diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/sunrpc/auth_gss/auth_gss.c | 52 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_crypto.c | 8 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_mech.c | 3 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_seal.c | 2 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_seqnum.c | 2 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_unseal.c | 2 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_wrap.c | 4 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_mech_switch.c | 6 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_spkm3_mech.c | 9 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_spkm3_seal.c | 14 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_spkm3_token.c | 14 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_spkm3_unseal.c | 9 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/svcauth_gss.c | 11 |
13 files changed, 73 insertions, 63 deletions
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index e1a104abb782..2fe8e91f5bc1 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c | |||
@@ -241,7 +241,7 @@ gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, struct | |||
241 | } | 241 | } |
242 | return q; | 242 | return q; |
243 | err: | 243 | err: |
244 | dprintk("RPC: gss_fill_context returning %ld\n", -PTR_ERR(p)); | 244 | dprintk("RPC: gss_fill_context returning %ld\n", -PTR_ERR(p)); |
245 | return p; | 245 | return p; |
246 | } | 246 | } |
247 | 247 | ||
@@ -276,10 +276,10 @@ __gss_find_upcall(struct gss_auth *gss_auth, uid_t uid) | |||
276 | if (pos->uid != uid) | 276 | if (pos->uid != uid) |
277 | continue; | 277 | continue; |
278 | atomic_inc(&pos->count); | 278 | atomic_inc(&pos->count); |
279 | dprintk("RPC: gss_find_upcall found msg %p\n", pos); | 279 | dprintk("RPC: gss_find_upcall found msg %p\n", pos); |
280 | return pos; | 280 | return pos; |
281 | } | 281 | } |
282 | dprintk("RPC: gss_find_upcall found nothing\n"); | 282 | dprintk("RPC: gss_find_upcall found nothing\n"); |
283 | return NULL; | 283 | return NULL; |
284 | } | 284 | } |
285 | 285 | ||
@@ -393,7 +393,8 @@ gss_refresh_upcall(struct rpc_task *task) | |||
393 | struct gss_upcall_msg *gss_msg; | 393 | struct gss_upcall_msg *gss_msg; |
394 | int err = 0; | 394 | int err = 0; |
395 | 395 | ||
396 | dprintk("RPC: %4u gss_refresh_upcall for uid %u\n", task->tk_pid, cred->cr_uid); | 396 | dprintk("RPC: %5u gss_refresh_upcall for uid %u\n", task->tk_pid, |
397 | cred->cr_uid); | ||
397 | gss_msg = gss_setup_upcall(task->tk_client, gss_auth, cred); | 398 | gss_msg = gss_setup_upcall(task->tk_client, gss_auth, cred); |
398 | if (IS_ERR(gss_msg)) { | 399 | if (IS_ERR(gss_msg)) { |
399 | err = PTR_ERR(gss_msg); | 400 | err = PTR_ERR(gss_msg); |
@@ -413,8 +414,8 @@ gss_refresh_upcall(struct rpc_task *task) | |||
413 | spin_unlock(&gss_auth->lock); | 414 | spin_unlock(&gss_auth->lock); |
414 | gss_release_msg(gss_msg); | 415 | gss_release_msg(gss_msg); |
415 | out: | 416 | out: |
416 | dprintk("RPC: %4u gss_refresh_upcall for uid %u result %d\n", task->tk_pid, | 417 | dprintk("RPC: %5u gss_refresh_upcall for uid %u result %d\n", |
417 | cred->cr_uid, err); | 418 | task->tk_pid, cred->cr_uid, err); |
418 | return err; | 419 | return err; |
419 | } | 420 | } |
420 | 421 | ||
@@ -426,7 +427,7 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred) | |||
426 | DEFINE_WAIT(wait); | 427 | DEFINE_WAIT(wait); |
427 | int err = 0; | 428 | int err = 0; |
428 | 429 | ||
429 | dprintk("RPC: gss_upcall for uid %u\n", cred->cr_uid); | 430 | dprintk("RPC: gss_upcall for uid %u\n", cred->cr_uid); |
430 | gss_msg = gss_setup_upcall(gss_auth->client, gss_auth, cred); | 431 | gss_msg = gss_setup_upcall(gss_auth->client, gss_auth, cred); |
431 | if (IS_ERR(gss_msg)) { | 432 | if (IS_ERR(gss_msg)) { |
432 | err = PTR_ERR(gss_msg); | 433 | err = PTR_ERR(gss_msg); |
@@ -454,7 +455,8 @@ out_intr: | |||
454 | finish_wait(&gss_msg->waitqueue, &wait); | 455 | finish_wait(&gss_msg->waitqueue, &wait); |
455 | gss_release_msg(gss_msg); | 456 | gss_release_msg(gss_msg); |
456 | out: | 457 | out: |
457 | dprintk("RPC: gss_create_upcall for uid %u result %d\n", cred->cr_uid, err); | 458 | dprintk("RPC: gss_create_upcall for uid %u result %d\n", |
459 | cred->cr_uid, err); | ||
458 | return err; | 460 | return err; |
459 | } | 461 | } |
460 | 462 | ||
@@ -546,14 +548,14 @@ gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen) | |||
546 | } | 548 | } |
547 | gss_put_ctx(ctx); | 549 | gss_put_ctx(ctx); |
548 | kfree(buf); | 550 | kfree(buf); |
549 | dprintk("RPC: gss_pipe_downcall returning length %Zu\n", mlen); | 551 | dprintk("RPC: gss_pipe_downcall returning length %Zu\n", mlen); |
550 | return mlen; | 552 | return mlen; |
551 | err_put_ctx: | 553 | err_put_ctx: |
552 | gss_put_ctx(ctx); | 554 | gss_put_ctx(ctx); |
553 | err: | 555 | err: |
554 | kfree(buf); | 556 | kfree(buf); |
555 | out: | 557 | out: |
556 | dprintk("RPC: gss_pipe_downcall returning %d\n", err); | 558 | dprintk("RPC: gss_pipe_downcall returning %d\n", err); |
557 | return err; | 559 | return err; |
558 | } | 560 | } |
559 | 561 | ||
@@ -591,7 +593,7 @@ gss_pipe_destroy_msg(struct rpc_pipe_msg *msg) | |||
591 | static unsigned long ratelimit; | 593 | static unsigned long ratelimit; |
592 | 594 | ||
593 | if (msg->errno < 0) { | 595 | if (msg->errno < 0) { |
594 | dprintk("RPC: gss_pipe_destroy_msg releasing msg %p\n", | 596 | dprintk("RPC: gss_pipe_destroy_msg releasing msg %p\n", |
595 | gss_msg); | 597 | gss_msg); |
596 | atomic_inc(&gss_msg->count); | 598 | atomic_inc(&gss_msg->count); |
597 | gss_unhash_msg(gss_msg); | 599 | gss_unhash_msg(gss_msg); |
@@ -618,7 +620,7 @@ gss_create(struct rpc_clnt *clnt, rpc_authflavor_t flavor) | |||
618 | struct rpc_auth * auth; | 620 | struct rpc_auth * auth; |
619 | int err = -ENOMEM; /* XXX? */ | 621 | int err = -ENOMEM; /* XXX? */ |
620 | 622 | ||
621 | dprintk("RPC: creating GSS authenticator for client %p\n",clnt); | 623 | dprintk("RPC: creating GSS authenticator for client %p\n", clnt); |
622 | 624 | ||
623 | if (!try_module_get(THIS_MODULE)) | 625 | if (!try_module_get(THIS_MODULE)) |
624 | return ERR_PTR(err); | 626 | return ERR_PTR(err); |
@@ -670,8 +672,8 @@ gss_destroy(struct rpc_auth *auth) | |||
670 | { | 672 | { |
671 | struct gss_auth *gss_auth; | 673 | struct gss_auth *gss_auth; |
672 | 674 | ||
673 | dprintk("RPC: destroying GSS authenticator %p flavor %d\n", | 675 | dprintk("RPC: destroying GSS authenticator %p flavor %d\n", |
674 | auth, auth->au_flavor); | 676 | auth, auth->au_flavor); |
675 | 677 | ||
676 | gss_auth = container_of(auth, struct gss_auth, rpc_auth); | 678 | gss_auth = container_of(auth, struct gss_auth, rpc_auth); |
677 | rpc_unlink(gss_auth->dentry); | 679 | rpc_unlink(gss_auth->dentry); |
@@ -689,7 +691,7 @@ gss_destroy(struct rpc_auth *auth) | |||
689 | static void | 691 | static void |
690 | gss_destroy_ctx(struct gss_cl_ctx *ctx) | 692 | gss_destroy_ctx(struct gss_cl_ctx *ctx) |
691 | { | 693 | { |
692 | dprintk("RPC: gss_destroy_ctx\n"); | 694 | dprintk("RPC: gss_destroy_ctx\n"); |
693 | 695 | ||
694 | if (ctx->gc_gss_ctx) | 696 | if (ctx->gc_gss_ctx) |
695 | gss_delete_sec_context(&ctx->gc_gss_ctx); | 697 | gss_delete_sec_context(&ctx->gc_gss_ctx); |
@@ -703,7 +705,7 @@ gss_destroy_cred(struct rpc_cred *rc) | |||
703 | { | 705 | { |
704 | struct gss_cred *cred = container_of(rc, struct gss_cred, gc_base); | 706 | struct gss_cred *cred = container_of(rc, struct gss_cred, gc_base); |
705 | 707 | ||
706 | dprintk("RPC: gss_destroy_cred \n"); | 708 | dprintk("RPC: gss_destroy_cred \n"); |
707 | 709 | ||
708 | if (cred->gc_ctx) | 710 | if (cred->gc_ctx) |
709 | gss_put_ctx(cred->gc_ctx); | 711 | gss_put_ctx(cred->gc_ctx); |
@@ -726,7 +728,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) | |||
726 | struct gss_cred *cred = NULL; | 728 | struct gss_cred *cred = NULL; |
727 | int err = -ENOMEM; | 729 | int err = -ENOMEM; |
728 | 730 | ||
729 | dprintk("RPC: gss_create_cred for uid %d, flavor %d\n", | 731 | dprintk("RPC: gss_create_cred for uid %d, flavor %d\n", |
730 | acred->uid, auth->au_flavor); | 732 | acred->uid, auth->au_flavor); |
731 | 733 | ||
732 | if (!(cred = kzalloc(sizeof(*cred), GFP_KERNEL))) | 734 | if (!(cred = kzalloc(sizeof(*cred), GFP_KERNEL))) |
@@ -745,7 +747,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) | |||
745 | return &cred->gc_base; | 747 | return &cred->gc_base; |
746 | 748 | ||
747 | out_err: | 749 | out_err: |
748 | dprintk("RPC: gss_create_cred failed with error %d\n", err); | 750 | dprintk("RPC: gss_create_cred failed with error %d\n", err); |
749 | return ERR_PTR(err); | 751 | return ERR_PTR(err); |
750 | } | 752 | } |
751 | 753 | ||
@@ -799,7 +801,7 @@ gss_marshal(struct rpc_task *task, __be32 *p) | |||
799 | struct kvec iov; | 801 | struct kvec iov; |
800 | struct xdr_buf verf_buf; | 802 | struct xdr_buf verf_buf; |
801 | 803 | ||
802 | dprintk("RPC: %4u gss_marshal\n", task->tk_pid); | 804 | dprintk("RPC: %5u gss_marshal\n", task->tk_pid); |
803 | 805 | ||
804 | *p++ = htonl(RPC_AUTH_GSS); | 806 | *p++ = htonl(RPC_AUTH_GSS); |
805 | cred_len = p++; | 807 | cred_len = p++; |
@@ -865,7 +867,7 @@ gss_validate(struct rpc_task *task, __be32 *p) | |||
865 | u32 flav,len; | 867 | u32 flav,len; |
866 | u32 maj_stat; | 868 | u32 maj_stat; |
867 | 869 | ||
868 | dprintk("RPC: %4u gss_validate\n", task->tk_pid); | 870 | dprintk("RPC: %5u gss_validate\n", task->tk_pid); |
869 | 871 | ||
870 | flav = ntohl(*p++); | 872 | flav = ntohl(*p++); |
871 | if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE) | 873 | if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE) |
@@ -888,12 +890,12 @@ gss_validate(struct rpc_task *task, __be32 *p) | |||
888 | * calculate the length of the verifier: */ | 890 | * calculate the length of the verifier: */ |
889 | task->tk_auth->au_verfsize = XDR_QUADLEN(len) + 2; | 891 | task->tk_auth->au_verfsize = XDR_QUADLEN(len) + 2; |
890 | gss_put_ctx(ctx); | 892 | gss_put_ctx(ctx); |
891 | dprintk("RPC: %4u GSS gss_validate: gss_verify_mic succeeded.\n", | 893 | dprintk("RPC: %5u gss_validate: gss_verify_mic succeeded.\n", |
892 | task->tk_pid); | 894 | task->tk_pid); |
893 | return p + XDR_QUADLEN(len); | 895 | return p + XDR_QUADLEN(len); |
894 | out_bad: | 896 | out_bad: |
895 | gss_put_ctx(ctx); | 897 | gss_put_ctx(ctx); |
896 | dprintk("RPC: %4u gss_validate failed.\n", task->tk_pid); | 898 | dprintk("RPC: %5u gss_validate failed.\n", task->tk_pid); |
897 | return NULL; | 899 | return NULL; |
898 | } | 900 | } |
899 | 901 | ||
@@ -1063,7 +1065,7 @@ gss_wrap_req(struct rpc_task *task, | |||
1063 | struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred); | 1065 | struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred); |
1064 | int status = -EIO; | 1066 | int status = -EIO; |
1065 | 1067 | ||
1066 | dprintk("RPC: %4u gss_wrap_req\n", task->tk_pid); | 1068 | dprintk("RPC: %5u gss_wrap_req\n", task->tk_pid); |
1067 | if (ctx->gc_proc != RPC_GSS_PROC_DATA) { | 1069 | if (ctx->gc_proc != RPC_GSS_PROC_DATA) { |
1068 | /* The spec seems a little ambiguous here, but I think that not | 1070 | /* The spec seems a little ambiguous here, but I think that not |
1069 | * wrapping context destruction requests makes the most sense. | 1071 | * wrapping context destruction requests makes the most sense. |
@@ -1086,7 +1088,7 @@ gss_wrap_req(struct rpc_task *task, | |||
1086 | } | 1088 | } |
1087 | out: | 1089 | out: |
1088 | gss_put_ctx(ctx); | 1090 | gss_put_ctx(ctx); |
1089 | dprintk("RPC: %4u gss_wrap_req returning %d\n", task->tk_pid, status); | 1091 | dprintk("RPC: %5u gss_wrap_req returning %d\n", task->tk_pid, status); |
1090 | return status; | 1092 | return status; |
1091 | } | 1093 | } |
1092 | 1094 | ||
@@ -1192,7 +1194,7 @@ out_decode: | |||
1192 | status = decode(rqstp, p, obj); | 1194 | status = decode(rqstp, p, obj); |
1193 | out: | 1195 | out: |
1194 | gss_put_ctx(ctx); | 1196 | gss_put_ctx(ctx); |
1195 | dprintk("RPC: %4u gss_unwrap_resp returning %d\n", task->tk_pid, | 1197 | dprintk("RPC: %5u gss_unwrap_resp returning %d\n", task->tk_pid, |
1196 | status); | 1198 | status); |
1197 | return status; | 1199 | return status; |
1198 | } | 1200 | } |
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c index d926cda88623..cd64efd5921e 100644 --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c | |||
@@ -66,7 +66,7 @@ krb5_encrypt( | |||
66 | goto out; | 66 | goto out; |
67 | 67 | ||
68 | if (crypto_blkcipher_ivsize(tfm) > 16) { | 68 | if (crypto_blkcipher_ivsize(tfm) > 16) { |
69 | dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", | 69 | dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", |
70 | crypto_blkcipher_ivsize(tfm)); | 70 | crypto_blkcipher_ivsize(tfm)); |
71 | goto out; | 71 | goto out; |
72 | } | 72 | } |
@@ -79,7 +79,7 @@ krb5_encrypt( | |||
79 | 79 | ||
80 | ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length); | 80 | ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length); |
81 | out: | 81 | out: |
82 | dprintk("RPC: krb5_encrypt returns %d\n",ret); | 82 | dprintk("RPC: krb5_encrypt returns %d\n", ret); |
83 | return ret; | 83 | return ret; |
84 | } | 84 | } |
85 | 85 | ||
@@ -102,7 +102,7 @@ krb5_decrypt( | |||
102 | goto out; | 102 | goto out; |
103 | 103 | ||
104 | if (crypto_blkcipher_ivsize(tfm) > 16) { | 104 | if (crypto_blkcipher_ivsize(tfm) > 16) { |
105 | dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", | 105 | dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", |
106 | crypto_blkcipher_ivsize(tfm)); | 106 | crypto_blkcipher_ivsize(tfm)); |
107 | goto out; | 107 | goto out; |
108 | } | 108 | } |
@@ -114,7 +114,7 @@ krb5_decrypt( | |||
114 | 114 | ||
115 | ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length); | 115 | ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length); |
116 | out: | 116 | out: |
117 | dprintk("RPC: gss_k5decrypt returns %d\n",ret); | 117 | dprintk("RPC: gss_k5decrypt returns %d\n",ret); |
118 | return ret; | 118 | return ret; |
119 | } | 119 | } |
120 | 120 | ||
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index 05d4bee86fc0..7b1943217053 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c | |||
@@ -175,7 +175,8 @@ gss_import_sec_context_kerberos(const void *p, | |||
175 | } | 175 | } |
176 | 176 | ||
177 | ctx_id->internal_ctx_id = ctx; | 177 | ctx_id->internal_ctx_id = ctx; |
178 | dprintk("RPC: Successfully imported new context.\n"); | 178 | |
179 | dprintk("RPC: Successfully imported new context.\n"); | ||
179 | return 0; | 180 | return 0; |
180 | 181 | ||
181 | out_err_free_key2: | 182 | out_err_free_key2: |
diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c index d0bb5064f8c5..a0d9faa59cb5 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seal.c +++ b/net/sunrpc/auth_gss/gss_krb5_seal.c | |||
@@ -83,7 +83,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text, | |||
83 | s32 now; | 83 | s32 now; |
84 | u32 seq_send; | 84 | u32 seq_send; |
85 | 85 | ||
86 | dprintk("RPC: gss_krb5_seal\n"); | 86 | dprintk("RPC: gss_krb5_seal\n"); |
87 | 87 | ||
88 | now = get_seconds(); | 88 | now = get_seconds(); |
89 | 89 | ||
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c index c604baf3a5f6..2f0b11257016 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c +++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c | |||
@@ -70,7 +70,7 @@ krb5_get_seq_num(struct crypto_blkcipher *key, | |||
70 | s32 code; | 70 | s32 code; |
71 | unsigned char plain[8]; | 71 | unsigned char plain[8]; |
72 | 72 | ||
73 | dprintk("RPC: krb5_get_seq_num:\n"); | 73 | dprintk("RPC: krb5_get_seq_num:\n"); |
74 | 74 | ||
75 | if ((code = krb5_decrypt(key, cksum, buf, plain, 8))) | 75 | if ((code = krb5_decrypt(key, cksum, buf, plain, 8))) |
76 | return code; | 76 | return code; |
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c index 87f8977ccece..e30a993466bc 100644 --- a/net/sunrpc/auth_gss/gss_krb5_unseal.c +++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c | |||
@@ -86,7 +86,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx, | |||
86 | unsigned char *ptr = (unsigned char *)read_token->data; | 86 | unsigned char *ptr = (unsigned char *)read_token->data; |
87 | int bodysize; | 87 | int bodysize; |
88 | 88 | ||
89 | dprintk("RPC: krb5_read_token\n"); | 89 | dprintk("RPC: krb5_read_token\n"); |
90 | 90 | ||
91 | if (g_verify_token_header(&ctx->mech_used, &bodysize, &ptr, | 91 | if (g_verify_token_header(&ctx->mech_used, &bodysize, &ptr, |
92 | read_token->len)) | 92 | read_token->len)) |
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c index fe25b3d898dc..42b3220bed39 100644 --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c | |||
@@ -129,7 +129,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset, | |||
129 | struct page **tmp_pages; | 129 | struct page **tmp_pages; |
130 | u32 seq_send; | 130 | u32 seq_send; |
131 | 131 | ||
132 | dprintk("RPC: gss_wrap_kerberos\n"); | 132 | dprintk("RPC: gss_wrap_kerberos\n"); |
133 | 133 | ||
134 | now = get_seconds(); | 134 | now = get_seconds(); |
135 | 135 | ||
@@ -215,7 +215,7 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf) | |||
215 | int data_len; | 215 | int data_len; |
216 | int blocksize; | 216 | int blocksize; |
217 | 217 | ||
218 | dprintk("RPC: gss_unwrap_kerberos\n"); | 218 | dprintk("RPC: gss_unwrap_kerberos\n"); |
219 | 219 | ||
220 | ptr = (u8 *)buf->head[0].iov_base + offset; | 220 | ptr = (u8 *)buf->head[0].iov_base + offset; |
221 | if (g_verify_token_header(&kctx->mech_used, &bodysize, &ptr, | 221 | if (g_verify_token_header(&kctx->mech_used, &bodysize, &ptr, |
diff --git a/net/sunrpc/auth_gss/gss_mech_switch.c b/net/sunrpc/auth_gss/gss_mech_switch.c index 3db745379d06..c7681db96fb7 100644 --- a/net/sunrpc/auth_gss/gss_mech_switch.c +++ b/net/sunrpc/auth_gss/gss_mech_switch.c | |||
@@ -113,7 +113,7 @@ gss_mech_register(struct gss_api_mech *gm) | |||
113 | spin_lock(®istered_mechs_lock); | 113 | spin_lock(®istered_mechs_lock); |
114 | list_add(&gm->gm_list, ®istered_mechs); | 114 | list_add(&gm->gm_list, ®istered_mechs); |
115 | spin_unlock(®istered_mechs_lock); | 115 | spin_unlock(®istered_mechs_lock); |
116 | dprintk("RPC: registered gss mechanism %s\n", gm->gm_name); | 116 | dprintk("RPC: registered gss mechanism %s\n", gm->gm_name); |
117 | return 0; | 117 | return 0; |
118 | } | 118 | } |
119 | 119 | ||
@@ -125,7 +125,7 @@ gss_mech_unregister(struct gss_api_mech *gm) | |||
125 | spin_lock(®istered_mechs_lock); | 125 | spin_lock(®istered_mechs_lock); |
126 | list_del(&gm->gm_list); | 126 | list_del(&gm->gm_list); |
127 | spin_unlock(®istered_mechs_lock); | 127 | spin_unlock(®istered_mechs_lock); |
128 | dprintk("RPC: unregistered gss mechanism %s\n", gm->gm_name); | 128 | dprintk("RPC: unregistered gss mechanism %s\n", gm->gm_name); |
129 | gss_mech_free(gm); | 129 | gss_mech_free(gm); |
130 | } | 130 | } |
131 | 131 | ||
@@ -298,7 +298,7 @@ gss_unwrap(struct gss_ctx *ctx_id, | |||
298 | u32 | 298 | u32 |
299 | gss_delete_sec_context(struct gss_ctx **context_handle) | 299 | gss_delete_sec_context(struct gss_ctx **context_handle) |
300 | { | 300 | { |
301 | dprintk("RPC: gss_delete_sec_context deleting %p\n", | 301 | dprintk("RPC: gss_delete_sec_context deleting %p\n", |
302 | *context_handle); | 302 | *context_handle); |
303 | 303 | ||
304 | if (!*context_handle) | 304 | if (!*context_handle) |
diff --git a/net/sunrpc/auth_gss/gss_spkm3_mech.c b/net/sunrpc/auth_gss/gss_spkm3_mech.c index 8ef3f1c19435..7e15aa68ae64 100644 --- a/net/sunrpc/auth_gss/gss_spkm3_mech.c +++ b/net/sunrpc/auth_gss/gss_spkm3_mech.c | |||
@@ -97,7 +97,8 @@ gss_import_sec_context_spkm3(const void *p, size_t len, | |||
97 | if (IS_ERR(p)) | 97 | if (IS_ERR(p)) |
98 | goto out_err_free_ctx; | 98 | goto out_err_free_ctx; |
99 | if (version != 1) { | 99 | if (version != 1) { |
100 | dprintk("RPC: unknown spkm3 token format: obsolete nfs-utils?\n"); | 100 | dprintk("RPC: unknown spkm3 token format: " |
101 | "obsolete nfs-utils?\n"); | ||
101 | goto out_err_free_ctx; | 102 | goto out_err_free_ctx; |
102 | } | 103 | } |
103 | 104 | ||
@@ -138,7 +139,7 @@ gss_import_sec_context_spkm3(const void *p, size_t len, | |||
138 | 139 | ||
139 | ctx_id->internal_ctx_id = ctx; | 140 | ctx_id->internal_ctx_id = ctx; |
140 | 141 | ||
141 | dprintk("Successfully imported new spkm context.\n"); | 142 | dprintk("RPC: Successfully imported new spkm context.\n"); |
142 | return 0; | 143 | return 0; |
143 | 144 | ||
144 | out_err_free_intg_key: | 145 | out_err_free_intg_key: |
@@ -183,7 +184,7 @@ gss_verify_mic_spkm3(struct gss_ctx *ctx, | |||
183 | 184 | ||
184 | maj_stat = spkm3_read_token(sctx, checksum, signbuf, SPKM_MIC_TOK); | 185 | maj_stat = spkm3_read_token(sctx, checksum, signbuf, SPKM_MIC_TOK); |
185 | 186 | ||
186 | dprintk("RPC: gss_verify_mic_spkm3 returning %d\n", maj_stat); | 187 | dprintk("RPC: gss_verify_mic_spkm3 returning %d\n", maj_stat); |
187 | return maj_stat; | 188 | return maj_stat; |
188 | } | 189 | } |
189 | 190 | ||
@@ -197,7 +198,7 @@ gss_get_mic_spkm3(struct gss_ctx *ctx, | |||
197 | 198 | ||
198 | err = spkm3_make_token(sctx, message_buffer, | 199 | err = spkm3_make_token(sctx, message_buffer, |
199 | message_token, SPKM_MIC_TOK); | 200 | message_token, SPKM_MIC_TOK); |
200 | dprintk("RPC: gss_get_mic_spkm3 returning %d\n", err); | 201 | dprintk("RPC: gss_get_mic_spkm3 returning %d\n", err); |
201 | return err; | 202 | return err; |
202 | } | 203 | } |
203 | 204 | ||
diff --git a/net/sunrpc/auth_gss/gss_spkm3_seal.c b/net/sunrpc/auth_gss/gss_spkm3_seal.c index b179d58c6249..104cbf4f769f 100644 --- a/net/sunrpc/auth_gss/gss_spkm3_seal.c +++ b/net/sunrpc/auth_gss/gss_spkm3_seal.c | |||
@@ -75,20 +75,21 @@ spkm3_make_token(struct spkm3_ctx *ctx, | |||
75 | now = jiffies; | 75 | now = jiffies; |
76 | 76 | ||
77 | if (ctx->ctx_id.len != 16) { | 77 | if (ctx->ctx_id.len != 16) { |
78 | dprintk("RPC: spkm3_make_token BAD ctx_id.len %d\n", | 78 | dprintk("RPC: spkm3_make_token BAD ctx_id.len %d\n", |
79 | ctx->ctx_id.len); | 79 | ctx->ctx_id.len); |
80 | goto out_err; | 80 | goto out_err; |
81 | } | 81 | } |
82 | 82 | ||
83 | if (!g_OID_equal(&ctx->intg_alg, &hmac_md5_oid)) { | 83 | if (!g_OID_equal(&ctx->intg_alg, &hmac_md5_oid)) { |
84 | dprintk("RPC: gss_spkm3_seal: unsupported I-ALG algorithm." | 84 | dprintk("RPC: gss_spkm3_seal: unsupported I-ALG " |
85 | "only support hmac-md5 I-ALG.\n"); | 85 | "algorithm. only support hmac-md5 I-ALG.\n"); |
86 | goto out_err; | 86 | goto out_err; |
87 | } else | 87 | } else |
88 | checksum_type = CKSUMTYPE_HMAC_MD5; | 88 | checksum_type = CKSUMTYPE_HMAC_MD5; |
89 | 89 | ||
90 | if (!g_OID_equal(&ctx->conf_alg, &cast5_cbc_oid)) { | 90 | if (!g_OID_equal(&ctx->conf_alg, &cast5_cbc_oid)) { |
91 | dprintk("RPC: gss_spkm3_seal: unsupported C-ALG algorithm\n"); | 91 | dprintk("RPC: gss_spkm3_seal: unsupported C-ALG " |
92 | "algorithm\n"); | ||
92 | goto out_err; | 93 | goto out_err; |
93 | } | 94 | } |
94 | 95 | ||
@@ -113,7 +114,8 @@ spkm3_make_token(struct spkm3_ctx *ctx, | |||
113 | 114 | ||
114 | spkm3_make_mic_token(&ptr, tokenlen, &mic_hdr, &md5cksum, md5elen, md5zbit); | 115 | spkm3_make_mic_token(&ptr, tokenlen, &mic_hdr, &md5cksum, md5elen, md5zbit); |
115 | } else if (toktype == SPKM_WRAP_TOK) { /* Not Supported */ | 116 | } else if (toktype == SPKM_WRAP_TOK) { /* Not Supported */ |
116 | dprintk("RPC: gss_spkm3_seal: SPKM_WRAP_TOK not supported\n"); | 117 | dprintk("RPC: gss_spkm3_seal: SPKM_WRAP_TOK " |
118 | "not supported\n"); | ||
117 | goto out_err; | 119 | goto out_err; |
118 | } | 120 | } |
119 | 121 | ||
@@ -153,7 +155,7 @@ make_spkm3_checksum(s32 cksumtype, struct xdr_netobj *key, char *header, | |||
153 | cksumname = "md5"; | 155 | cksumname = "md5"; |
154 | break; | 156 | break; |
155 | default: | 157 | default: |
156 | dprintk("RPC: spkm3_make_checksum:" | 158 | dprintk("RPC: spkm3_make_checksum:" |
157 | " unsupported checksum %d", cksumtype); | 159 | " unsupported checksum %d", cksumtype); |
158 | return GSS_S_FAILURE; | 160 | return GSS_S_FAILURE; |
159 | } | 161 | } |
diff --git a/net/sunrpc/auth_gss/gss_spkm3_token.c b/net/sunrpc/auth_gss/gss_spkm3_token.c index 35188b6ea8f7..156413ae6caf 100644 --- a/net/sunrpc/auth_gss/gss_spkm3_token.c +++ b/net/sunrpc/auth_gss/gss_spkm3_token.c | |||
@@ -209,7 +209,7 @@ spkm3_verify_mic_token(unsigned char **tokp, int *mic_hdrlen, unsigned char **ck | |||
209 | 209 | ||
210 | /* spkm3 innercontext token preamble */ | 210 | /* spkm3 innercontext token preamble */ |
211 | if ((ptr[0] != 0xa4) || (ptr[2] != 0x30)) { | 211 | if ((ptr[0] != 0xa4) || (ptr[2] != 0x30)) { |
212 | dprintk("RPC: BAD SPKM ictoken preamble\n"); | 212 | dprintk("RPC: BAD SPKM ictoken preamble\n"); |
213 | goto out; | 213 | goto out; |
214 | } | 214 | } |
215 | 215 | ||
@@ -217,25 +217,25 @@ spkm3_verify_mic_token(unsigned char **tokp, int *mic_hdrlen, unsigned char **ck | |||
217 | 217 | ||
218 | /* token type */ | 218 | /* token type */ |
219 | if ((ptr[4] != 0x02) || (ptr[5] != 0x02)) { | 219 | if ((ptr[4] != 0x02) || (ptr[5] != 0x02)) { |
220 | dprintk("RPC: BAD asn1 SPKM3 token type\n"); | 220 | dprintk("RPC: BAD asn1 SPKM3 token type\n"); |
221 | goto out; | 221 | goto out; |
222 | } | 222 | } |
223 | 223 | ||
224 | /* only support SPKM_MIC_TOK */ | 224 | /* only support SPKM_MIC_TOK */ |
225 | if((ptr[6] != 0x01) || (ptr[7] != 0x01)) { | 225 | if((ptr[6] != 0x01) || (ptr[7] != 0x01)) { |
226 | dprintk("RPC: ERROR unsupported SPKM3 token \n"); | 226 | dprintk("RPC: ERROR unsupported SPKM3 token \n"); |
227 | goto out; | 227 | goto out; |
228 | } | 228 | } |
229 | 229 | ||
230 | /* contextid */ | 230 | /* contextid */ |
231 | if (ptr[8] != 0x03) { | 231 | if (ptr[8] != 0x03) { |
232 | dprintk("RPC: BAD SPKM3 asn1 context-id type\n"); | 232 | dprintk("RPC: BAD SPKM3 asn1 context-id type\n"); |
233 | goto out; | 233 | goto out; |
234 | } | 234 | } |
235 | 235 | ||
236 | ctxelen = ptr[9]; | 236 | ctxelen = ptr[9]; |
237 | if (ctxelen > 17) { /* length includes asn1 zbit octet */ | 237 | if (ctxelen > 17) { /* length includes asn1 zbit octet */ |
238 | dprintk("RPC: BAD SPKM3 contextid len %d\n", ctxelen); | 238 | dprintk("RPC: BAD SPKM3 contextid len %d\n", ctxelen); |
239 | goto out; | 239 | goto out; |
240 | } | 240 | } |
241 | 241 | ||
@@ -251,7 +251,9 @@ spkm3_verify_mic_token(unsigned char **tokp, int *mic_hdrlen, unsigned char **ck | |||
251 | */ | 251 | */ |
252 | 252 | ||
253 | if (*mic_hdrlen != 6 + ctxelen) { | 253 | if (*mic_hdrlen != 6 + ctxelen) { |
254 | dprintk("RPC: BAD SPKM_ MIC_TOK header len %d: we only support default int-alg (should be absent) and do not support snd-seq\n", *mic_hdrlen); | 254 | dprintk("RPC: BAD SPKM_ MIC_TOK header len %d: we only " |
255 | "support default int-alg (should be absent) " | ||
256 | "and do not support snd-seq\n", *mic_hdrlen); | ||
255 | goto out; | 257 | goto out; |
256 | } | 258 | } |
257 | /* checksum */ | 259 | /* checksum */ |
diff --git a/net/sunrpc/auth_gss/gss_spkm3_unseal.c b/net/sunrpc/auth_gss/gss_spkm3_unseal.c index e54581ca7570..ac1ad6b1dc4a 100644 --- a/net/sunrpc/auth_gss/gss_spkm3_unseal.c +++ b/net/sunrpc/auth_gss/gss_spkm3_unseal.c | |||
@@ -72,7 +72,7 @@ spkm3_read_token(struct spkm3_ctx *ctx, | |||
72 | /* decode the token */ | 72 | /* decode the token */ |
73 | 73 | ||
74 | if (toktype != SPKM_MIC_TOK) { | 74 | if (toktype != SPKM_MIC_TOK) { |
75 | dprintk("RPC: BAD SPKM3 token type: %d\n", toktype); | 75 | dprintk("RPC: BAD SPKM3 token type: %d\n", toktype); |
76 | goto out; | 76 | goto out; |
77 | } | 77 | } |
78 | 78 | ||
@@ -80,7 +80,7 @@ spkm3_read_token(struct spkm3_ctx *ctx, | |||
80 | goto out; | 80 | goto out; |
81 | 81 | ||
82 | if (*cksum++ != 0x03) { | 82 | if (*cksum++ != 0x03) { |
83 | dprintk("RPC: spkm3_read_token BAD checksum type\n"); | 83 | dprintk("RPC: spkm3_read_token BAD checksum type\n"); |
84 | goto out; | 84 | goto out; |
85 | } | 85 | } |
86 | md5elen = *cksum++; | 86 | md5elen = *cksum++; |
@@ -97,7 +97,8 @@ spkm3_read_token(struct spkm3_ctx *ctx, | |||
97 | */ | 97 | */ |
98 | ret = GSS_S_DEFECTIVE_TOKEN; | 98 | ret = GSS_S_DEFECTIVE_TOKEN; |
99 | if (!g_OID_equal(&ctx->intg_alg, &hmac_md5_oid)) { | 99 | if (!g_OID_equal(&ctx->intg_alg, &hmac_md5_oid)) { |
100 | dprintk("RPC: gss_spkm3_seal: unsupported I-ALG algorithm\n"); | 100 | dprintk("RPC: gss_spkm3_seal: unsupported I-ALG " |
101 | "algorithm\n"); | ||
101 | goto out; | 102 | goto out; |
102 | } | 103 | } |
103 | 104 | ||
@@ -113,7 +114,7 @@ spkm3_read_token(struct spkm3_ctx *ctx, | |||
113 | ret = GSS_S_BAD_SIG; | 114 | ret = GSS_S_BAD_SIG; |
114 | code = memcmp(md5cksum.data, wire_cksum.data, wire_cksum.len); | 115 | code = memcmp(md5cksum.data, wire_cksum.data, wire_cksum.len); |
115 | if (code) { | 116 | if (code) { |
116 | dprintk("RPC: bad MIC checksum\n"); | 117 | dprintk("RPC: bad MIC checksum\n"); |
117 | goto out; | 118 | goto out; |
118 | } | 119 | } |
119 | 120 | ||
diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c index 066c64a97fd8..8944cabcde56 100644 --- a/net/sunrpc/auth_gss/svcauth_gss.c +++ b/net/sunrpc/auth_gss/svcauth_gss.c | |||
@@ -669,14 +669,14 @@ gss_verify_header(struct svc_rqst *rqstp, struct rsc *rsci, | |||
669 | } | 669 | } |
670 | 670 | ||
671 | if (gc->gc_seq > MAXSEQ) { | 671 | if (gc->gc_seq > MAXSEQ) { |
672 | dprintk("RPC: svcauth_gss: discarding request with large sequence number %d\n", | 672 | dprintk("RPC: svcauth_gss: discarding request with " |
673 | gc->gc_seq); | 673 | "large sequence number %d\n", gc->gc_seq); |
674 | *authp = rpcsec_gsserr_ctxproblem; | 674 | *authp = rpcsec_gsserr_ctxproblem; |
675 | return SVC_DENIED; | 675 | return SVC_DENIED; |
676 | } | 676 | } |
677 | if (!gss_check_seq_num(rsci, gc->gc_seq)) { | 677 | if (!gss_check_seq_num(rsci, gc->gc_seq)) { |
678 | dprintk("RPC: svcauth_gss: discarding request with old sequence number %d\n", | 678 | dprintk("RPC: svcauth_gss: discarding request with " |
679 | gc->gc_seq); | 679 | "old sequence number %d\n", gc->gc_seq); |
680 | return SVC_DROP; | 680 | return SVC_DROP; |
681 | } | 681 | } |
682 | return SVC_OK; | 682 | return SVC_OK; |
@@ -958,7 +958,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, __be32 *authp) | |||
958 | __be32 *reject_stat = resv->iov_base + resv->iov_len; | 958 | __be32 *reject_stat = resv->iov_base + resv->iov_len; |
959 | int ret; | 959 | int ret; |
960 | 960 | ||
961 | dprintk("RPC: svcauth_gss: argv->iov_len = %zd\n",argv->iov_len); | 961 | dprintk("RPC: svcauth_gss: argv->iov_len = %zd\n", |
962 | argv->iov_len); | ||
962 | 963 | ||
963 | *authp = rpc_autherr_badcred; | 964 | *authp = rpc_autherr_badcred; |
964 | if (!svcdata) | 965 | if (!svcdata) |