#include <linux/slab.h>
#include <linux/sunrpc/auth.h>
#include <linux/in.h>
-#include <linux/sunrpc/svcauth_gss.h>
#include <linux/sunrpc/gss_krb5.h>
#include <linux/sunrpc/xdr.h>
#include <linux/crypto.h>
alg_mode = CRYPTO_TFM_MODE_CBC;
break;
default:
- dprintk("RPC: get_key: unsupported algorithm %d\n", alg);
+ dprintk("RPC: get_key: unsupported algorithm %d\n", alg);
goto out_err_free_key;
}
if (!(*res = crypto_alloc_tfm(alg_name, alg_mode)))
goto out_err_free_key2;
ctx_id->internal_ctx_id = ctx;
- dprintk("Succesfully imported new context.\n");
+ dprintk("RPC: Succesfully imported new context.\n");
return 0;
out_err_free_key2:
if (!maj_stat && qop_state)
*qstate = qop_state;
- dprintk("RPC: gss_verify_mic_kerberos returning %d\n", maj_stat);
+ dprintk("RPC: gss_verify_mic_kerberos returning %d\n", maj_stat);
return maj_stat;
}
err = krb5_make_token(kctx, qop, message, mic_token, KG_TOK_MIC_MSG);
- dprintk("RPC: gss_get_mic_kerberos returning %d\n",err);
+ dprintk("RPC: gss_get_mic_kerberos returning %d\n",err);
return err;
}
static struct gss_api_ops gss_kerberos_ops = {
- .name = "krb5",
.gss_import_sec_context = gss_import_sec_context_kerberos,
.gss_get_mic = gss_get_mic_kerberos,
.gss_verify_mic = gss_verify_mic_kerberos,
.gss_delete_sec_context = gss_delete_sec_context_kerberos,
};
-/* XXX error checking? reference counting? */
+static struct pf_desc gss_kerberos_pfs[] = {
+ [0] = {
+ .pseudoflavor = RPC_AUTH_GSS_KRB5,
+ .service = RPC_GSS_SVC_NONE,
+ .name = "krb5",
+ },
+ [1] = {
+ .pseudoflavor = RPC_AUTH_GSS_KRB5I,
+ .service = RPC_GSS_SVC_INTEGRITY,
+ .name = "krb5i",
+ },
+};
+
+static struct gss_api_mech gss_kerberos_mech = {
+ .gm_name = "krb5",
+ .gm_owner = THIS_MODULE,
+ .gm_ops = &gss_kerberos_ops,
+ .gm_pf_num = ARRAY_SIZE(gss_kerberos_pfs),
+ .gm_pfs = gss_kerberos_pfs,
+};
+
static int __init init_kerberos_module(void)
{
- struct gss_api_mech *gm;
+ int status;
- if (gss_mech_register(&gss_mech_krb5_oid, &gss_kerberos_ops))
+ status = gss_mech_register(&gss_kerberos_mech);
+ if (status)
printk("Failed to register kerberos gss mechanism!\n");
- gm = gss_mech_get_by_OID(&gss_mech_krb5_oid);
- gss_register_triple(RPC_AUTH_GSS_KRB5 , gm, 0, RPC_GSS_SVC_NONE);
- gss_register_triple(RPC_AUTH_GSS_KRB5I, gm, 0, RPC_GSS_SVC_INTEGRITY);
- if (svcauth_gss_register_pseudoflavor(RPC_AUTH_GSS_KRB5, "krb5"))
- printk("Failed to register %s with server!\n", "krb5");
- if (svcauth_gss_register_pseudoflavor(RPC_AUTH_GSS_KRB5I, "krb5i"))
- printk("Failed to register %s with server!\n", "krb5i");
- gss_mech_put(gm);
- return 0;
+ return status;
}
static void __exit cleanup_kerberos_module(void)
{
- gss_unregister_triple(RPC_AUTH_GSS_KRB5I);
- gss_unregister_triple(RPC_AUTH_GSS_KRB5);
+ gss_mech_unregister(&gss_kerberos_mech);
}
MODULE_LICENSE("GPL");