include/linux/sunrpc/gss_asn1.h         |    3 +--
 include/linux/sunrpc/gss_krb5.h         |    2 +-
 net/sunrpc/auth_gss/Makefile            |    4 ++--
 net/sunrpc/auth_gss/gss_generic_token.c |    8 +-------
 net/sunrpc/auth_gss/gss_krb5_crypto.c   |    7 +++----
 net/sunrpc/auth_gss/gss_krb5_seal.c     |    7 +++++--
 net/sunrpc/auth_gss/gss_krb5_unseal.c   |    6 +++++-
 net/sunrpc/auth_gss/sunrpcgss_syms.c    |    4 ++++
 8 files changed, 22 insertions(+), 19 deletions(-)

diff -u --recursive --new-file --show-c-function linux-2.6.6-07-printk_cleanup/include/linux/sunrpc/gss_asn1.h linux-2.6.6-08-gss_krb5_clean/include/linux/sunrpc/gss_asn1.h
--- linux-2.6.6-07-printk_cleanup/include/linux/sunrpc/gss_asn1.h	2004-05-16 17:08:02.000000000 -0400
+++ linux-2.6.6-08-gss_krb5_clean/include/linux/sunrpc/gss_asn1.h	2004-05-16 17:39:29.000000000 -0400
@@ -81,5 +81,4 @@ int g_token_size(
 void g_make_token_header(
      struct xdr_netobj *mech,
      int body_size,
-     unsigned char **buf,
-     int tok_type);
+     unsigned char **buf);
diff -u --recursive --new-file --show-c-function linux-2.6.6-07-printk_cleanup/include/linux/sunrpc/gss_krb5.h linux-2.6.6-08-gss_krb5_clean/include/linux/sunrpc/gss_krb5.h
--- linux-2.6.6-07-printk_cleanup/include/linux/sunrpc/gss_krb5.h	2004-05-16 17:07:39.000000000 -0400
+++ linux-2.6.6-08-gss_krb5_clean/include/linux/sunrpc/gss_krb5.h	2004-05-16 17:39:29.000000000 -0400
@@ -115,7 +115,7 @@ enum seal_alg {
 #define ENCTYPE_UNKNOWN         0x01ff
 
 s32
-krb5_make_checksum(s32 cksumtype, char *header, struct xdr_buf *body,
+make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,
 		   struct xdr_netobj *cksum);
 
 u32
diff -u --recursive --new-file --show-c-function linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/gss_generic_token.c linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/gss_generic_token.c
--- linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/gss_generic_token.c	2004-05-16 17:07:23.000000000 -0400
+++ linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/gss_generic_token.c	2004-05-16 17:39:29.000000000 -0400
@@ -155,16 +155,13 @@ g_token_size(struct xdr_netobj *mech, un
    be the right size.  buf is advanced past the token header */
 
 void
-g_make_token_header(struct xdr_netobj *mech, int body_size, unsigned char **buf,
-		int tok_type)
+g_make_token_header(struct xdr_netobj *mech, int body_size, unsigned char **buf)
 {
 	*(*buf)++ = 0x60;
 	der_write_length(buf, 4 + mech->len + body_size);
 	*(*buf)++ = 0x06;
 	*(*buf)++ = (unsigned char) mech->len;
 	TWRITE_STR(*buf, mech->data, ((int) mech->len));
-	*(*buf)++ = (unsigned char) ((tok_type>>8)&0xff);
-	*(*buf)++ = (unsigned char) (tok_type&0xff);
 }
 
 /*
@@ -221,9 +218,6 @@ g_verify_token_header(struct xdr_netobj 
 	if (ret)
 		return(ret);
 
-	if ((*buf++ != ((tok_type>>8)&0xff)) || (*buf++ != (tok_type&0xff))) 
-		return(G_WRONG_TOKID);
-
 	if (!ret) {
 		*buf_in = buf;
 		*body_size = toksize;
diff -u --recursive --new-file --show-c-function linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/gss_krb5_crypto.c linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/gss_krb5_crypto.c
--- linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/gss_krb5_crypto.c	2004-05-16 17:39:25.000000000 -0400
+++ linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/gss_krb5_crypto.c	2004-05-16 17:39:29.000000000 -0400
@@ -135,10 +135,9 @@ buf_to_sg(struct scatterlist *sg, char *
 	sg->length = len;
 }
 
-/* checksum the plaintext data and the first 8 bytes of the krb5 token header,
- * as specified by the rfc: */
+/* checksum the plaintext data and hdrlen bytes of the token header */
 s32
-krb5_make_checksum(s32 cksumtype, char *header, struct xdr_buf *body,
+make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,
 		   struct xdr_netobj *cksum)
 {
 	char                            *cksumname;
@@ -164,7 +163,7 @@ krb5_make_checksum(s32 cksumtype, char *
 		goto out;
 
 	crypto_digest_init(tfm);
-	buf_to_sg(sg, header, 8);
+	buf_to_sg(sg, header, hdrlen);
 	crypto_digest_update(tfm, sg, 1);
 	if (body->head[0].iov_len) {
 		buf_to_sg(sg, body->head[0].iov_base, body->head[0].iov_len);
diff -u --recursive --new-file --show-c-function linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/gss_krb5_seal.c linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/gss_krb5_seal.c
--- linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/gss_krb5_seal.c	2004-05-16 17:39:25.000000000 -0400
+++ linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/gss_krb5_seal.c	2004-05-16 17:39:29.000000000 -0400
@@ -122,7 +122,10 @@ krb5_make_token(struct krb5_ctx *ctx, in
 	token->len = g_token_size(&ctx->mech_used, 22 + tmsglen);
 
 	ptr = token->data;
-	g_make_token_header(&ctx->mech_used, 22 + tmsglen, &ptr, toktype);
+	g_make_token_header(&ctx->mech_used, 22 + tmsglen, &ptr);
+
+	*ptr++ = (unsigned char) ((toktype>>8)&0xff);
+	*ptr++ = (unsigned char) (toktype&0xff);
 
 	/* ptr now at byte 2 of header described in rfc 1964, section 1.2.1: */
 	krb5_hdr = ptr - 2;
@@ -137,7 +140,7 @@ krb5_make_token(struct krb5_ctx *ctx, in
 		/* XXX removing support for now */
 		goto out_err;
 	} else { /* Sign only.  */
-		if (krb5_make_checksum(checksum_type, krb5_hdr, text,
+		if (make_checksum(checksum_type, krb5_hdr, 8, text,
 				       &md5cksum))
 			goto out_err;
 	}
diff -u --recursive --new-file --show-c-function linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/gss_krb5_unseal.c linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/gss_krb5_unseal.c
--- linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/gss_krb5_unseal.c	2004-05-16 17:07:52.000000000 -0400
+++ linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/gss_krb5_unseal.c	2004-05-16 17:39:29.000000000 -0400
@@ -99,6 +99,10 @@ krb5_read_token(struct krb5_ctx *ctx,
 	if (g_verify_token_header(&ctx->mech_used, &bodysize, &ptr, toktype,
 					read_token->len))
 		goto out;
+
+	if ((*ptr++ != ((toktype>>8)&0xff)) || (*ptr++ != (toktype&0xff)))
+		goto out;
+
 	/* XXX sanity-check bodysize?? */
 
 	if (toktype == KG_TOK_WRAP_MSG) {
@@ -149,7 +153,7 @@ krb5_read_token(struct krb5_ctx *ctx,
 
 	switch (signalg) {
 	case SGN_ALG_DES_MAC_MD5:
-		ret = krb5_make_checksum(checksum_type, ptr - 2,
+		ret = make_checksum(checksum_type, ptr - 2, 8,
 					 message_buffer, &md5cksum);
 		if (ret)
 			goto out;
diff -u --recursive --new-file --show-c-function linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/Makefile linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/Makefile
--- linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/Makefile	2004-05-16 17:07:33.000000000 -0400
+++ linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/Makefile	2004-05-16 17:39:29.000000000 -0400
@@ -5,10 +5,10 @@
 obj-$(CONFIG_SUNRPC_GSS) += auth_rpcgss.o
 
 auth_rpcgss-objs := auth_gss.o gss_pseudoflavors.o gss_generic_token.o \
-	sunrpcgss_syms.o gss_mech_switch.o svcauth_gss.o
+	sunrpcgss_syms.o gss_mech_switch.o svcauth_gss.o gss_krb5_crypto.o
 
 obj-$(CONFIG_RPCSEC_GSS_KRB5) += rpcsec_gss_krb5.o
 
 rpcsec_gss_krb5-objs := gss_krb5_mech.o gss_krb5_seal.o gss_krb5_unseal.o \
-	gss_krb5_crypto.o gss_krb5_seqnum.o
+	gss_krb5_seqnum.o
 
diff -u --recursive --new-file --show-c-function linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/sunrpcgss_syms.c linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/sunrpcgss_syms.c
--- linux-2.6.6-07-printk_cleanup/net/sunrpc/auth_gss/sunrpcgss_syms.c	2004-05-16 17:07:47.000000000 -0400
+++ linux-2.6.6-08-gss_krb5_clean/net/sunrpc/auth_gss/sunrpcgss_syms.c	2004-05-16 17:39:29.000000000 -0400
@@ -10,6 +10,7 @@
 #include <linux/sunrpc/auth_gss.h>
 #include <linux/sunrpc/svcauth_gss.h>
 #include <linux/sunrpc/gss_asn1.h>
+#include <linux/sunrpc/gss_krb5.h>
 
 /* sec_triples: */
 EXPORT_SYMBOL(gss_register_triple);
@@ -30,6 +31,9 @@ EXPORT_SYMBOL(gss_mech_put);
 EXPORT_SYMBOL(g_make_token_header);
 EXPORT_SYMBOL(g_verify_token_header);
 EXPORT_SYMBOL(g_token_size);
+EXPORT_SYMBOL(make_checksum);
+EXPORT_SYMBOL(krb5_encrypt);
+EXPORT_SYMBOL(krb5_decrypt);
 
 /* debug */
 EXPORT_SYMBOL(print_hexl);