diff options
author | J. Bruce Fields <bfields@citi.umich.edu> | 2006-06-30 04:56:18 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-30 14:25:40 -0400 |
commit | e142ede8e064cb1ae9c2bfb17f36ab145b95ccd2 (patch) | |
tree | c5696a44098fbc81814ea36b8ad39cb58f0f46c2 /net/sunrpc/auth_gss | |
parent | 9ecb6a08d84d0e795648d5add64f154bc406914b (diff) |
[PATCH] knfsd: svcrpc: Simplify nfsd rpcsec_gss integrity code
Pull out some of the integrity code into its own function, otherwise
svcauth_gss_release() is going to become very ungainly after the addition of
privacy code.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r-- | net/sunrpc/auth_gss/svcauth_gss.c | 115 |
1 files changed, 64 insertions, 51 deletions
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index 71f57a5d800d..ce8dc0db214e 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c | |||
@@ -1072,8 +1072,8 @@ out: | |||
1072 | return ret; | 1072 | return ret; |
1073 | } | 1073 | } |
1074 | 1074 | ||
1075 | static int | 1075 | static inline int |
1076 | svcauth_gss_release(struct svc_rqst *rqstp) | 1076 | svcauth_gss_wrap_resp_integ(struct svc_rqst *rqstp) |
1077 | { | 1077 | { |
1078 | struct gss_svc_data *gsd = (struct gss_svc_data *)rqstp->rq_auth_data; | 1078 | struct gss_svc_data *gsd = (struct gss_svc_data *)rqstp->rq_auth_data; |
1079 | struct rpc_gss_wire_cred *gc = &gsd->clcred; | 1079 | struct rpc_gss_wire_cred *gc = &gsd->clcred; |
@@ -1085,6 +1085,67 @@ svcauth_gss_release(struct svc_rqst *rqstp) | |||
1085 | int integ_offset, integ_len; | 1085 | int integ_offset, integ_len; |
1086 | int stat = -EINVAL; | 1086 | int stat = -EINVAL; |
1087 | 1087 | ||
1088 | p = gsd->body_start; | ||
1089 | gsd->body_start = NULL; | ||
1090 | /* move accept_stat to right place: */ | ||
1091 | memcpy(p, p + 2, 4); | ||
1092 | /* don't wrap in failure case: */ | ||
1093 | /* Note: counting on not getting here if call was not even | ||
1094 | * accepted! */ | ||
1095 | if (*p != rpc_success) { | ||
1096 | resbuf->head[0].iov_len -= 2 * 4; | ||
1097 | goto out; | ||
1098 | } | ||
1099 | p++; | ||
1100 | integ_offset = (u8 *)(p + 1) - (u8 *)resbuf->head[0].iov_base; | ||
1101 | integ_len = resbuf->len - integ_offset; | ||
1102 | BUG_ON(integ_len % 4); | ||
1103 | *p++ = htonl(integ_len); | ||
1104 | *p++ = htonl(gc->gc_seq); | ||
1105 | if (xdr_buf_subsegment(resbuf, &integ_buf, integ_offset, | ||
1106 | integ_len)) | ||
1107 | BUG(); | ||
1108 | if (resbuf->page_len == 0 | ||
1109 | && resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE | ||
1110 | < PAGE_SIZE) { | ||
1111 | BUG_ON(resbuf->tail[0].iov_len); | ||
1112 | /* Use head for everything */ | ||
1113 | resv = &resbuf->head[0]; | ||
1114 | } else if (resbuf->tail[0].iov_base == NULL) { | ||
1115 | if (resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE > PAGE_SIZE) | ||
1116 | goto out_err; | ||
1117 | resbuf->tail[0].iov_base = resbuf->head[0].iov_base | ||
1118 | + resbuf->head[0].iov_len; | ||
1119 | resbuf->tail[0].iov_len = 0; | ||
1120 | rqstp->rq_restailpage = 0; | ||
1121 | resv = &resbuf->tail[0]; | ||
1122 | } else { | ||
1123 | resv = &resbuf->tail[0]; | ||
1124 | } | ||
1125 | mic.data = (u8 *)resv->iov_base + resv->iov_len + 4; | ||
1126 | if (gss_get_mic(gsd->rsci->mechctx, &integ_buf, &mic)) | ||
1127 | goto out_err; | ||
1128 | svc_putu32(resv, htonl(mic.len)); | ||
1129 | memset(mic.data + mic.len, 0, | ||
1130 | round_up_to_quad(mic.len) - mic.len); | ||
1131 | resv->iov_len += XDR_QUADLEN(mic.len) << 2; | ||
1132 | /* not strictly required: */ | ||
1133 | resbuf->len += XDR_QUADLEN(mic.len) << 2; | ||
1134 | BUG_ON(resv->iov_len > PAGE_SIZE); | ||
1135 | out: | ||
1136 | stat = 0; | ||
1137 | out_err: | ||
1138 | return stat; | ||
1139 | } | ||
1140 | |||
1141 | static int | ||
1142 | svcauth_gss_release(struct svc_rqst *rqstp) | ||
1143 | { | ||
1144 | struct gss_svc_data *gsd = (struct gss_svc_data *)rqstp->rq_auth_data; | ||
1145 | struct rpc_gss_wire_cred *gc = &gsd->clcred; | ||
1146 | struct xdr_buf *resbuf = &rqstp->rq_res; | ||
1147 | int stat = -EINVAL; | ||
1148 | |||
1088 | if (gc->gc_proc != RPC_GSS_PROC_DATA) | 1149 | if (gc->gc_proc != RPC_GSS_PROC_DATA) |
1089 | goto out; | 1150 | goto out; |
1090 | /* Release can be called twice, but we only wrap once. */ | 1151 | /* Release can be called twice, but we only wrap once. */ |
@@ -1097,55 +1158,7 @@ svcauth_gss_release(struct svc_rqst *rqstp) | |||
1097 | case RPC_GSS_SVC_NONE: | 1158 | case RPC_GSS_SVC_NONE: |
1098 | break; | 1159 | break; |
1099 | case RPC_GSS_SVC_INTEGRITY: | 1160 | case RPC_GSS_SVC_INTEGRITY: |
1100 | p = gsd->body_start; | 1161 | svcauth_gss_wrap_resp_integ(rqstp); |
1101 | gsd->body_start = NULL; | ||
1102 | /* move accept_stat to right place: */ | ||
1103 | memcpy(p, p + 2, 4); | ||
1104 | /* don't wrap in failure case: */ | ||
1105 | /* Note: counting on not getting here if call was not even | ||
1106 | * accepted! */ | ||
1107 | if (*p != rpc_success) { | ||
1108 | resbuf->head[0].iov_len -= 2 * 4; | ||
1109 | goto out; | ||
1110 | } | ||
1111 | p++; | ||
1112 | integ_offset = (u8 *)(p + 1) - (u8 *)resbuf->head[0].iov_base; | ||
1113 | integ_len = resbuf->len - integ_offset; | ||
1114 | BUG_ON(integ_len % 4); | ||
1115 | *p++ = htonl(integ_len); | ||
1116 | *p++ = htonl(gc->gc_seq); | ||
1117 | if (xdr_buf_subsegment(resbuf, &integ_buf, integ_offset, | ||
1118 | integ_len)) | ||
1119 | BUG(); | ||
1120 | if (resbuf->page_len == 0 | ||
1121 | && resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE | ||
1122 | < PAGE_SIZE) { | ||
1123 | BUG_ON(resbuf->tail[0].iov_len); | ||
1124 | /* Use head for everything */ | ||
1125 | resv = &resbuf->head[0]; | ||
1126 | } else if (resbuf->tail[0].iov_base == NULL) { | ||
1127 | if (resbuf->head[0].iov_len + RPC_MAX_AUTH_SIZE | ||
1128 | > PAGE_SIZE) | ||
1129 | goto out_err; | ||
1130 | resbuf->tail[0].iov_base = | ||
1131 | resbuf->head[0].iov_base | ||
1132 | + resbuf->head[0].iov_len; | ||
1133 | resbuf->tail[0].iov_len = 0; | ||
1134 | rqstp->rq_restailpage = 0; | ||
1135 | resv = &resbuf->tail[0]; | ||
1136 | } else { | ||
1137 | resv = &resbuf->tail[0]; | ||
1138 | } | ||
1139 | mic.data = (u8 *)resv->iov_base + resv->iov_len + 4; | ||
1140 | if (gss_get_mic(gsd->rsci->mechctx, &integ_buf, &mic)) | ||
1141 | goto out_err; | ||
1142 | svc_putu32(resv, htonl(mic.len)); | ||
1143 | memset(mic.data + mic.len, 0, | ||
1144 | round_up_to_quad(mic.len) - mic.len); | ||
1145 | resv->iov_len += XDR_QUADLEN(mic.len) << 2; | ||
1146 | /* not strictly required: */ | ||
1147 | resbuf->len += XDR_QUADLEN(mic.len) << 2; | ||
1148 | BUG_ON(resv->iov_len > PAGE_SIZE); | ||
1149 | break; | 1162 | break; |
1150 | case RPC_GSS_SVC_PRIVACY: | 1163 | case RPC_GSS_SVC_PRIVACY: |
1151 | default: | 1164 | default: |