[PATCH 8/12] rpcgss: simplify make_checksum

Chuck Lever chucklever at gmail.com
Tue Dec 5 10:17:11 EST 2006 

Hi Bruce-

I would use a pre-processor macro instead of the bare naked string "md5".

On 12/4/06, J. Bruce Fields <bfields at fieldses.org> wrote:
> From: J. Bruce Fields <bfields at fieldses.org>
>
> We're doing some pointless translation between krb5 constants and kernel
> crypto string names.
>
> Also clean up some related spkm3 code as necessary.
>
> Signed-off-by: J. Bruce Fields <bfields at citi.umich.edu>
> ---
>  include/linux/sunrpc/gss_krb5.h       |    2 +-
>  net/sunrpc/auth_gss/gss_krb5_crypto.c |   12 +-----------
>  net/sunrpc/auth_gss/gss_krb5_seal.c   |    2 +-
>  net/sunrpc/auth_gss/gss_krb5_unseal.c |    3 +--
>  net/sunrpc/auth_gss/gss_krb5_wrap.c   |    4 ++--
>  5 files changed, 6 insertions(+), 17 deletions(-)
>
> diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h
> index f680ed3..abfa1f3 100644
> --- a/include/linux/sunrpc/gss_krb5.h
> +++ b/include/linux/sunrpc/gss_krb5.h
> @@ -116,7 +116,7 @@ enum seal_alg {
>  #define ENCTYPE_UNKNOWN         0x01ff
>
>  s32
> -make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,
> +make_checksum(char *, char *header, int hdrlen, struct xdr_buf *body,
>                    int body_offset, struct xdr_netobj *cksum);
>
>  u32 gss_get_mic_kerberos(struct gss_ctx *, struct xdr_buf *,
> diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
> index 10d05ea..d926cda 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
> @@ -130,23 +130,13 @@ checksummer(struct scatterlist *sg, void *data)
>
>  /* checksum the plaintext data and hdrlen bytes of the token header */
>  s32
> -make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,
> +make_checksum(char *cksumname, char *header, int hdrlen, struct xdr_buf *body,
>                    int body_offset, struct xdr_netobj *cksum)
>  {
> -       char                            *cksumname;
>         struct hash_desc                desc; /* XXX add to ctx? */
>         struct scatterlist              sg[1];
>         int err;
>
> -       switch (cksumtype) {
> -               case CKSUMTYPE_RSA_MD5:
> -                       cksumname = "md5";
> -                       break;
> -               default:
> -                       dprintk("RPC:      krb5_make_checksum:"
> -                               " unsupported checksum %d", cksumtype);
> -                       return GSS_S_FAILURE;
> -       }
>         desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC);
>         if (IS_ERR(desc.tfm))
>                 return GSS_S_FAILURE;
> diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c
> index 2bc2277..c187f7f 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_seal.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
> @@ -108,7 +108,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
>         *(__be16 *)(krb5_hdr + 2) = htons(SGN_ALG_DES_MAC_MD5);
>         memset(krb5_hdr + 4, 0xff, 4);
>
> -       if (make_checksum(CKSUMTYPE_RSA_MD5, krb5_hdr, 8, text, 0, &md5cksum))
> +       if (make_checksum("md5", krb5_hdr, 8, text, 0, &md5cksum))
>                 goto out_err;
>
>         if (krb5_encrypt(ctx->seq, NULL, md5cksum.data,
> diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
> index 60469d9..62807ac 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
> @@ -114,8 +114,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
>         if (signalg != SGN_ALG_DES_MAC_MD5)
>                 goto out;
>
> -       ret = make_checksum(CKSUMTYPE_RSA_MD5, ptr - 2, 8,
> -                                message_buffer, 0, &md5cksum);
> +       ret = make_checksum("md5", ptr - 2, 8, message_buffer, 0, &md5cksum);
>         if (ret)
>                 goto out;
>
> diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
> index 2069371..6d508d7 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
> @@ -176,7 +176,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
>         /* XXXJBF: UGH!: */
>         tmp_pages = buf->pages;
>         buf->pages = pages;
> -       if (make_checksum(CKSUMTYPE_RSA_MD5, krb5_hdr, 8, buf,
> +       if (make_checksum("md5", krb5_hdr, 8, buf,
>                                 offset + headlen - blocksize, &md5cksum))
>                 goto out_err;
>         buf->pages = tmp_pages;
> @@ -272,7 +272,7 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf)
>                         ptr + 22 - (unsigned char *)buf->head[0].iov_base))
>                 goto out;
>
> -       ret = make_checksum(CKSUMTYPE_RSA_MD5, ptr - 2, 8, buf,
> +       ret = make_checksum("md5", ptr - 2, 8, buf,
>                  ptr + 22 - (unsigned char *)buf->head[0].iov_base, &md5cksum);
>         if (ret)
>                 goto out;
> --
> 1.4.4.1
>
> _______________________________________________
> NFSv4 mailing list
> NFSv4 at linux-nfs.org
> http://linux-nfs.org/cgi-bin/mailman/listinfo/nfsv4
>


-- 
"We who cut mere stones must always be envisioning cathedrals"
   -- Quarry worker's creed

More information about the NFSv4 mailing list