diff options
Diffstat (limited to 'net/sunrpc/auth_gss/auth_gss.c')
| -rw-r--r-- | net/sunrpc/auth_gss/auth_gss.c | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index 5e4872058ec7..f44f46f1d8e0 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c | |||
| @@ -854,9 +854,7 @@ gss_marshal(struct rpc_task *task, u32 *p) | |||
| 854 | *p++ = htonl(RPC_AUTH_GSS); | 854 | *p++ = htonl(RPC_AUTH_GSS); |
| 855 | 855 | ||
| 856 | mic.data = (u8 *)(p + 1); | 856 | mic.data = (u8 *)(p + 1); |
| 857 | maj_stat = gss_get_mic(ctx->gc_gss_ctx, | 857 | maj_stat = gss_get_mic(ctx->gc_gss_ctx, &verf_buf, &mic); |
| 858 | GSS_C_QOP_DEFAULT, | ||
| 859 | &verf_buf, &mic); | ||
| 860 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) { | 858 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) { |
| 861 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; | 859 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; |
| 862 | } else if (maj_stat != 0) { | 860 | } else if (maj_stat != 0) { |
| @@ -888,7 +886,7 @@ gss_validate(struct rpc_task *task, u32 *p) | |||
| 888 | { | 886 | { |
| 889 | struct rpc_cred *cred = task->tk_msg.rpc_cred; | 887 | struct rpc_cred *cred = task->tk_msg.rpc_cred; |
| 890 | struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred); | 888 | struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred); |
| 891 | u32 seq, qop_state; | 889 | u32 seq; |
| 892 | struct kvec iov; | 890 | struct kvec iov; |
| 893 | struct xdr_buf verf_buf; | 891 | struct xdr_buf verf_buf; |
| 894 | struct xdr_netobj mic; | 892 | struct xdr_netobj mic; |
| @@ -909,7 +907,7 @@ gss_validate(struct rpc_task *task, u32 *p) | |||
| 909 | mic.data = (u8 *)p; | 907 | mic.data = (u8 *)p; |
| 910 | mic.len = len; | 908 | mic.len = len; |
| 911 | 909 | ||
| 912 | maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic, &qop_state); | 910 | maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic); |
| 913 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) | 911 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) |
| 914 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; | 912 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; |
| 915 | if (maj_stat) | 913 | if (maj_stat) |
| @@ -961,8 +959,7 @@ gss_wrap_req_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx, | |||
| 961 | p = iov->iov_base + iov->iov_len; | 959 | p = iov->iov_base + iov->iov_len; |
| 962 | mic.data = (u8 *)(p + 1); | 960 | mic.data = (u8 *)(p + 1); |
| 963 | 961 | ||
| 964 | maj_stat = gss_get_mic(ctx->gc_gss_ctx, | 962 | maj_stat = gss_get_mic(ctx->gc_gss_ctx, &integ_buf, &mic); |
| 965 | GSS_C_QOP_DEFAULT, &integ_buf, &mic); | ||
| 966 | status = -EIO; /* XXX? */ | 963 | status = -EIO; /* XXX? */ |
| 967 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) | 964 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) |
| 968 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; | 965 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; |
| @@ -1057,8 +1054,7 @@ gss_wrap_req_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx, | |||
| 1057 | memcpy(tmp, snd_buf->tail[0].iov_base, snd_buf->tail[0].iov_len); | 1054 | memcpy(tmp, snd_buf->tail[0].iov_base, snd_buf->tail[0].iov_len); |
| 1058 | snd_buf->tail[0].iov_base = tmp; | 1055 | snd_buf->tail[0].iov_base = tmp; |
| 1059 | } | 1056 | } |
| 1060 | maj_stat = gss_wrap(ctx->gc_gss_ctx, GSS_C_QOP_DEFAULT, offset, | 1057 | maj_stat = gss_wrap(ctx->gc_gss_ctx, offset, snd_buf, inpages); |
| 1061 | snd_buf, inpages); | ||
| 1062 | /* RPC_SLACK_SPACE should prevent this ever happening: */ | 1058 | /* RPC_SLACK_SPACE should prevent this ever happening: */ |
| 1063 | BUG_ON(snd_buf->len > snd_buf->buflen); | 1059 | BUG_ON(snd_buf->len > snd_buf->buflen); |
| 1064 | status = -EIO; | 1060 | status = -EIO; |
| @@ -1150,8 +1146,7 @@ gss_unwrap_resp_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx, | |||
| 1150 | if (xdr_buf_read_netobj(rcv_buf, &mic, mic_offset)) | 1146 | if (xdr_buf_read_netobj(rcv_buf, &mic, mic_offset)) |
| 1151 | return status; | 1147 | return status; |
| 1152 | 1148 | ||
| 1153 | maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, | 1149 | maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, &mic); |
| 1154 | &mic, NULL); | ||
| 1155 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) | 1150 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) |
| 1156 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; | 1151 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; |
| 1157 | if (maj_stat != GSS_S_COMPLETE) | 1152 | if (maj_stat != GSS_S_COMPLETE) |
| @@ -1176,8 +1171,7 @@ gss_unwrap_resp_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx, | |||
| 1176 | /* remove padding: */ | 1171 | /* remove padding: */ |
| 1177 | rcv_buf->len = offset + opaque_len; | 1172 | rcv_buf->len = offset + opaque_len; |
| 1178 | 1173 | ||
| 1179 | maj_stat = gss_unwrap(ctx->gc_gss_ctx, NULL, | 1174 | maj_stat = gss_unwrap(ctx->gc_gss_ctx, offset, rcv_buf); |
| 1180 | offset, rcv_buf); | ||
| 1181 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) | 1175 | if (maj_stat == GSS_S_CONTEXT_EXPIRED) |
| 1182 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; | 1176 | cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE; |
| 1183 | if (maj_stat != GSS_S_COMPLETE) | 1177 | if (maj_stat != GSS_S_COMPLETE) |