aboutsummaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss
diff options
context:
space:
mode:
Diffstat (limited to 'net/sunrpc/auth_gss')
-rw-r--r--net/sunrpc/auth_gss/auth_gss.c20
-rw-r--r--net/sunrpc/auth_gss/gss_generic_token.c10
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_crypto.c2
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_seqnum.c4
-rw-r--r--net/sunrpc/auth_gss/gss_mech_switch.c4
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_token.c46
-rw-r--r--net/sunrpc/auth_gss/gss_spkm3_unseal.c2
-rw-r--r--net/sunrpc/auth_gss/svcauth_gss.c6
8 files changed, 47 insertions, 47 deletions
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index 2fe8e91f5bc1..4e4ccc5b6fea 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -2,7 +2,7 @@
2 * linux/net/sunrpc/auth_gss/auth_gss.c 2 * linux/net/sunrpc/auth_gss/auth_gss.c
3 * 3 *
4 * RPCSEC_GSS client authentication. 4 * RPCSEC_GSS client authentication.
5 * 5 *
6 * Copyright (c) 2000 The Regents of the University of Michigan. 6 * Copyright (c) 2000 The Regents of the University of Michigan.
7 * All rights reserved. 7 * All rights reserved.
8 * 8 *
@@ -74,7 +74,7 @@ static struct rpc_credops gss_credops;
74* as it is passed to gssd to signal the use of 74* as it is passed to gssd to signal the use of
75* machine creds should be part of the shared rpc interface */ 75* machine creds should be part of the shared rpc interface */
76 76
77#define CA_RUN_AS_MACHINE 0x00000200 77#define CA_RUN_AS_MACHINE 0x00000200
78 78
79/* dump the buffer in `emacs-hexl' style */ 79/* dump the buffer in `emacs-hexl' style */
80#define isprint(c) ((c > 0x1f) && (c < 0x7f)) 80#define isprint(c) ((c > 0x1f) && (c < 0x7f))
@@ -609,8 +609,8 @@ gss_pipe_destroy_msg(struct rpc_pipe_msg *msg)
609 } 609 }
610} 610}
611 611
612/* 612/*
613 * NOTE: we have the opportunity to use different 613 * NOTE: we have the opportunity to use different
614 * parameters based on the input flavor (which must be a pseudoflavor) 614 * parameters based on the input flavor (which must be a pseudoflavor)
615 */ 615 */
616static struct rpc_auth * 616static struct rpc_auth *
@@ -871,7 +871,7 @@ gss_validate(struct rpc_task *task, __be32 *p)
871 871
872 flav = ntohl(*p++); 872 flav = ntohl(*p++);
873 if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE) 873 if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE)
874 goto out_bad; 874 goto out_bad;
875 if (flav != RPC_AUTH_GSS) 875 if (flav != RPC_AUTH_GSS)
876 goto out_bad; 876 goto out_bad;
877 seq = htonl(task->tk_rqstp->rq_seqno); 877 seq = htonl(task->tk_rqstp->rq_seqno);
@@ -927,7 +927,7 @@ gss_wrap_req_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
927 *integ_len = htonl(integ_buf.len); 927 *integ_len = htonl(integ_buf.len);
928 928
929 /* guess whether we're in the head or the tail: */ 929 /* guess whether we're in the head or the tail: */
930 if (snd_buf->page_len || snd_buf->tail[0].iov_len) 930 if (snd_buf->page_len || snd_buf->tail[0].iov_len)
931 iov = snd_buf->tail; 931 iov = snd_buf->tail;
932 else 932 else
933 iov = snd_buf->head; 933 iov = snd_buf->head;
@@ -1032,7 +1032,7 @@ gss_wrap_req_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1032 maj_stat = gss_wrap(ctx->gc_gss_ctx, offset, snd_buf, inpages); 1032 maj_stat = gss_wrap(ctx->gc_gss_ctx, offset, snd_buf, inpages);
1033 /* RPC_SLACK_SPACE should prevent this ever happening: */ 1033 /* RPC_SLACK_SPACE should prevent this ever happening: */
1034 BUG_ON(snd_buf->len > snd_buf->buflen); 1034 BUG_ON(snd_buf->len > snd_buf->buflen);
1035 status = -EIO; 1035 status = -EIO;
1036 /* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was 1036 /* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was
1037 * done anyway, so it's safe to put the request on the wire: */ 1037 * done anyway, so it's safe to put the request on the wire: */
1038 if (maj_stat == GSS_S_CONTEXT_EXPIRED) 1038 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
@@ -1081,7 +1081,7 @@ gss_wrap_req(struct rpc_task *task,
1081 status = gss_wrap_req_integ(cred, ctx, encode, 1081 status = gss_wrap_req_integ(cred, ctx, encode,
1082 rqstp, p, obj); 1082 rqstp, p, obj);
1083 break; 1083 break;
1084 case RPC_GSS_SVC_PRIVACY: 1084 case RPC_GSS_SVC_PRIVACY:
1085 status = gss_wrap_req_priv(cred, ctx, encode, 1085 status = gss_wrap_req_priv(cred, ctx, encode,
1086 rqstp, p, obj); 1086 rqstp, p, obj);
1087 break; 1087 break;
@@ -1181,7 +1181,7 @@ gss_unwrap_resp(struct rpc_task *task,
1181 if (status) 1181 if (status)
1182 goto out; 1182 goto out;
1183 break; 1183 break;
1184 case RPC_GSS_SVC_PRIVACY: 1184 case RPC_GSS_SVC_PRIVACY:
1185 status = gss_unwrap_resp_priv(cred, ctx, rqstp, &p); 1185 status = gss_unwrap_resp_priv(cred, ctx, rqstp, &p);
1186 if (status) 1186 if (status)
1187 goto out; 1187 goto out;
@@ -1198,7 +1198,7 @@ out:
1198 status); 1198 status);
1199 return status; 1199 return status;
1200} 1200}
1201 1201
1202static struct rpc_authops authgss_ops = { 1202static struct rpc_authops authgss_ops = {
1203 .owner = THIS_MODULE, 1203 .owner = THIS_MODULE,
1204 .au_flavor = RPC_AUTH_GSS, 1204 .au_flavor = RPC_AUTH_GSS,
diff --git a/net/sunrpc/auth_gss/gss_generic_token.c b/net/sunrpc/auth_gss/gss_generic_token.c
index 826df44e7fca..ea8c92ecdae5 100644
--- a/net/sunrpc/auth_gss/gss_generic_token.c
+++ b/net/sunrpc/auth_gss/gss_generic_token.c
@@ -11,7 +11,7 @@
11 11
12/* 12/*
13 * Copyright 1993 by OpenVision Technologies, Inc. 13 * Copyright 1993 by OpenVision Technologies, Inc.
14 * 14 *
15 * Permission to use, copy, modify, distribute, and sell this software 15 * Permission to use, copy, modify, distribute, and sell this software
16 * and its documentation for any purpose is hereby granted without fee, 16 * and its documentation for any purpose is hereby granted without fee,
17 * provided that the above copyright notice appears in all copies and 17 * provided that the above copyright notice appears in all copies and
@@ -21,7 +21,7 @@
21 * without specific, written prior permission. OpenVision makes no 21 * without specific, written prior permission. OpenVision makes no
22 * representations about the suitability of this software for any 22 * representations about the suitability of this software for any
23 * purpose. It is provided "as is" without express or implied warranty. 23 * purpose. It is provided "as is" without express or implied warranty.
24 * 24 *
25 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 25 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
26 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 26 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
27 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 27 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
@@ -201,7 +201,7 @@ g_verify_token_header(struct xdr_netobj *mech, int *body_size,
201 return(G_BAD_TOK_HEADER); 201 return(G_BAD_TOK_HEADER);
202 if (*buf++ != 0x06) 202 if (*buf++ != 0x06)
203 return(G_BAD_TOK_HEADER); 203 return(G_BAD_TOK_HEADER);
204 204
205 if ((toksize-=1) < 0) 205 if ((toksize-=1) < 0)
206 return(G_BAD_TOK_HEADER); 206 return(G_BAD_TOK_HEADER);
207 toid.len = *buf++; 207 toid.len = *buf++;
@@ -211,9 +211,9 @@ g_verify_token_header(struct xdr_netobj *mech, int *body_size,
211 toid.data = buf; 211 toid.data = buf;
212 buf+=toid.len; 212 buf+=toid.len;
213 213
214 if (! g_OID_equal(&toid, mech)) 214 if (! g_OID_equal(&toid, mech))
215 ret = G_WRONG_MECH; 215 ret = G_WRONG_MECH;
216 216
217 /* G_WRONG_MECH is not returned immediately because it's more important 217 /* G_WRONG_MECH is not returned immediately because it's more important
218 to return G_BAD_TOK_HEADER if the token header is in fact bad */ 218 to return G_BAD_TOK_HEADER if the token header is in fact bad */
219 219
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index cd64efd5921e..f441aa0b26dc 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -58,7 +58,7 @@ krb5_encrypt(
58 int length) 58 int length)
59{ 59{
60 u32 ret = -EINVAL; 60 u32 ret = -EINVAL;
61 struct scatterlist sg[1]; 61 struct scatterlist sg[1];
62 u8 local_iv[16] = {0}; 62 u8 local_iv[16] = {0};
63 struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv }; 63 struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv };
64 64
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
index 2f0b11257016..43f3421f1e6a 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
@@ -11,7 +11,7 @@
11 11
12/* 12/*
13 * Copyright 1993 by OpenVision Technologies, Inc. 13 * Copyright 1993 by OpenVision Technologies, Inc.
14 * 14 *
15 * Permission to use, copy, modify, distribute, and sell this software 15 * Permission to use, copy, modify, distribute, and sell this software
16 * and its documentation for any purpose is hereby granted without fee, 16 * and its documentation for any purpose is hereby granted without fee,
17 * provided that the above copyright notice appears in all copies and 17 * provided that the above copyright notice appears in all copies and
@@ -21,7 +21,7 @@
21 * without specific, written prior permission. OpenVision makes no 21 * without specific, written prior permission. OpenVision makes no
22 * representations about the suitability of this software for any 22 * representations about the suitability of this software for any
23 * purpose. It is provided "as is" without express or implied warranty. 23 * purpose. It is provided "as is" without express or implied warranty.
24 * 24 *
25 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 25 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
26 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 26 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
27 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 27 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
diff --git a/net/sunrpc/auth_gss/gss_mech_switch.c b/net/sunrpc/auth_gss/gss_mech_switch.c
index c7681db96fb7..26872517ccf3 100644
--- a/net/sunrpc/auth_gss/gss_mech_switch.c
+++ b/net/sunrpc/auth_gss/gss_mech_switch.c
@@ -6,14 +6,14 @@
6 * 6 *
7 * J. Bruce Fields <bfields@umich.edu> 7 * J. Bruce Fields <bfields@umich.edu>
8 * 8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 12 *
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the 16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution. 17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its 18 * 3. Neither the name of the University nor the names of its
19 * contributors may be used to endorse or promote products derived 19 * contributors may be used to endorse or promote products derived
diff --git a/net/sunrpc/auth_gss/gss_spkm3_token.c b/net/sunrpc/auth_gss/gss_spkm3_token.c
index 156413ae6caf..6cdd241ad267 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_token.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_token.c
@@ -59,7 +59,7 @@ asn1_bitstring_len(struct xdr_netobj *in, int *enclen, int *zerobits)
59 59
60 /* count trailing 0's */ 60 /* count trailing 0's */
61 for(i = in->len; i > 0; i--) { 61 for(i = in->len; i > 0; i--) {
62 if (*ptr == 0) { 62 if (*ptr == 0) {
63 ptr--; 63 ptr--;
64 elen--; 64 elen--;
65 } else 65 } else
@@ -82,7 +82,7 @@ asn1_bitstring_len(struct xdr_netobj *in, int *enclen, int *zerobits)
82 82
83/* 83/*
84 * decode_asn1_bitstring() 84 * decode_asn1_bitstring()
85 * 85 *
86 * decode a bitstring into a buffer of the expected length. 86 * decode a bitstring into a buffer of the expected length.
87 * enclen = bit string length 87 * enclen = bit string length
88 * explen = expected length (define in rfc) 88 * explen = expected length (define in rfc)
@@ -97,9 +97,9 @@ decode_asn1_bitstring(struct xdr_netobj *out, char *in, int enclen, int explen)
97 return 1; 97 return 1;
98} 98}
99 99
100/* 100/*
101 * SPKMInnerContextToken choice SPKM_MIC asn1 token layout 101 * SPKMInnerContextToken choice SPKM_MIC asn1 token layout
102 * 102 *
103 * contextid is always 16 bytes plain data. max asn1 bitstring len = 17. 103 * contextid is always 16 bytes plain data. max asn1 bitstring len = 17.
104 * 104 *
105 * tokenlen = pos[0] to end of token (max pos[45] with MD5 cksum) 105 * tokenlen = pos[0] to end of token (max pos[45] with MD5 cksum)
@@ -107,21 +107,21 @@ decode_asn1_bitstring(struct xdr_netobj *out, char *in, int enclen, int explen)
107 * pos value 107 * pos value
108 * ---------- 108 * ----------
109 * [0] a4 SPKM-MIC tag 109 * [0] a4 SPKM-MIC tag
110 * [1] ?? innertoken length (max 44) 110 * [1] ?? innertoken length (max 44)
111 * 111 *
112 * 112 *
113 * tok_hdr piece of checksum data starts here 113 * tok_hdr piece of checksum data starts here
114 * 114 *
115 * the maximum mic-header len = 9 + 17 = 26 115 * the maximum mic-header len = 9 + 17 = 26
116 * mic-header 116 * mic-header
117 * ---------- 117 * ----------
118 * [2] 30 SEQUENCE tag 118 * [2] 30 SEQUENCE tag
119 * [3] ?? mic-header length: (max 23) = TokenID + ContextID 119 * [3] ?? mic-header length: (max 23) = TokenID + ContextID
120 * 120 *
121 * TokenID - all fields constant and can be hardcoded 121 * TokenID - all fields constant and can be hardcoded
122 * ------- 122 * -------
123 * [4] 02 Type 2 123 * [4] 02 Type 2
124 * [5] 02 Length 2 124 * [5] 02 Length 2
125 * [6][7] 01 01 TokenID (SPKM_MIC_TOK) 125 * [6][7] 01 01 TokenID (SPKM_MIC_TOK)
126 * 126 *
127 * ContextID - encoded length not constant, calculated 127 * ContextID - encoded length not constant, calculated
@@ -131,17 +131,17 @@ decode_asn1_bitstring(struct xdr_netobj *out, char *in, int enclen, int explen)
131 * [10] ?? ctxzbit 131 * [10] ?? ctxzbit
132 * [11] contextid 132 * [11] contextid
133 * 133 *
134 * mic_header piece of checksum data ends here. 134 * mic_header piece of checksum data ends here.
135 * 135 *
136 * int-cksum - encoded length not constant, calculated 136 * int-cksum - encoded length not constant, calculated
137 * --------- 137 * ---------
138 * [??] 03 Type 3 138 * [??] 03 Type 3
139 * [??] ?? encoded length 139 * [??] ?? encoded length
140 * [??] ?? md5zbit 140 * [??] ?? md5zbit
141 * [??] int-cksum (NID_md5 = 16) 141 * [??] int-cksum (NID_md5 = 16)
142 * 142 *
143 * maximum SPKM-MIC innercontext token length = 143 * maximum SPKM-MIC innercontext token length =
144 * 10 + encoded contextid_size(17 max) + 2 + encoded 144 * 10 + encoded contextid_size(17 max) + 2 + encoded
145 * cksum_size (17 maxfor NID_md5) = 46 145 * cksum_size (17 maxfor NID_md5) = 46
146 */ 146 */
147 147
@@ -178,8 +178,8 @@ spkm3_mic_header(unsigned char **hdrbuf, unsigned int *hdrlen, unsigned char *ct
178/* 178/*
179 * spkm3_mic_innercontext_token() 179 * spkm3_mic_innercontext_token()
180 * 180 *
181 * *tokp points to the beginning of the SPKM_MIC token described 181 * *tokp points to the beginning of the SPKM_MIC token described
182 * in rfc 2025, section 3.2.1: 182 * in rfc 2025, section 3.2.1:
183 * 183 *
184 * toklen is the inner token length 184 * toklen is the inner token length
185 */ 185 */
@@ -245,9 +245,9 @@ spkm3_verify_mic_token(unsigned char **tokp, int *mic_hdrlen, unsigned char **ck
245 goto out; 245 goto out;
246 246
247 /* 247 /*
248 * in the current implementation: the optional int-alg is not present 248 * in the current implementation: the optional int-alg is not present
249 * so the default int-alg (md5) is used the optional snd-seq field is 249 * so the default int-alg (md5) is used the optional snd-seq field is
250 * also not present 250 * also not present
251 */ 251 */
252 252
253 if (*mic_hdrlen != 6 + ctxelen) { 253 if (*mic_hdrlen != 6 + ctxelen) {
@@ -257,7 +257,7 @@ spkm3_verify_mic_token(unsigned char **tokp, int *mic_hdrlen, unsigned char **ck
257 goto out; 257 goto out;
258 } 258 }
259 /* checksum */ 259 /* checksum */
260 *cksum = (&ptr[10] + ctxelen); /* ctxelen includes ptr[10] */ 260 *cksum = (&ptr[10] + ctxelen); /* ctxelen includes ptr[10] */
261 261
262 ret = GSS_S_COMPLETE; 262 ret = GSS_S_COMPLETE;
263out: 263out:
diff --git a/net/sunrpc/auth_gss/gss_spkm3_unseal.c b/net/sunrpc/auth_gss/gss_spkm3_unseal.c
index ac1ad6b1dc4a..cc21ee860bb6 100644
--- a/net/sunrpc/auth_gss/gss_spkm3_unseal.c
+++ b/net/sunrpc/auth_gss/gss_spkm3_unseal.c
@@ -45,7 +45,7 @@
45 45
46/* 46/*
47 * spkm3_read_token() 47 * spkm3_read_token()
48 * 48 *
49 * only SPKM_MIC_TOK with md5 intg-alg is supported 49 * only SPKM_MIC_TOK with md5 intg-alg is supported
50 */ 50 */
51u32 51u32
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index 8944cabcde56..db298b501c81 100644
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -172,8 +172,8 @@ static struct cache_head *rsi_alloc(void)
172} 172}
173 173
174static void rsi_request(struct cache_detail *cd, 174static void rsi_request(struct cache_detail *cd,
175 struct cache_head *h, 175 struct cache_head *h,
176 char **bpp, int *blen) 176 char **bpp, int *blen)
177{ 177{
178 struct rsi *rsii = container_of(h, struct rsi, h); 178 struct rsi *rsii = container_of(h, struct rsi, h);
179 179
@@ -184,7 +184,7 @@ static void rsi_request(struct cache_detail *cd,
184 184
185 185
186static int rsi_parse(struct cache_detail *cd, 186static int rsi_parse(struct cache_detail *cd,
187 char *mesg, int mlen) 187 char *mesg, int mlen)
188{ 188{
189 /* context token expiry major minor context token */ 189 /* context token expiry major minor context token */
190 char *buf = mesg; 190 char *buf = mesg;