gm->gm_pf_num; i++) {
+                if (gm->gm_pfs[i].service == service)
+                        return gm->gm_pfs[i].auth_domain_name;
+        }
+        return NULL;
+}
+EXPORT_SYMBOL(gss_service_to_auth_domain_name);
+void
+gss_mech_put(struct gss_api_mech * gm)
+{
+        module_put(gm->gm_owner);
+}
+EXPORT_SYMBOL(gss_mech_put);
+/* The mech could probably be determined from the token instead, but it's just
+ * as easy for now to pass it in. */
+int
+gss_import_sec_context(const void *input_token, size_t bufsize,
+                       struct gss_api_mech      *mech,
+                       struct gss_ctx           **ctx_id)
+{
+        if (!(*ctx_id = kmalloc(sizeof(**ctx_id), GFP_KERNEL)))
+                return GSS_S_FAILURE;
+        memset(*ctx_id, 0, sizeof(**ctx_id));
+        (*ctx_id)->mech_type = gss_mech_get(mech);
+        return mech->gm_ops
+                ->gss_import_sec_context(input_token, bufsize, *ctx_id);
+}
+/* gss_get_mic: compute a mic over message and return mic_token. */
+u32
+gss_get_mic(struct gss_ctx      *context_handle,
+            u32                 qop,
+            struct xdr_buf      *message,
+            struct xdr_netobj   *mic_token)
+{
+         return context_handle->mech_type->gm_ops
+                ->gss_get_mic(context_handle,
+                              qop,
+                              message,
+                              mic_token);
+}
+/* gss_verify_mic: check whether the provided mic_token verifies message. */
+u32
+gss_verify_mic(struct gss_ctx           *context_handle,
+               struct xdr_buf           *message,
+               struct xdr_netobj        *mic_token,
+               u32                      *qstate)
+{
+        return context_handle->mech_type->gm_ops
+                ->gss_verify_mic(context_handle,
+                                 message,
+                                 mic_token,
+                                 qstate);
+}
+/* gss_delete_sec_context: free all resources associated with context_handle.
+ * Note this differs from the RFC 2744-specified prototype in that we don't
+ * bother returning an output token, since it would never be used anyway. */
+u32
+gss_delete_sec_context(struct gss_ctx   **context_handle)
+{
+        dprintk("RPC:      gss_delete_sec_context deleting %p\n",
+                        *context_handle);
+        if (!*context_handle)
+                return(GSS_S_NO_CONTEXT);
+        if ((*context_handle)->internal_ctx_id != 0)
+                (*context_handle)->mech_type->gm_ops
+                        ->gss_delete_sec_context((*context_handle)
+                                                        ->internal_ctx_id);
+        if ((*context_handle)->mech_type)
+                gss_mech_put((*context_handle)->mech_type);
+        kfree(*context_handle);
+        *context_handle=NULL;
+        return GSS_S_COMPLETE;
+}
author	Linus Torvalds <torvalds@ppc970.osdl.org>	2005-04-16 18:20:36 -0400
committer	Linus Torvalds <torvalds@ppc970.osdl.org>	2005-04-16 18:20:36 -0400
commit	1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (patch)
tree	0bba044c4ce775e45a88a51686b5d9f90697ea9d /net/sunrpc/auth_gss/gss_mech_switch.c

diff --git a/net/sunrpc/auth_gss/gss_mech_switch.c b/net/sunrpc/auth_gss/gss_mech_switch.c new file mode 100644 index 000000000000..9dfb68377d69 --- /dev/null +++ b/net/sunrpc/auth_gss/gss_mech_switch.c
@@ -0,0 +1,301 @@
	1	/*
	2	* linux/net/sunrpc/gss_mech_switch.c
	3	*
	4	* Copyright (c) 2001 The Regents of the University of Michigan.
	5	* All rights reserved.
	6	*
	7	* J. Bruce Fields <bfields@umich.edu>
	8	*
	9	* Redistribution and use in source and binary forms, with or without
	10	* modification, are permitted provided that the following conditions
	11	* are met:
	12	*
	13	* 1. Redistributions of source code must retain the above copyright
	14	* notice, this list of conditions and the following disclaimer.
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in the
	17	* documentation and/or other materials provided with the distribution.
	18	* 3. Neither the name of the University nor the names of its
	19	* contributors may be used to endorse or promote products derived
	20	* from this software without specific prior written permission.
	21	*
	22	* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
	23	* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
	24	* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	25	* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	26	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
	27	* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	28	* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
	29	* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
	30	* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	31	* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
	32	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	33	*
	34	*/
	35
	36	#include <linux/types.h>
	37	#include <linux/slab.h>
	38	#include <linux/socket.h>
	39	#include <linux/module.h>
	40	#include <linux/sunrpc/msg_prot.h>
	41	#include <linux/sunrpc/gss_asn1.h>
	42	#include <linux/sunrpc/auth_gss.h>
	43	#include <linux/sunrpc/svcauth_gss.h>
	44	#include <linux/sunrpc/gss_err.h>
	45	#include <linux/sunrpc/sched.h>
	46	#include <linux/sunrpc/gss_api.h>
	47	#include <linux/sunrpc/clnt.h>
	48
	49	#ifdef RPC_DEBUG
	50	# define RPCDBG_FACILITY RPCDBG_AUTH
	51	#endif
	52
	53	static LIST_HEAD(registered_mechs);
	54	static DEFINE_SPINLOCK(registered_mechs_lock);
	55
	56	static void
	57	gss_mech_free(struct gss_api_mech *gm)
	58	{
	59	struct pf_desc *pf;
	60	int i;
	61
	62	for (i = 0; i < gm->gm_pf_num; i++) {
	63	pf = &gm->gm_pfs[i];
	64	if (pf->auth_domain_name)
	65	kfree(pf->auth_domain_name);
	66	pf->auth_domain_name = NULL;
	67	}
	68	}
	69
	70	static inline char *
	71	make_auth_domain_name(char *name)
	72	{
	73	static char *prefix = "gss/";
	74	char *new;
	75
	76	new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL);
	77	if (new) {
	78	strcpy(new, prefix);
	79	strcat(new, name);
	80	}
	81	return new;
	82	}
	83
	84	static int
	85	gss_mech_svc_setup(struct gss_api_mech *gm)
	86	{
	87	struct pf_desc *pf;
	88	int i, status;
	89
	90	for (i = 0; i < gm->gm_pf_num; i++) {
	91	pf = &gm->gm_pfs[i];
	92	pf->auth_domain_name = make_auth_domain_name(pf->name);
	93	status = -ENOMEM;
	94	if (pf->auth_domain_name == NULL)
	95	goto out;
	96	status = svcauth_gss_register_pseudoflavor(pf->pseudoflavor,
	97	pf->auth_domain_name);
	98	if (status)
	99	goto out;
	100	}
	101	return 0;
	102	out:
	103	gss_mech_free(gm);
	104	return status;
	105	}
	106
	107	int
	108	gss_mech_register(struct gss_api_mech *gm)
	109	{
	110	int status;
	111
	112	status = gss_mech_svc_setup(gm);
	113	if (status)
	114	return status;
	115	spin_lock(&registered_mechs_lock);
	116	list_add(&gm->gm_list, &registered_mechs);
	117	spin_unlock(&registered_mechs_lock);
	118	dprintk("RPC: registered gss mechanism %s\n", gm->gm_name);
	119	return 0;
	120	}
	121
	122	EXPORT_SYMBOL(gss_mech_register);
	123
	124	void
	125	gss_mech_unregister(struct gss_api_mech *gm)
	126	{
	127	spin_lock(&registered_mechs_lock);
	128	list_del(&gm->gm_list);
	129	spin_unlock(&registered_mechs_lock);
	130	dprintk("RPC: unregistered gss mechanism %s\n", gm->gm_name);
	131	gss_mech_free(gm);
	132	}
	133
	134	EXPORT_SYMBOL(gss_mech_unregister);
	135
	136	struct gss_api_mech *
	137	gss_mech_get(struct gss_api_mech *gm)
	138	{
	139	__module_get(gm->gm_owner);
	140	return gm;
	141	}
	142
	143	EXPORT_SYMBOL(gss_mech_get);
	144
	145	struct gss_api_mech *
	146	gss_mech_get_by_name(const char *name)
	147	{
	148	struct gss_api_mech pos, gm = NULL;
	149
	150	spin_lock(&registered_mechs_lock);
	151	list_for_each_entry(pos, &registered_mechs, gm_list) {
	152	if (0 == strcmp(name, pos->gm_name)) {
	153	if (try_module_get(pos->gm_owner))
	154	gm = pos;
	155	break;
	156	}
	157	}
	158	spin_unlock(&registered_mechs_lock);
	159	return gm;
	160
	161	}
	162
	163	EXPORT_SYMBOL(gss_mech_get_by_name);
	164
	165	static inline int
	166	mech_supports_pseudoflavor(struct gss_api_mech *gm, u32 pseudoflavor)
	167	{
	168	int i;
	169
	170	for (i = 0; i < gm->gm_pf_num; i++) {
	171	if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
	172	return 1;
	173	}
	174	return 0;
	175	}
	176
	177	struct gss_api_mech *
	178	gss_mech_get_by_pseudoflavor(u32 pseudoflavor)
	179	{
	180	struct gss_api_mech pos, gm = NULL;
	181
	182	spin_lock(&registered_mechs_lock);
	183	list_for_each_entry(pos, &registered_mechs, gm_list) {
	184	if (!mech_supports_pseudoflavor(pos, pseudoflavor)) {
	185	module_put(pos->gm_owner);
	186	continue;
	187	}
	188	if (try_module_get(pos->gm_owner))
	189	gm = pos;
	190	break;
	191	}
	192	spin_unlock(&registered_mechs_lock);
	193	return gm;
	194	}
	195
	196	EXPORT_SYMBOL(gss_mech_get_by_pseudoflavor);
	197
	198	u32
	199	gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor)
	200	{
	201	int i;
	202
	203	for (i = 0; i < gm->gm_pf_num; i++) {
	204	if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
	205	return gm->gm_pfs[i].service;
	206	}
	207	return 0;
	208	}
	209
	210	EXPORT_SYMBOL(gss_pseudoflavor_to_service);
	211
	212	char *
	213	gss_service_to_auth_domain_name(struct gss_api_mech *gm, u32 service)
	214	{
	215	int i;
	216
	217	for (i = 0; i < gm->gm_pf_num; i++) {
	218	if (gm->gm_pfs[i].service == service)
	219	return gm->gm_pfs[i].auth_domain_name;
	220	}
	221	return NULL;
	222	}
	223
	224	EXPORT_SYMBOL(gss_service_to_auth_domain_name);
	225
	226	void
	227	gss_mech_put(struct gss_api_mech * gm)
	228	{
	229	module_put(gm->gm_owner);
	230	}
	231
	232	EXPORT_SYMBOL(gss_mech_put);
	233
	234	/* The mech could probably be determined from the token instead, but it's just
	235	* as easy for now to pass it in. */
	236	int
	237	gss_import_sec_context(const void *input_token, size_t bufsize,
	238	struct gss_api_mech *mech,
	239	struct gss_ctx **ctx_id)
	240	{
	241	if (!(ctx_id = kmalloc(sizeof(*ctx_id), GFP_KERNEL)))
	242	return GSS_S_FAILURE;
	243	memset(ctx_id, 0, sizeof(*ctx_id));
	244	(*ctx_id)->mech_type = gss_mech_get(mech);
	245
	246	return mech->gm_ops
	247	->gss_import_sec_context(input_token, bufsize, *ctx_id);
	248	}
	249
	250	/* gss_get_mic: compute a mic over message and return mic_token. */
	251
	252	u32
	253	gss_get_mic(struct gss_ctx *context_handle,
	254	u32 qop,
	255	struct xdr_buf *message,
	256	struct xdr_netobj *mic_token)
	257	{
	258	return context_handle->mech_type->gm_ops
	259	->gss_get_mic(context_handle,
	260	qop,
	261	message,
	262	mic_token);
	263	}
	264
	265	/* gss_verify_mic: check whether the provided mic_token verifies message. */
	266
	267	u32
	268	gss_verify_mic(struct gss_ctx *context_handle,
	269	struct xdr_buf *message,
	270	struct xdr_netobj *mic_token,
	271	u32 *qstate)
	272	{
	273	return context_handle->mech_type->gm_ops
	274	->gss_verify_mic(context_handle,
	275	message,
	276	mic_token,
	277	qstate);
	278	}
	279
	280	/* gss_delete_sec_context: free all resources associated with context_handle.
	281	* Note this differs from the RFC 2744-specified prototype in that we don't
	282	* bother returning an output token, since it would never be used anyway. */
	283
	284	u32
	285	gss_delete_sec_context(struct gss_ctx **context_handle)
	286	{
	287	dprintk("RPC: gss_delete_sec_context deleting %p\n",
	288	*context_handle);
	289
	290	if (!*context_handle)
	291	return(GSS_S_NO_CONTEXT);
	292	if ((*context_handle)->internal_ctx_id != 0)
	293	(*context_handle)->mech_type->gm_ops
	294	->gss_delete_sec_context((*context_handle)
	295	->internal_ctx_id);
	296	if ((*context_handle)->mech_type)
	297	gss_mech_put((*context_handle)->mech_type);
	298	kfree(*context_handle);
	299	*context_handle=NULL;
	300	return GSS_S_COMPLETE;
	301	}