Commit ca54f896 authored by J. Bruce Fields's avatar J. Bruce Fields Committed by Trond Myklebust
Browse files

rpcgss: simplify make_checksum 



We're doing some pointless translation between krb5 constants and kernel
crypto string names.

Also clean up some related spkm3 code as necessary.

Signed-off-by: default avatarJ. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
parent 2818bf81

include/linux/sunrpc/gss_krb5.h

+1 −1
Original line number Diff line number Diff line
@@ -116,7 +116,7 @@ enum seal_alg { 
#define ENCTYPE_UNKNOWN         0x01ff



s32

make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,

make_checksum(char *, char *header, int hdrlen, struct xdr_buf *body,

		   int body_offset, struct xdr_netobj *cksum);



u32 gss_get_mic_kerberos(struct gss_ctx *, struct xdr_buf *,

net/sunrpc/auth_gss/gss_krb5_crypto.c

+1 −11
Original line number Diff line number Diff line
@@ -130,23 +130,13 @@ checksummer(struct scatterlist *sg, void *data) 


/* checksum the plaintext data and hdrlen bytes of the token header */

s32

make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,

make_checksum(char *cksumname, char *header, int hdrlen, struct xdr_buf *body,

		   int body_offset, struct xdr_netobj *cksum)

{

	char                            *cksumname;

	struct hash_desc                desc; /* XXX add to ctx? */

	struct scatterlist              sg[1];

	int err;



	switch (cksumtype) {

		case CKSUMTYPE_RSA_MD5:

			cksumname = "md5";

			break;

		default:

			dprintk("RPC:      krb5_make_checksum:"

				" unsupported checksum %d", cksumtype);

			return GSS_S_FAILURE;

	}

	desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC);

	if (IS_ERR(desc.tfm))

		return GSS_S_FAILURE;

net/sunrpc/auth_gss/gss_krb5_seal.c

+1 −1
Original line number Diff line number Diff line
@@ -108,7 +108,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text, 
	*(__be16 *)(krb5_hdr + 2) = htons(SGN_ALG_DES_MAC_MD5);

	memset(krb5_hdr + 4, 0xff, 4);



	if (make_checksum(CKSUMTYPE_RSA_MD5, krb5_hdr, 8, text, 0, &md5cksum))

	if (make_checksum("md5", krb5_hdr, 8, text, 0, &md5cksum))

		goto out_err;



	if (krb5_encrypt(ctx->seq, NULL, md5cksum.data,

net/sunrpc/auth_gss/gss_krb5_unseal.c

+1 −2
Original line number Diff line number Diff line
@@ -114,8 +114,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx, 
	if (signalg != SGN_ALG_DES_MAC_MD5)

		goto out;



	ret = make_checksum(CKSUMTYPE_RSA_MD5, ptr - 2, 8,

				 message_buffer, 0, &md5cksum);

	ret = make_checksum("md5", ptr - 2, 8, message_buffer, 0, &md5cksum);

	if (ret)

		goto out;

net/sunrpc/auth_gss/gss_krb5_wrap.c

+2 −2
Original line number Diff line number Diff line
@@ -176,7 +176,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset, 
	/* XXXJBF: UGH!: */

	tmp_pages = buf->pages;

	buf->pages = pages;

	if (make_checksum(CKSUMTYPE_RSA_MD5, krb5_hdr, 8, buf,

	if (make_checksum("md5", krb5_hdr, 8, buf,

				offset + headlen - blocksize, &md5cksum))

		goto out_err;

	buf->pages = tmp_pages;
@@ -272,7 +272,7 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf) 
			ptr + 22 - (unsigned char *)buf->head[0].iov_base))

		goto out;



	ret = make_checksum(CKSUMTYPE_RSA_MD5, ptr - 2, 8, buf,

	ret = make_checksum("md5", ptr - 2, 8, buf,

		 ptr + 22 - (unsigned char *)buf->head[0].iov_base, &md5cksum);

	if (ret)

		goto out;

CRA Git | Maintained and supported by SUSTech CRA and CCSE