aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--net/sunrpc/auth_gss/auth_gss.c52
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_crypto.c8
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_mech.c3
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seal.c2
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seqnum.c2
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_unseal.c2
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_wrap.c4
-rw-r--r--net/sunrpc/auth_gss/gss_mech_switch.c6
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_mech.c9
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_seal.c14
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_token.c14
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_unseal.c9
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c11
13 files changed, 73 insertions, 63 deletions
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index e1a104abb782..2fe8e91f5bc1 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -241,7 +241,7 @@ gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, struct
241 } 241 }
242 return q; 242 return q;
243err: 243err:
244 dprintk("RPC: gss_fill_context returning %ld\n", -PTR_ERR(p)); 244 dprintk("RPC: gss_fill_context returning %ld\n", -PTR_ERR(p));
245 return p; 245 return p;
246} 246}
247 247
@@ -276,10 +276,10 @@ __gss_find_upcall(struct gss_auth *gss_auth, uid_t uid)
276 if (pos->uid != uid) 276 if (pos->uid != uid)
277 continue; 277 continue;
278 atomic_inc(&pos->count); 278 atomic_inc(&pos->count);
279 dprintk("RPC: gss_find_upcall found msg %p\n", pos); 279 dprintk("RPC: gss_find_upcall found msg %p\n", pos);
280 return pos; 280 return pos;
281 } 281 }
282 dprintk("RPC: gss_find_upcall found nothing\n"); 282 dprintk("RPC: gss_find_upcall found nothing\n");
283 return NULL; 283 return NULL;
284} 284}
285 285
@@ -393,7 +393,8 @@ gss_refresh_upcall(struct rpc_task *task)
393 struct gss_upcall_msg *gss_msg; 393 struct gss_upcall_msg *gss_msg;
394 int err = 0; 394 int err = 0;
395 395
396 dprintk("RPC: %4u gss_refresh_upcall for uid %u\n", task->tk_pid, cred->cr_uid); 396 dprintk("RPC: %5u gss_refresh_upcall for uid %u\n", task->tk_pid,
397 cred->cr_uid);
397 gss_msg = gss_setup_upcall(task->tk_client, gss_auth, cred); 398 gss_msg = gss_setup_upcall(task->tk_client, gss_auth, cred);
398 if (IS_ERR(gss_msg)) { 399 if (IS_ERR(gss_msg)) {
399 err = PTR_ERR(gss_msg); 400 err = PTR_ERR(gss_msg);
@@ -413,8 +414,8 @@ gss_refresh_upcall(struct rpc_task *task)
413 spin_unlock(&gss_auth->lock); 414 spin_unlock(&gss_auth->lock);
414 gss_release_msg(gss_msg); 415 gss_release_msg(gss_msg);
415out: 416out:
416 dprintk("RPC: %4u gss_refresh_upcall for uid %u result %d\n", task->tk_pid, 417 dprintk("RPC: %5u gss_refresh_upcall for uid %u result %d\n",
417 cred->cr_uid, err); 418 task->tk_pid, cred->cr_uid, err);
418 return err; 419 return err;
419} 420}
420 421
@@ -426,7 +427,7 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
426 DEFINE_WAIT(wait); 427 DEFINE_WAIT(wait);
427 int err = 0; 428 int err = 0;
428 429
429 dprintk("RPC: gss_upcall for uid %u\n", cred->cr_uid); 430 dprintk("RPC: gss_upcall for uid %u\n", cred->cr_uid);
430 gss_msg = gss_setup_upcall(gss_auth->client, gss_auth, cred); 431 gss_msg = gss_setup_upcall(gss_auth->client, gss_auth, cred);
431 if (IS_ERR(gss_msg)) { 432 if (IS_ERR(gss_msg)) {
432 err = PTR_ERR(gss_msg); 433 err = PTR_ERR(gss_msg);
@@ -454,7 +455,8 @@ out_intr:
454 finish_wait(&gss_msg->waitqueue, &wait); 455 finish_wait(&gss_msg->waitqueue, &wait);
455 gss_release_msg(gss_msg); 456 gss_release_msg(gss_msg);
456out: 457out:
457 dprintk("RPC: gss_create_upcall for uid %u result %d\n", cred->cr_uid, err); 458 dprintk("RPC: gss_create_upcall for uid %u result %d\n",
459 cred->cr_uid, err);
458 return err; 460 return err;
459} 461}
460 462
@@ -546,14 +548,14 @@ gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen)
546 } 548 }
547 gss_put_ctx(ctx); 549 gss_put_ctx(ctx);
548 kfree(buf); 550 kfree(buf);
549 dprintk("RPC: gss_pipe_downcall returning length %Zu\n", mlen); 551 dprintk("RPC: gss_pipe_downcall returning length %Zu\n", mlen);
550 return mlen; 552 return mlen;
551err_put_ctx: 553err_put_ctx:
552 gss_put_ctx(ctx); 554 gss_put_ctx(ctx);
553err: 555err:
554 kfree(buf); 556 kfree(buf);
555out: 557out:
556 dprintk("RPC: gss_pipe_downcall returning %d\n", err); 558 dprintk("RPC: gss_pipe_downcall returning %d\n", err);
557 return err; 559 return err;
558} 560}
559 561
@@ -591,7 +593,7 @@ gss_pipe_destroy_msg(struct rpc_pipe_msg *msg)
591 static unsigned long ratelimit; 593 static unsigned long ratelimit;
592 594
593 if (msg->errno < 0) { 595 if (msg->errno < 0) {
594 dprintk("RPC: gss_pipe_destroy_msg releasing msg %p\n", 596 dprintk("RPC: gss_pipe_destroy_msg releasing msg %p\n",
595 gss_msg); 597 gss_msg);
596 atomic_inc(&gss_msg->count); 598 atomic_inc(&gss_msg->count);
597 gss_unhash_msg(gss_msg); 599 gss_unhash_msg(gss_msg);
@@ -618,7 +620,7 @@ gss_create(struct rpc_clnt *clnt, rpc_authflavor_t flavor)
618 struct rpc_auth * auth; 620 struct rpc_auth * auth;
619 int err = -ENOMEM; /* XXX? */ 621 int err = -ENOMEM; /* XXX? */
620 622
621 dprintk("RPC: creating GSS authenticator for client %p\n",clnt); 623 dprintk("RPC: creating GSS authenticator for client %p\n", clnt);
622 624
623 if (!try_module_get(THIS_MODULE)) 625 if (!try_module_get(THIS_MODULE))
624 return ERR_PTR(err); 626 return ERR_PTR(err);
@@ -670,8 +672,8 @@ gss_destroy(struct rpc_auth *auth)
670{ 672{
671 struct gss_auth *gss_auth; 673 struct gss_auth *gss_auth;
672 674
673 dprintk("RPC: destroying GSS authenticator %p flavor %d\n", 675 dprintk("RPC: destroying GSS authenticator %p flavor %d\n",
674 auth, auth->au_flavor); 676 auth, auth->au_flavor);
675 677
676 gss_auth = container_of(auth, struct gss_auth, rpc_auth); 678 gss_auth = container_of(auth, struct gss_auth, rpc_auth);
677 rpc_unlink(gss_auth->dentry); 679 rpc_unlink(gss_auth->dentry);
@@ -689,7 +691,7 @@ gss_destroy(struct rpc_auth *auth)
689static void 691static void
690gss_destroy_ctx(struct gss_cl_ctx *ctx) 692gss_destroy_ctx(struct gss_cl_ctx *ctx)
691{ 693{
692 dprintk("RPC: gss_destroy_ctx\n"); 694 dprintk("RPC: gss_destroy_ctx\n");
693 695
694 if (ctx->gc_gss_ctx) 696 if (ctx->gc_gss_ctx)
695 gss_delete_sec_context(&ctx->gc_gss_ctx); 697 gss_delete_sec_context(&ctx->gc_gss_ctx);
@@ -703,7 +705,7 @@ gss_destroy_cred(struct rpc_cred *rc)
703{ 705{
704 struct gss_cred *cred = container_of(rc, struct gss_cred, gc_base); 706 struct gss_cred *cred = container_of(rc, struct gss_cred, gc_base);
705 707
706 dprintk("RPC: gss_destroy_cred \n"); 708 dprintk("RPC: gss_destroy_cred \n");
707 709
708 if (cred->gc_ctx) 710 if (cred->gc_ctx)
709 gss_put_ctx(cred->gc_ctx); 711 gss_put_ctx(cred->gc_ctx);
@@ -726,7 +728,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
726 struct gss_cred *cred = NULL; 728 struct gss_cred *cred = NULL;
727 int err = -ENOMEM; 729 int err = -ENOMEM;
728 730
729 dprintk("RPC: gss_create_cred for uid %d, flavor %d\n", 731 dprintk("RPC: gss_create_cred for uid %d, flavor %d\n",
730 acred->uid, auth->au_flavor); 732 acred->uid, auth->au_flavor);
731 733
732 if (!(cred = kzalloc(sizeof(*cred), GFP_KERNEL))) 734 if (!(cred = kzalloc(sizeof(*cred), GFP_KERNEL)))
@@ -745,7 +747,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
745 return &cred->gc_base; 747 return &cred->gc_base;
746 748
747out_err: 749out_err:
748 dprintk("RPC: gss_create_cred failed with error %d\n", err); 750 dprintk("RPC: gss_create_cred failed with error %d\n", err);
749 return ERR_PTR(err); 751 return ERR_PTR(err);
750} 752}
751 753
@@ -799,7 +801,7 @@ gss_marshal(struct rpc_task *task, __be32 *p)
799 struct kvec iov; 801 struct kvec iov;
800 struct xdr_buf verf_buf; 802 struct xdr_buf verf_buf;
801 803
802 dprintk("RPC: %4u gss_marshal\n", task->tk_pid); 804 dprintk("RPC: %5u gss_marshal\n", task->tk_pid);
803 805
804 *p++ = htonl(RPC_AUTH_GSS); 806 *p++ = htonl(RPC_AUTH_GSS);
805 cred_len = p++; 807 cred_len = p++;
@@ -865,7 +867,7 @@ gss_validate(struct rpc_task *task, __be32 *p)
865 u32 flav,len; 867 u32 flav,len;
866 u32 maj_stat; 868 u32 maj_stat;
867 869
868 dprintk("RPC: %4u gss_validate\n", task->tk_pid); 870 dprintk("RPC: %5u gss_validate\n", task->tk_pid);
869 871
870 flav = ntohl(*p++); 872 flav = ntohl(*p++);
871 if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE) 873 if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE)
@@ -888,12 +890,12 @@ gss_validate(struct rpc_task *task, __be32 *p)
888 * calculate the length of the verifier: */ 890 * calculate the length of the verifier: */
889 task->tk_auth->au_verfsize = XDR_QUADLEN(len) + 2; 891 task->tk_auth->au_verfsize = XDR_QUADLEN(len) + 2;
890 gss_put_ctx(ctx); 892 gss_put_ctx(ctx);
891 dprintk("RPC: %4u GSS gss_validate: gss_verify_mic succeeded.\n", 893 dprintk("RPC: %5u gss_validate: gss_verify_mic succeeded.\n",
892 task->tk_pid); 894 task->tk_pid);
893 return p + XDR_QUADLEN(len); 895 return p + XDR_QUADLEN(len);
894out_bad: 896out_bad:
895 gss_put_ctx(ctx); 897 gss_put_ctx(ctx);
896 dprintk("RPC: %4u gss_validate failed.\n", task->tk_pid); 898 dprintk("RPC: %5u gss_validate failed.\n", task->tk_pid);
897 return NULL; 899 return NULL;
898} 900}
899 901
@@ -1063,7 +1065,7 @@ gss_wrap_req(struct rpc_task *task,
1063 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred); 1065 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
1064 int status = -EIO; 1066 int status = -EIO;
1065 1067
1066 dprintk("RPC: %4u gss_wrap_req\n", task->tk_pid); 1068 dprintk("RPC: %5u gss_wrap_req\n", task->tk_pid);
1067 if (ctx->gc_proc != RPC_GSS_PROC_DATA) { 1069 if (ctx->gc_proc != RPC_GSS_PROC_DATA) {
1068 /* The spec seems a little ambiguous here, but I think that not 1070 /* The spec seems a little ambiguous here, but I think that not
1069 * wrapping context destruction requests makes the most sense. 1071 * wrapping context destruction requests makes the most sense.
@@ -1086,7 +1088,7 @@ gss_wrap_req(struct rpc_task *task,
1086 } 1088 }
1087out: 1089out:
1088 gss_put_ctx(ctx); 1090 gss_put_ctx(ctx);
1089 dprintk("RPC: %4u gss_wrap_req returning %d\n", task->tk_pid, status); 1091 dprintk("RPC: %5u gss_wrap_req returning %d\n", task->tk_pid, status);
1090 return status; 1092 return status;
1091} 1093}
1092 1094
@@ -1192,7 +1194,7 @@ out_decode:
1192 status = decode(rqstp, p, obj); 1194 status = decode(rqstp, p, obj);
1193out: 1195out:
1194 gss_put_ctx(ctx); 1196 gss_put_ctx(ctx);
1195 dprintk("RPC: %4u gss_unwrap_resp returning %d\n", task->tk_pid, 1197 dprintk("RPC: %5u gss_unwrap_resp returning %d\n", task->tk_pid,
1196 status); 1198 status);
1197 return status; 1199 return status;
1198} 1200}
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index d926cda88623..cd64efd5921e 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -66,7 +66,7 @@ krb5_encrypt(
66 goto out; 66 goto out;
67 67
68 if (crypto_blkcipher_ivsize(tfm) > 16) { 68 if (crypto_blkcipher_ivsize(tfm) > 16) {
69 dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", 69 dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n",
70 crypto_blkcipher_ivsize(tfm)); 70 crypto_blkcipher_ivsize(tfm));
71 goto out; 71 goto out;
72 } 72 }
@@ -79,7 +79,7 @@ krb5_encrypt(
79 79
80 ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length); 80 ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length);
81out: 81out:
82 dprintk("RPC: krb5_encrypt returns %d\n",ret); 82 dprintk("RPC: krb5_encrypt returns %d\n", ret);
83 return ret; 83 return ret;
84} 84}
85 85
@@ -102,7 +102,7 @@ krb5_decrypt(
102 goto out; 102 goto out;
103 103
104 if (crypto_blkcipher_ivsize(tfm) > 16) { 104 if (crypto_blkcipher_ivsize(tfm) > 16) {
105 dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", 105 dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n",
106 crypto_blkcipher_ivsize(tfm)); 106 crypto_blkcipher_ivsize(tfm));
107 goto out; 107 goto out;
108 } 108 }
@@ -114,7 +114,7 @@ krb5_decrypt(
114 114
115 ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length); 115 ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length);
116out: 116out:
117 dprintk("RPC: gss_k5decrypt returns %d\n",ret); 117 dprintk("RPC: gss_k5decrypt returns %d\n",ret);
118 return ret; 118 return ret;
119} 119}
120 120
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 05d4bee86fc0..7b1943217053 100644
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -175,7 +175,8 @@ gss_import_sec_context_kerberos(const void *p,
175 } 175 }
176 176
177 ctx_id->internal_ctx_id = ctx; 177 ctx_id->internal_ctx_id = ctx;
178 dprintk("RPC: Successfully imported new context.\n"); 178
179 dprintk("RPC: Successfully imported new context.\n");
179 return 0; 180 return 0;
180 181
181out_err_free_key2: 182out_err_free_key2:
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c
index d0bb5064f8c5..a0d9faa59cb5 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
@@ -83,7 +83,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
83 s32 now; 83 s32 now;
84 u32 seq_send; 84 u32 seq_send;
85 85
86 dprintk("RPC: gss_krb5_seal\n"); 86 dprintk("RPC: gss_krb5_seal\n");
87 87
88 now = get_seconds(); 88 now = get_seconds();
89 89
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
index c604baf3a5f6..2f0b11257016 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
@@ -70,7 +70,7 @@ krb5_get_seq_num(struct crypto_blkcipher *key,
70 s32 code; 70 s32 code;
71 unsigned char plain[8]; 71 unsigned char plain[8];
72 72
73 dprintk("RPC: krb5_get_seq_num:\n"); 73 dprintk("RPC: krb5_get_seq_num:\n");
74 74
75 if ((code = krb5_decrypt(key, cksum, buf, plain, 8))) 75 if ((code = krb5_decrypt(key, cksum, buf, plain, 8)))
76 return code; 76 return code;
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index 87f8977ccece..e30a993466bc 100644
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -86,7 +86,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
86 unsigned char *ptr = (unsigned char *)read_token->data; 86 unsigned char *ptr = (unsigned char *)read_token->data;
87 int bodysize; 87 int bodysize;
88 88
89 dprintk("RPC: krb5_read_token\n"); 89 dprintk("RPC: krb5_read_token\n");
90 90
91 if (g_verify_token_header(&ctx->mech_used, &bodysize, &ptr, 91 if (g_verify_token_header(&ctx->mech_used, &bodysize, &ptr,
92 read_token->len)) 92 read_token->len))
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index fe25b3d898dc..42b3220bed39 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -129,7 +129,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
129 struct page **tmp_pages; 129 struct page **tmp_pages;
130 u32 seq_send; 130 u32 seq_send;
131 131
132 dprintk("RPC: gss_wrap_kerberos\n"); 132 dprintk("RPC: gss_wrap_kerberos\n");
133 133
134 now = get_seconds(); 134 now = get_seconds();
135 135
@@ -215,7 +215,7 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf)
215 int data_len; 215 int data_len;
216 int blocksize; 216 int blocksize;
217 217
218 dprintk("RPC: gss_unwrap_kerberos\n"); 218 dprintk("RPC: gss_unwrap_kerberos\n");
219 219
220 ptr = (u8 *)buf->head[0].iov_base + offset; 220 ptr = (u8 *)buf->head[0].iov_base + offset;
221 if (g_verify_token_header(&kctx->mech_used, &bodysize, &ptr, 221 if (g_verify_token_header(&kctx->mech_used, &bodysize, &ptr,
diff --git a/net/sunrpc/auth_gss/gss_mech_switch.c b/net/sunrpc/auth_gss/gss_mech_switch.c
index 3db745379d06..c7681db96fb7 100644
--- a/net/sunrpc/auth_gss/gss_mech_switch.c
+++ b/net/sunrpc/auth_gss/gss_mech_switch.c
@@ -113,7 +113,7 @@ gss_mech_register(struct gss_api_mech *gm)
113 spin_lock(&registered_mechs_lock); 113 spin_lock(&registered_mechs_lock);
114 list_add(&gm->gm_list, &registered_mechs); 114 list_add(&gm->gm_list, &registered_mechs);
115 spin_unlock(&registered_mechs_lock); 115 spin_unlock(&registered_mechs_lock);
116 dprintk("RPC: registered gss mechanism %s\n", gm->gm_name); 116 dprintk("RPC: registered gss mechanism %s\n", gm->gm_name);
117 return 0; 117 return 0;
118} 118}
119 119
@@ -125,7 +125,7 @@ gss_mech_unregister(struct gss_api_mech *gm)
125 spin_lock(&registered_mechs_lock); 125 spin_lock(&registered_mechs_lock);
126 list_del(&gm->gm_list); 126 list_del(&gm->gm_list);
127 spin_unlock(&registered_mechs_lock); 127 spin_unlock(&registered_mechs_lock);
128 dprintk("RPC: unregistered gss mechanism %s\n", gm->gm_name); 128 dprintk("RPC: unregistered gss mechanism %s\n", gm->gm_name);
129 gss_mech_free(gm); 129 gss_mech_free(gm);
130} 130}
131 131
@@ -298,7 +298,7 @@ gss_unwrap(struct gss_ctx *ctx_id,
298u32 298u32
299gss_delete_sec_context(struct gss_ctx **context_handle) 299gss_delete_sec_context(struct gss_ctx **context_handle)
300{ 300{
301 dprintk("RPC: gss_delete_sec_context deleting %p\n", 301 dprintk("RPC: gss_delete_sec_context deleting %p\n",
302 *context_handle); 302 *context_handle);
303 303
304 if (!*context_handle) 304 if (!*context_handle)
diff --git a/net/sunrpc/auth_gss/gss_spkm3_mech.c b/net/sunrpc/auth_gss/gss_spkm3_mech.c
index 8ef3f1c19435..7e15aa68ae64 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_mech.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_mech.c
@@ -97,7 +97,8 @@ gss_import_sec_context_spkm3(const void *p, size_t len,
97 if (IS_ERR(p)) 97 if (IS_ERR(p))
98 goto out_err_free_ctx; 98 goto out_err_free_ctx;
99 if (version != 1) { 99 if (version != 1) {
100 dprintk("RPC: unknown spkm3 token format: obsolete nfs-utils?\n"); 100 dprintk("RPC: unknown spkm3 token format: "
101 "obsolete nfs-utils?\n");
101 goto out_err_free_ctx; 102 goto out_err_free_ctx;
102 } 103 }
103 104
@@ -138,7 +139,7 @@ gss_import_sec_context_spkm3(const void *p, size_t len,
138 139
139 ctx_id->internal_ctx_id = ctx; 140 ctx_id->internal_ctx_id = ctx;
140 141
141 dprintk("Successfully imported new spkm context.\n"); 142 dprintk("RPC: Successfully imported new spkm context.\n");
142 return 0; 143 return 0;
143 144
144out_err_free_intg_key: 145out_err_free_intg_key:
@@ -183,7 +184,7 @@ gss_verify_mic_spkm3(struct gss_ctx *ctx,
183 184
184 maj_stat = spkm3_read_token(sctx, checksum, signbuf, SPKM_MIC_TOK); 185 maj_stat = spkm3_read_token(sctx, checksum, signbuf, SPKM_MIC_TOK);
185 186
186 dprintk("RPC: gss_verify_mic_spkm3 returning %d\n", maj_stat); 187 dprintk("RPC: gss_verify_mic_spkm3 returning %d\n", maj_stat);
187 return maj_stat; 188 return maj_stat;
188} 189}
189 190
@@ -197,7 +198,7 @@ gss_get_mic_spkm3(struct gss_ctx *ctx,
197 198
198 err = spkm3_make_token(sctx, message_buffer, 199 err = spkm3_make_token(sctx, message_buffer,
199 message_token, SPKM_MIC_TOK); 200 message_token, SPKM_MIC_TOK);
200 dprintk("RPC: gss_get_mic_spkm3 returning %d\n", err); 201 dprintk("RPC: gss_get_mic_spkm3 returning %d\n", err);
201 return err; 202 return err;
202} 203}
203 204
diff --git a/net/sunrpc/auth_gss/gss_spkm3_seal.c b/net/sunrpc/auth_gss/gss_spkm3_seal.c
index b179d58c6249..104cbf4f769f 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_seal.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_seal.c
@@ -75,20 +75,21 @@ spkm3_make_token(struct spkm3_ctx *ctx,
75 now = jiffies; 75 now = jiffies;
76 76
77 if (ctx->ctx_id.len != 16) { 77 if (ctx->ctx_id.len != 16) {
78 dprintk("RPC: spkm3_make_token BAD ctx_id.len %d\n", 78 dprintk("RPC: spkm3_make_token BAD ctx_id.len %d\n",
79 ctx->ctx_id.len); 79 ctx->ctx_id.len);
80 goto out_err; 80 goto out_err;
81 } 81 }
82 82
83 if (!g_OID_equal(&ctx->intg_alg, &hmac_md5_oid)) { 83 if (!g_OID_equal(&ctx->intg_alg, &hmac_md5_oid)) {
84 dprintk("RPC: gss_spkm3_seal: unsupported I-ALG algorithm." 84 dprintk("RPC: gss_spkm3_seal: unsupported I-ALG "
85 "only support hmac-md5 I-ALG.\n"); 85 "algorithm. only support hmac-md5 I-ALG.\n");
86 goto out_err; 86 goto out_err;
87 } else 87 } else
88 checksum_type = CKSUMTYPE_HMAC_MD5; 88 checksum_type = CKSUMTYPE_HMAC_MD5;
89 89
90 if (!g_OID_equal(&ctx->conf_alg, &cast5_cbc_oid)) { 90 if (!g_OID_equal(&ctx->conf_alg, &cast5_cbc_oid)) {
91 dprintk("RPC: gss_spkm3_seal: unsupported C-ALG algorithm\n"); 91 dprintk("RPC: gss_spkm3_seal: unsupported C-ALG "
92 "algorithm\n");
92 goto out_err; 93 goto out_err;
93 } 94 }
94 95
@@ -113,7 +114,8 @@ spkm3_make_token(struct spkm3_ctx *ctx,
113 114
114 spkm3_make_mic_token(&ptr, tokenlen, &mic_hdr, &md5cksum, md5elen, md5zbit); 115 spkm3_make_mic_token(&ptr, tokenlen, &mic_hdr, &md5cksum, md5elen, md5zbit);
115 } else if (toktype == SPKM_WRAP_TOK) { /* Not Supported */ 116 } else if (toktype == SPKM_WRAP_TOK) { /* Not Supported */
116 dprintk("RPC: gss_spkm3_seal: SPKM_WRAP_TOK not supported\n"); 117 dprintk("RPC: gss_spkm3_seal: SPKM_WRAP_TOK "
118 "not supported\n");
117 goto out_err; 119 goto out_err;
118 } 120 }
119 121
@@ -153,7 +155,7 @@ make_spkm3_checksum(s32 cksumtype, struct xdr_netobj *key, char *header,
153 cksumname = "md5"; 155 cksumname = "md5";
154 break; 156 break;
155 default: 157 default:
156 dprintk("RPC: spkm3_make_checksum:" 158 dprintk("RPC: spkm3_make_checksum:"
157 " unsupported checksum %d", cksumtype); 159 " unsupported checksum %d", cksumtype);
158 return GSS_S_FAILURE; 160 return GSS_S_FAILURE;
159 } 161 }
diff --git a/net/sunrpc/auth_gss/gss_spkm3_token.c b/net/sunrpc/auth_gss/gss_spkm3_token.c
index 35188b6ea8f7..156413ae6caf 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_token.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_token.c
@@ -209,7 +209,7 @@ spkm3_verify_mic_token(unsigned char **tokp, int *mic_hdrlen, unsigned char **ck
209 209
210 /* spkm3 innercontext token preamble */ 210 /* spkm3 innercontext token preamble */
211 if ((ptr[0] != 0xa4) || (ptr[2] != 0x30)) { 211 if ((ptr[0] != 0xa4) || (ptr[2] != 0x30)) {
212 dprintk("RPC: BAD SPKM ictoken preamble\n"); 212 dprintk("RPC: BAD SPKM ictoken preamble\n");
213 goto out; 213 goto out;
214 } 214 }
215 215
@@ -217,25 +217,25 @@ spkm3_verify_mic_token(unsigned char **tokp, int *mic_hdrlen, unsigned char **ck
217 217
218 /* token type */ 218 /* token type */
219 if ((ptr[4] != 0x02) || (ptr[5] != 0x02)) { 219 if ((ptr[4] != 0x02) || (ptr[5] != 0x02)) {
220 dprintk("RPC: BAD asn1 SPKM3 token type\n"); 220 dprintk("RPC: BAD asn1 SPKM3 token type\n");
221 goto out; 221 goto out;
222 } 222 }
223 223
224 /* only support SPKM_MIC_TOK */ 224 /* only support SPKM_MIC_TOK */
225 if((ptr[6] != 0x01) || (ptr[7] != 0x01)) { 225 if((ptr[6] != 0x01) || (ptr[7] != 0x01)) {
226 dprintk("RPC: ERROR unsupported SPKM3 token \n"); 226 dprintk("RPC: ERROR unsupported SPKM3 token \n");
227 goto out; 227 goto out;
228 } 228 }
229 229
230 /* contextid */ 230 /* contextid */
231 if (ptr[8] != 0x03) { 231 if (ptr[8] != 0x03) {
232 dprintk("RPC: BAD SPKM3 asn1 context-id type\n"); 232 dprintk("RPC: BAD SPKM3 asn1 context-id type\n");
233 goto out; 233 goto out;
234 } 234 }
235 235
236 ctxelen = ptr[9]; 236 ctxelen = ptr[9];
237 if (ctxelen > 17) { /* length includes asn1 zbit octet */ 237 if (ctxelen > 17) { /* length includes asn1 zbit octet */
238 dprintk("RPC: BAD SPKM3 contextid len %d\n", ctxelen); 238 dprintk("RPC: BAD SPKM3 contextid len %d\n", ctxelen);
239 goto out; 239 goto out;
240 } 240 }
241 241
@@ -251,7 +251,9 @@ spkm3_verify_mic_token(unsigned char **tokp, int *mic_hdrlen, unsigned char **ck
251 */ 251 */
252 252
253 if (*mic_hdrlen != 6 + ctxelen) { 253 if (*mic_hdrlen != 6 + ctxelen) {
254 dprintk("RPC: BAD SPKM_ MIC_TOK header len %d: we only support default int-alg (should be absent) and do not support snd-seq\n", *mic_hdrlen); 254 dprintk("RPC: BAD SPKM_ MIC_TOK header len %d: we only "
255 "support default int-alg (should be absent) "
256 "and do not support snd-seq\n", *mic_hdrlen);
255 goto out; 257 goto out;
256 } 258 }
257 /* checksum */ 259 /* checksum */
diff --git a/net/sunrpc/auth_gss/gss_spkm3_unseal.c b/net/sunrpc/auth_gss/gss_spkm3_unseal.c
index e54581ca7570..ac1ad6b1dc4a 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_unseal.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_unseal.c
@@ -72,7 +72,7 @@ spkm3_read_token(struct spkm3_ctx *ctx,
72 /* decode the token */ 72 /* decode the token */
73 73
74 if (toktype != SPKM_MIC_TOK) { 74 if (toktype != SPKM_MIC_TOK) {
75 dprintk("RPC: BAD SPKM3 token type: %d\n", toktype); 75 dprintk("RPC: BAD SPKM3 token type: %d\n", toktype);
76 goto out; 76 goto out;
77 } 77 }
78 78
@@ -80,7 +80,7 @@ spkm3_read_token(struct spkm3_ctx *ctx,
80 goto out; 80 goto out;
81 81
82 if (*cksum++ != 0x03) { 82 if (*cksum++ != 0x03) {
83 dprintk("RPC: spkm3_read_token BAD checksum type\n"); 83 dprintk("RPC: spkm3_read_token BAD checksum type\n");
84 goto out; 84 goto out;
85 } 85 }
86 md5elen = *cksum++; 86 md5elen = *cksum++;
@@ -97,7 +97,8 @@ spkm3_read_token(struct spkm3_ctx *ctx,
97 */ 97 */
98 ret = GSS_S_DEFECTIVE_TOKEN; 98 ret = GSS_S_DEFECTIVE_TOKEN;
99 if (!g_OID_equal(&ctx->intg_alg, &hmac_md5_oid)) { 99 if (!g_OID_equal(&ctx->intg_alg, &hmac_md5_oid)) {
100 dprintk("RPC: gss_spkm3_seal: unsupported I-ALG algorithm\n"); 100 dprintk("RPC: gss_spkm3_seal: unsupported I-ALG "
101 "algorithm\n");
101 goto out; 102 goto out;
102 } 103 }
103 104
@@ -113,7 +114,7 @@ spkm3_read_token(struct spkm3_ctx *ctx,
113 ret = GSS_S_BAD_SIG; 114 ret = GSS_S_BAD_SIG;
114 code = memcmp(md5cksum.data, wire_cksum.data, wire_cksum.len); 115 code = memcmp(md5cksum.data, wire_cksum.data, wire_cksum.len);
115 if (code) { 116 if (code) {
116 dprintk("RPC: bad MIC checksum\n"); 117 dprintk("RPC: bad MIC checksum\n");
117 goto out; 118 goto out;
118 } 119 }
119 120
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index 066c64a97fd8..8944cabcde56 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -669,14 +669,14 @@ gss_verify_header(struct svc_rqst *rqstp, struct rsc *rsci,
669 } 669 }
670 670
671 if (gc->gc_seq > MAXSEQ) { 671 if (gc->gc_seq > MAXSEQ) {
672 dprintk("RPC: svcauth_gss: discarding request with large sequence number %d\n", 672 dprintk("RPC: svcauth_gss: discarding request with "
673 gc->gc_seq); 673 "large sequence number %d\n", gc->gc_seq);
674 *authp = rpcsec_gsserr_ctxproblem; 674 *authp = rpcsec_gsserr_ctxproblem;
675 return SVC_DENIED; 675 return SVC_DENIED;
676 } 676 }
677 if (!gss_check_seq_num(rsci, gc->gc_seq)) { 677 if (!gss_check_seq_num(rsci, gc->gc_seq)) {
678 dprintk("RPC: svcauth_gss: discarding request with old sequence number %d\n", 678 dprintk("RPC: svcauth_gss: discarding request with "
679 gc->gc_seq); 679 "old sequence number %d\n", gc->gc_seq);
680 return SVC_DROP; 680 return SVC_DROP;
681 } 681 }
682 return SVC_OK; 682 return SVC_OK;
@@ -958,7 +958,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp)
958 __be32 *reject_stat = resv->iov_base + resv->iov_len; 958 __be32 *reject_stat = resv->iov_base + resv->iov_len;
959 int ret; 959 int ret;
960 960
961 dprintk("RPC: svcauth_gss: argv->iov_len = %zd\n",argv->iov_len); 961 dprintk("RPC: svcauth_gss: argv->iov_len = %zd\n",
962 argv->iov_len);
962 963
963 *authp = rpc_autherr_badcred; 964 *authp = rpc_autherr_badcred;
964 if (!svcdata) 965 if (!svcdata)