gss: krb5: remove signalg and sealalg (e678e06b) · Commits · 戴 / test

include/linux/sunrpc/gss_krb5.h

+0 −1

Original line number	Diff line number	Diff line
		@@ -44,7 +44,6 @@ struct krb5_ctx {
		int initiate; /* 1 = initiating, 0 = accepting */
		int seed_init;
		unsigned char seed[16];
		int signalg;
		int sealalg;
		struct crypto_blkcipher *enc;
		struct crypto_blkcipher *seq;

+4 −1

Original line number	Diff line number	Diff line
		@@ -129,6 +129,7 @@ gss_import_sec_context_kerberos(const void *p,
		{
		const void end = (const void )((const char *)p + len);
		struct krb5_ctx *ctx;
		int tmp;

		if (!(ctx = kzalloc(sizeof(*ctx), GFP_KERNEL)))
		goto out_err;
		@@ -142,9 +143,11 @@ gss_import_sec_context_kerberos(const void *p,
		p = simple_get_bytes(p, end, ctx->seed, sizeof(ctx->seed));
		if (IS_ERR(p))
		goto out_err_free_ctx;
		p = simple_get_bytes(p, end, &ctx->signalg, sizeof(ctx->signalg));
		p = simple_get_bytes(p, end, &tmp, sizeof(tmp));
		if (IS_ERR(p))
		goto out_err_free_ctx;
		if (tmp != SGN_ALG_DES_MAC_MD5)
		goto out_err_free_ctx;
		p = simple_get_bytes(p, end, &ctx->sealalg, sizeof(ctx->sealalg));
		if (IS_ERR(p))
		goto out_err_free_ctx;

+10 −24

Original line number	Diff line number	Diff line
		@@ -88,15 +88,7 @@ gss_get_mic_kerberos(struct gss_ctx gss_ctx, struct xdr_buf text,

		now = get_seconds();

		switch (ctx->signalg) {
		case SGN_ALG_DES_MAC_MD5:
		checksum_type = CKSUMTYPE_RSA_MD5;
		break;
		default:
		dprintk("RPC: gss_krb5_seal: ctx->signalg %d not"
		" supported\n", ctx->signalg);
		goto out_err;
		}
		if (ctx->sealalg != SEAL_ALG_NONE && ctx->sealalg != SEAL_ALG_DES) {
		dprintk("RPC: gss_krb5_seal: ctx->sealalg %d not supported\n",
		ctx->sealalg);
		@@ -115,24 +107,18 @@ gss_get_mic_kerberos(struct gss_ctx gss_ctx, struct xdr_buf text,
		krb5_hdr = ptr - 2;
		msg_start = krb5_hdr + 24;

		(__be16 )(krb5_hdr + 2) = htons(ctx->signalg);
		(__be16 )(krb5_hdr + 2) = htons(SGN_ALG_DES_MAC_MD5);
		memset(krb5_hdr + 4, 0xff, 4);

		if (make_checksum(checksum_type, krb5_hdr, 8, text, 0, &md5cksum))
		goto out_err;

		switch (ctx->signalg) {
		case SGN_ALG_DES_MAC_MD5:
		if (krb5_encrypt(ctx->seq, NULL, md5cksum.data,
		md5cksum.data, md5cksum.len))
		goto out_err;
		memcpy(krb5_hdr + 16,
		md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH,
		KRB5_CKSUM_LENGTH);
		break;
		default:
		BUG();
		}

		spin_lock(&krb5_seq_lock);
		seq_send = ctx->seq_send++;

+8 −22

Original line number	Diff line number	Diff line
		@@ -134,15 +134,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,

		now = get_seconds();

		switch (kctx->signalg) {
		case SGN_ALG_DES_MAC_MD5:
		checksum_type = CKSUMTYPE_RSA_MD5;
		break;
		default:
		dprintk("RPC: gss_krb5_seal: kctx->signalg %d not"
		" supported\n", kctx->signalg);
		goto out_err;
		}
		if (kctx->sealalg != SEAL_ALG_NONE && kctx->sealalg != SEAL_ALG_DES) {
		dprintk("RPC: gss_krb5_seal: kctx->sealalg %d not supported\n",
		kctx->sealalg);
		@@ -177,7 +169,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
		msg_start = krb5_hdr + 24;
		/* XXXJBF: */ BUG_ON(buf->head[0].iov_base + offset + headlen != msg_start + blocksize);

		(__be16 )(krb5_hdr + 2) = htons(kctx->signalg);
		(__be16 )(krb5_hdr + 2) = htons(SGN_ALG_DES_MAC_MD5);
		memset(krb5_hdr + 4, 0xff, 4);
		(__be16 )(krb5_hdr + 4) = htons(kctx->sealalg);

		@@ -191,18 +183,12 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
		goto out_err;
		buf->pages = tmp_pages;

		switch (kctx->signalg) {
		case SGN_ALG_DES_MAC_MD5:
		if (krb5_encrypt(kctx->seq, NULL, md5cksum.data,
		md5cksum.data, md5cksum.len))
		goto out_err;
		memcpy(krb5_hdr + 16,
		md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH,
		KRB5_CKSUM_LENGTH);
		break;
		default:
		BUG();
		}

		spin_lock(&krb5_seq_lock);
		seq_send = kctx->seq_send++;