[enctypes round 2: PATCH 12/26] gss_krb5: use a global static OID value for krb5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Rather than depend on the mechanism oid passed down with the context
information, use a static version.  The new context format introduced
later will not include the oid.

Signed-off-by: Kevin Coffman <kwc@xxxxxxxxxxxxxx>
---

 net/sunrpc/auth_gss/gss_krb5_seal.c   |    4 ++--
 net/sunrpc/auth_gss/gss_krb5_unseal.c |    2 +-
 net/sunrpc/auth_gss/gss_krb5_wrap.c   |    6 +++---
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/net/sunrpc/auth_gss/gss_krb5_seal.c b/net/sunrpc/auth_gss/gss_krb5_seal.c
index c4df7af..58563be 100644
--- a/net/sunrpc/auth_gss/gss_krb5_seal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seal.c
@@ -77,10 +77,10 @@ setup_token(struct krb5_ctx *ctx, struct xdr_netobj *token)
 	__be16 *ptr, *krb5_hdr;
 	int body_size = GSS_KRB5_TOK_HDR_LEN + ctx->gk5e->cksumlength;
 
-	token->len = g_token_size(&ctx->mech_used, body_size);
+	token->len = g_token_size(&krb5_oid, body_size);
 
 	ptr = (__be16 *)token->data;
-	g_make_token_header(&ctx->mech_used, body_size, (unsigned char **)&ptr);
+	g_make_token_header(&krb5_oid, body_size, (unsigned char **)&ptr);
 
 	/* ptr now at start of header described in rfc 1964, section 1.2.1: */
 	krb5_hdr = ptr;
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index aff3fce..d405943 100644
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -89,7 +89,7 @@ gss_verify_mic_v1(struct krb5_ctx *ctx,
 
 	dprintk("RPC:       krb5_read_token\n");
 
-	if (g_verify_token_header(&ctx->mech_used, &bodysize, &ptr,
+	if (g_verify_token_header(&krb5_oid, &bodysize, &ptr,
 					read_token->len))
 		return GSS_S_DEFECTIVE_TOKEN;
 
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index f034af3..2e4ab81 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -180,7 +180,7 @@ gss_wrap_kerberos_v1(struct krb5_ctx *kctx, int offset,
 	BUG_ON((buf->len - offset) % blocksize);
 	plainlen = blocksize + buf->len - offset;
 
-	headlen = g_token_size(&kctx->mech_used,
+	headlen = g_token_size(&krb5_oid,
 		GSS_KRB5_TOK_HDR_LEN + kctx->gk5e->cksumlength + plainlen) -
 		(buf->len - offset);
 
@@ -191,7 +191,7 @@ gss_wrap_kerberos_v1(struct krb5_ctx *kctx, int offset,
 	/* XXX Would be cleverer to encrypt while copying. */
 	BUG_ON((buf->len - offset - headlen) % blocksize);
 
-	g_make_token_header(&kctx->mech_used,
+	g_make_token_header(&krb5_oid,
 				GSS_KRB5_TOK_HDR_LEN +
 				kctx->gk5e->cksumlength + plainlen, &ptr);
 
@@ -262,7 +262,7 @@ gss_unwrap_kerberos_v1(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf)
 	dprintk("RPC:       gss_unwrap_kerberos\n");
 
 	ptr = (u8 *)buf->head[0].iov_base + offset;
-	if (g_verify_token_header(&kctx->mech_used, &bodysize, &ptr,
+	if (g_verify_token_header(&krb5_oid, &bodysize, &ptr,
 					buf->len - offset))
 		return GSS_S_DEFECTIVE_TOKEN;
 

--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Filesystem Development]     [Linux USB Development]     [Linux Media Development]     [Video for Linux]     [Linux NILFS]     [Linux Audio Users]     [Yosemite Info]     [Linux SCSI]

  Powered by Linux