Merge branch 'sii-m15w' into upstream

[pandora-kernel.git] / net / sunrpc / auth_gss / gss_krb5_mech.c

diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 8b9066f..70e1e53 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -97,13 +97,17 @@ get_key(const void *p, const void *end, struct crypto_tfm **res)
                        alg_mode = CRYPTO_TFM_MODE_CBC;
                        break;
                default:
-                       dprintk("RPC:      get_key: unsupported algorithm %d\n", alg);
+                       printk("gss_kerberos_mech: unsupported algorithm %d\n", alg);
                        goto out_err_free_key;
        }
-       if (!(*res = crypto_alloc_tfm(alg_name, alg_mode)))
+       if (!(*res = crypto_alloc_tfm(alg_name, alg_mode))) {
+               printk("gss_kerberos_mech: unable to initialize crypto algorithm %s\n", alg_name);
                goto out_err_free_key;
-       if (crypto_cipher_setkey(*res, key.data, key.len))
+       }
+       if (crypto_cipher_setkey(*res, key.data, key.len)) {
+               printk("gss_kerberos_mech: error setting key for crypto algorithm %s\n", alg_name);
                goto out_err_free_tfm;
+       }
 
        kfree(key.data);
        return p;
@@ -125,9 +129,8 @@ gss_import_sec_context_kerberos(const void *p,
        const void *end = (const void *)((const char *)p + len);
        struct  krb5_ctx *ctx;
 
-       if (!(ctx = kmalloc(sizeof(*ctx), GFP_KERNEL)))
+       if (!(ctx = kzalloc(sizeof(*ctx), GFP_KERNEL)))
                goto out_err;
-       memset(ctx, 0, sizeof(*ctx));
 
        p = simple_get_bytes(p, end, &ctx->initiate, sizeof(ctx->initiate));
        if (IS_ERR(p))
@@ -165,7 +168,7 @@ gss_import_sec_context_kerberos(const void *p,
        }
 
        ctx_id->internal_ctx_id = ctx;
-       dprintk("RPC:      Succesfully imported new context.\n");
+       dprintk("RPC:      Successfully imported new context.\n");
        return 0;
 
 out_err_free_key2:
@@ -190,42 +193,12 @@ gss_delete_sec_context_kerberos(void *internal_ctx) {
        kfree(kctx);
 }
 
-static u32
-gss_verify_mic_kerberos(struct gss_ctx         *ctx,
-                       struct xdr_buf          *message,
-                       struct xdr_netobj       *mic_token,
-                       u32                     *qstate) {
-       u32 maj_stat = 0;
-       int qop_state;
-       struct krb5_ctx *kctx = ctx->internal_ctx_id;
-
-       maj_stat = krb5_read_token(kctx, mic_token, message, &qop_state);
-       if (!maj_stat && qop_state)
-           *qstate = qop_state;
-
-       dprintk("RPC:      gss_verify_mic_kerberos returning %d\n", maj_stat);
-       return maj_stat;
-}
-
-static u32
-gss_get_mic_kerberos(struct gss_ctx    *ctx,
-                    u32                qop,
-                    struct xdr_buf     *message,
-                    struct xdr_netobj  *mic_token) {
-       u32 err = 0;
-       struct krb5_ctx *kctx = ctx->internal_ctx_id;
-
-       err = krb5_make_token(kctx, qop, message, mic_token);
-
-       dprintk("RPC:      gss_get_mic_kerberos returning %d\n",err);
-
-       return err;
-}
-
 static struct gss_api_ops gss_kerberos_ops = {
        .gss_import_sec_context = gss_import_sec_context_kerberos,
        .gss_get_mic            = gss_get_mic_kerberos,
        .gss_verify_mic         = gss_verify_mic_kerberos,
+       .gss_wrap               = gss_wrap_kerberos,
+       .gss_unwrap             = gss_unwrap_kerberos,
        .gss_delete_sec_context = gss_delete_sec_context_kerberos,
 };
 
@@ -240,6 +213,11 @@ static struct pf_desc gss_kerberos_pfs[] = {
                .service = RPC_GSS_SVC_INTEGRITY,
                .name = "krb5i",
        },
+       [2] = {
+               .pseudoflavor = RPC_AUTH_GSS_KRB5P,
+               .service = RPC_GSS_SVC_PRIVACY,
+               .name = "krb5p",
+       },
 };
 
 static struct gss_api_mech gss_kerberos_mech = {