aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/linux/sunrpc/gss_krb5.h5
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seal.c5
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seqnum.c6
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_unseal.c3
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_wrap.c6
5 files changed, 14 insertions, 11 deletions
diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h
index b0ab827add26..d840856edecc 100644
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -275,12 +275,13 @@ gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *inbuf,
275 int offset); 275 int offset);
276 276
277s32 277s32
278krb5_make_seq_num(struct crypto_blkcipher *key, 278krb5_make_seq_num(struct krb5_ctx *kctx,
279 struct crypto_blkcipher *key,
279 int direction, 280 int direction,
280 u32 seqnum, unsigned char *cksum, unsigned char *buf); 281 u32 seqnum, unsigned char *cksum, unsigned char *buf);
281 282
282s32 283s32
283krb5_get_seq_num(struct crypto_blkcipher *key, 284krb5_get_seq_num(struct krb5_ctx *kctx,
284 unsigned char *cksum, 285 unsigned char *cksum,
285 unsigned char *buf, int *direction, u32 *seqnum); 286 unsigned char *buf, int *direction, u32 *seqnum);
286 287
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c
index e22fed3d9a1b..36fe487d93d2 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
@@ -152,9 +152,8 @@ gss_get_mic_v1(struct krb5_ctx *ctx, struct xdr_buf *text,
152 seq_send = ctx->seq_send++; 152 seq_send = ctx->seq_send++;
153 spin_unlock(&krb5_seq_lock); 153 spin_unlock(&krb5_seq_lock);
154 154
155 if (krb5_make_seq_num(ctx->seq, ctx->initiate ? 0 : 0xff, 155 if (krb5_make_seq_num(ctx, ctx->seq, ctx->initiate ? 0 : 0xff,
156 seq_send, ptr + GSS_KRB5_TOK_HDR_LEN, 156 seq_send, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8))
157 ptr + 8))
158 return GSS_S_FAILURE; 157 return GSS_S_FAILURE;
159 158
160 return (ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE; 159 return (ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE;
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
index 6331cd6866ec..83b593084976 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
@@ -40,7 +40,8 @@
40#endif 40#endif
41 41
42s32 42s32
43krb5_make_seq_num(struct crypto_blkcipher *key, 43krb5_make_seq_num(struct krb5_ctx *kctx,
44 struct crypto_blkcipher *key,
44 int direction, 45 int direction,
45 u32 seqnum, 46 u32 seqnum,
46 unsigned char *cksum, unsigned char *buf) 47 unsigned char *cksum, unsigned char *buf)
@@ -61,13 +62,14 @@ krb5_make_seq_num(struct crypto_blkcipher *key,
61} 62}
62 63
63s32 64s32
64krb5_get_seq_num(struct crypto_blkcipher *key, 65krb5_get_seq_num(struct krb5_ctx *kctx,
65 unsigned char *cksum, 66 unsigned char *cksum,
66 unsigned char *buf, 67 unsigned char *buf,
67 int *direction, u32 *seqnum) 68 int *direction, u32 *seqnum)
68{ 69{
69 s32 code; 70 s32 code;
70 unsigned char plain[8]; 71 unsigned char plain[8];
72 struct crypto_blkcipher *key = kctx->seq;
71 73
72 dprintk("RPC: krb5_get_seq_num:\n"); 74 dprintk("RPC: krb5_get_seq_num:\n");
73 75
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index ef91366e3dea..97eb91b8c70c 100644
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -131,7 +131,8 @@ gss_verify_mic_v1(struct krb5_ctx *ctx,
131 131
132 /* do sequencing checks */ 132 /* do sequencing checks */
133 133
134 if (krb5_get_seq_num(ctx->seq, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8, &direction, &seqnum)) 134 if (krb5_get_seq_num(ctx, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8,
135 &direction, &seqnum))
135 return GSS_S_FAILURE; 136 return GSS_S_FAILURE;
136 137
137 if ((ctx->initiate && direction != 0xff) || 138 if ((ctx->initiate && direction != 0xff) ||
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index 097cc27494cc..a95e7e0ac0e3 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -227,7 +227,7 @@ gss_wrap_kerberos_v1(struct krb5_ctx *kctx, int offset,
227 227
228 /* XXX would probably be more efficient to compute checksum 228 /* XXX would probably be more efficient to compute checksum
229 * and encrypt at the same time: */ 229 * and encrypt at the same time: */
230 if ((krb5_make_seq_num(kctx->seq, kctx->initiate ? 0 : 0xff, 230 if ((krb5_make_seq_num(kctx, kctx->seq, kctx->initiate ? 0 : 0xff,
231 seq_send, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8))) 231 seq_send, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8)))
232 return GSS_S_FAILURE; 232 return GSS_S_FAILURE;
233 233
@@ -314,8 +314,8 @@ gss_unwrap_kerberos_v1(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf)
314 314
315 /* do sequencing checks */ 315 /* do sequencing checks */
316 316
317 if (krb5_get_seq_num(kctx->seq, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8, 317 if (krb5_get_seq_num(kctx, ptr + GSS_KRB5_TOK_HDR_LEN,
318 &direction, &seqnum)) 318 ptr + 8, &direction, &seqnum))
319 return GSS_S_BAD_SIG; 319 return GSS_S_BAD_SIG;
320 320
321 if ((kctx->initiate && direction != 0xff) || 321 if ((kctx->initiate && direction != 0xff) ||