aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/linux/rxrpc.h7
-rw-r--r--net/rxrpc/ar-key.c4
-rw-r--r--net/rxrpc/rxkad.c6
3 files changed, 12 insertions, 5 deletions
diff --git a/include/linux/rxrpc.h b/include/linux/rxrpc.h
index f7b826b565c7..a53915cd5581 100644
--- a/include/linux/rxrpc.h
+++ b/include/linux/rxrpc.h
@@ -58,5 +58,12 @@ struct sockaddr_rxrpc {
58#define RXRPC_SECURITY_AUTH 1 /* authenticated packets */ 58#define RXRPC_SECURITY_AUTH 1 /* authenticated packets */
59#define RXRPC_SECURITY_ENCRYPT 2 /* encrypted packets */ 59#define RXRPC_SECURITY_ENCRYPT 2 /* encrypted packets */
60 60
61/*
62 * RxRPC security indices
63 */
64#define RXRPC_SECURITY_NONE 0 /* no security protocol */
65#define RXRPC_SECURITY_RXKAD 2 /* kaserver or kerberos 4 */
66#define RXRPC_SECURITY_RXGK 4 /* gssapi-based */
67#define RXRPC_SECURITY_RXK5 5 /* kerberos 5 */
61 68
62#endif /* _LINUX_RXRPC_H */ 69#endif /* _LINUX_RXRPC_H */
diff --git a/net/rxrpc/ar-key.c b/net/rxrpc/ar-key.c
index ad8c7a782da1..b3d10e7ccd7e 100644
--- a/net/rxrpc/ar-key.c
+++ b/net/rxrpc/ar-key.c
@@ -122,7 +122,7 @@ static int rxrpc_instantiate(struct key *key, const void *data, size_t datalen)
122 tsec->ticket[6], tsec->ticket[7]); 122 tsec->ticket[6], tsec->ticket[7]);
123 123
124 ret = -EPROTONOSUPPORT; 124 ret = -EPROTONOSUPPORT;
125 if (tsec->security_index != 2) 125 if (tsec->security_index != RXRPC_SECURITY_RXKAD)
126 goto error; 126 goto error;
127 127
128 key->type_data.x[0] = tsec->security_index; 128 key->type_data.x[0] = tsec->security_index;
@@ -308,7 +308,7 @@ int rxrpc_get_server_data_key(struct rxrpc_connection *conn,
308 _debug("key %d", key_serial(key)); 308 _debug("key %d", key_serial(key));
309 309
310 data.kver = 1; 310 data.kver = 1;
311 data.tsec.security_index = 2; 311 data.tsec.security_index = RXRPC_SECURITY_RXKAD;
312 data.tsec.ticket_len = 0; 312 data.tsec.ticket_len = 0;
313 data.tsec.expiry = expiry; 313 data.tsec.expiry = expiry;
314 data.tsec.kvno = 0; 314 data.tsec.kvno = 0;
diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index ef8f91030a15..acec76292c01 100644
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -42,7 +42,7 @@ struct rxkad_level2_hdr {
42 __be32 checksum; /* decrypted data checksum */ 42 __be32 checksum; /* decrypted data checksum */
43}; 43};
44 44
45MODULE_DESCRIPTION("RxRPC network protocol type-2 security (Kerberos)"); 45MODULE_DESCRIPTION("RxRPC network protocol type-2 security (Kerberos 4)");
46MODULE_AUTHOR("Red Hat, Inc."); 46MODULE_AUTHOR("Red Hat, Inc.");
47MODULE_LICENSE("GPL"); 47MODULE_LICENSE("GPL");
48 48
@@ -506,7 +506,7 @@ static int rxkad_verify_packet(const struct rxrpc_call *call,
506 if (!call->conn->cipher) 506 if (!call->conn->cipher)
507 return 0; 507 return 0;
508 508
509 if (sp->hdr.securityIndex != 2) { 509 if (sp->hdr.securityIndex != RXRPC_SECURITY_RXKAD) {
510 *_abort_code = RXKADINCONSISTENCY; 510 *_abort_code = RXKADINCONSISTENCY;
511 _leave(" = -EPROTO [not rxkad]"); 511 _leave(" = -EPROTO [not rxkad]");
512 return -EPROTO; 512 return -EPROTO;
@@ -1122,7 +1122,7 @@ static void rxkad_clear(struct rxrpc_connection *conn)
1122static struct rxrpc_security rxkad = { 1122static struct rxrpc_security rxkad = {
1123 .owner = THIS_MODULE, 1123 .owner = THIS_MODULE,
1124 .name = "rxkad", 1124 .name = "rxkad",
1125 .security_index = RXKAD_VERSION, 1125 .security_index = RXRPC_SECURITY_RXKAD,
1126 .init_connection_security = rxkad_init_connection_security, 1126 .init_connection_security = rxkad_init_connection_security,
1127 .prime_packet_security = rxkad_prime_packet_security, 1127 .prime_packet_security = rxkad_prime_packet_security,
1128 .secure_packet = rxkad_secure_packet, 1128 .secure_packet = rxkad_secure_packet,
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-20 02:17:59 -0500