[PATCH 18/28] gss_krb5: use a global static OID value for krb5
Kevin Coffman
kwc at citi.umich.edu
Mon Mar 31 12:57:37 EDT 2008
On Mon, Mar 31, 2008 at 12:00 PM, Chuck Lever <chuck.lever at oracle.com> wrote:
> On Mar 31, 2008, at 10:32 AM, Kevin Coffman wrote:
> > Rather than depend on the mechanism oid passed down with the context
> > information, use a static version. The new context format introduced
> > later will not include the oid.
>
> I wonder if it would make more sense to fold this patch into the
> subsequent changes to the context format.
I did it separately in the interest of smaller, easier to review
patches. I'll leave that decision up to the community.
> > Signed-off-by: Kevin Coffman <kwc at citi.umich.edu>
> > ---
> >
> > net/sunrpc/auth_gss/gss_krb5_seal.c | 4 ++--
> > net/sunrpc/auth_gss/gss_krb5_unseal.c | 2 +-
> > net/sunrpc/auth_gss/gss_krb5_wrap.c | 6 +++---
> > 3 files changed, 6 insertions(+), 6 deletions(-)
> >
> > diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/
> > auth_gss/gss_krb5_seal.c
> > index 3c93482..e4241c9 100644
> > --- a/net/sunrpc/auth_gss/gss_krb5_seal.c
> > +++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
> > @@ -77,10 +77,10 @@ setup_token(struct krb5_ctx *ctx, struct
> > xdr_netobj *token)
> > __be16 *ptr, *krb5_hdr;
> > int body_size = 16 + ctx->gk5e->cksumlength;
> >
> > - token->len = g_token_size(&ctx->mech_used, body_size);
> > + token->len = g_token_size(&krb5_oid, body_size);
> >
> > ptr = (__be16 *)token->data;
> > - g_make_token_header(&ctx->mech_used, body_size, (unsigned char **)
> > &ptr);
> > + g_make_token_header(&krb5_oid, body_size, (unsigned char **)&ptr);
> >
> > /* ptr now at start of header described in rfc 1964, section
> > 1.2.1: */
> > krb5_hdr = ptr;
> > diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/
> > auth_gss/gss_krb5_unseal.c
> > index 2681ff1..10f4922 100644
> > --- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
> > +++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
> > @@ -89,7 +89,7 @@ gss_verify_mic_v1(struct krb5_ctx *ctx,
> >
> > dprintk("RPC: krb5_read_token\n");
> >
> > - if (g_verify_token_header(&ctx->mech_used, &bodysize, &ptr,
> > + if (g_verify_token_header(&krb5_oid, &bodysize, &ptr,
> > read_token->len))
> > return GSS_S_DEFECTIVE_TOKEN;
> >
> > diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/
> > auth_gss/gss_krb5_wrap.c
> > index 1d11969..5da79bb 100644
> > --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
> > +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
> > @@ -146,7 +146,7 @@ gss_wrap_kerberos_v1(struct krb5_ctx *kctx, int
> > offset,
> > BUG_ON((buf->len - offset) % blocksize);
> > plainlen = blocksize + buf->len - offset;
> >
> > - headlen = g_token_size(&kctx->mech_used,
> > + headlen = g_token_size(&krb5_oid,
> > 16 + kctx->gk5e->cksumlength + plainlen) - (buf->len - offset);
> >
> > ptr = buf->head[0].iov_base + offset;
> > @@ -158,7 +158,7 @@ gss_wrap_kerberos_v1(struct krb5_ctx *kctx, int
> > offset,
> > buf->len += headlen;
> > BUG_ON((buf->len - offset - headlen) % blocksize);
> >
> > - g_make_token_header(&kctx->mech_used,
> > + g_make_token_header(&krb5_oid,
> > 16 + kctx->gk5e->cksumlength + plainlen, &ptr);
> >
> >
> > @@ -229,7 +229,7 @@ gss_unwrap_kerberos_v1(struct krb5_ctx *kctx,
> > int offset, struct xdr_buf *buf)
> > dprintk("RPC: gss_unwrap_kerberos\n");
> >
> > ptr = (u8 *)buf->head[0].iov_base + offset;
> > - if (g_verify_token_header(&kctx->mech_used, &bodysize, &ptr,
> > + if (g_verify_token_header(&krb5_oid, &bodysize, &ptr,
> > buf->len - offset))
> > return GSS_S_DEFECTIVE_TOKEN;
> >
> >
> > _______________________________________________
> > NFSv4 mailing list
> > NFSv4 at linux-nfs.org
> > http://linux-nfs.org/cgi-bin/mailman/listinfo/nfsv4
>
> --
> Chuck Lever
> chuck[dot]lever[at]oracle[dot]com
>
>
>
>
More information about the NFSv4
mailing list