vserver 2.0 rc7

[linux-2.6.git] / net / sunrpc / auth_gss / svcauth_gss.c

diff --git a/net/sunrpc/auth_gss/svcauth_gss.c b/net/sunrpc/auth_gss/svcauth_gss.c
index 1b4a111..5c8fe3b 100644 (file)
--- a/net/sunrpc/auth_gss/svcauth_gss.c
+++ b/net/sunrpc/auth_gss/svcauth_gss.c
@@ -381,7 +381,6 @@ static int rsc_parse(struct cache_detail *cd,
        else {
                int N, i;
                struct gss_api_mech *gm;
-               struct xdr_netobj tmp_buf;
 
                /* gid */
                if (get_int(&mesg, &rsci.cred.cr_gid))
@@ -420,9 +419,7 @@ static int rsc_parse(struct cache_detail *cd,
                        gss_mech_put(gm);
                        goto out;
                }
-               tmp_buf.len = len;
-               tmp_buf.data = buf;
-               if (gss_import_sec_context(&tmp_buf, gm, &rsci.mechctx)) {
+               if (gss_import_sec_context(buf, len, gm, &rsci.mechctx)) {
                        gss_mech_put(gm);
                        goto out;
                }
@@ -730,6 +727,19 @@ struct gss_svc_data {
        struct rsc                      *rsci;
 };
 
+static int
+svcauth_gss_set_client(struct svc_rqst *rqstp)
+{
+       struct gss_svc_data *svcdata = rqstp->rq_auth_data;
+       struct rsc *rsci = svcdata->rsci;
+       struct rpc_gss_wire_cred *gc = &svcdata->clcred;
+
+       rqstp->rq_client = find_gss_auth_domain(rsci->mechctx, gc->gc_svc);
+       if (rqstp->rq_client == NULL)
+               return SVC_DENIED;
+       return SVC_OK;
+}
+
 /*
  * Accept an rpcsec packet.
  * If context establishment, punt to user space
@@ -893,11 +903,6 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp)
                svc_putu32(resv, rpc_success);
                goto complete;
        case RPC_GSS_PROC_DATA:
-               *authp = rpc_autherr_badcred;
-               rqstp->rq_client =
-                       find_gss_auth_domain(rsci->mechctx, gc->gc_svc);
-               if (rqstp->rq_client == NULL)
-                       goto auth_err;
                *authp = rpcsec_gsserr_ctxproblem;
                if (gss_write_verf(rqstp, rsci->mechctx, gc->gc_seq))
                        goto auth_err;
@@ -911,8 +916,6 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp)
                        if (unwrap_integ_data(&rqstp->rq_arg,
                                        gc->gc_seq, rsci->mechctx))
                                goto auth_err;
-                       svcdata->rsci = rsci;
-                       cache_get(&rsci->h);
                        /* placeholders for length and seq. number: */
                        svcdata->body_start = resv->iov_base + resv->iov_len;
                        svc_putu32(resv, 0);
@@ -923,6 +926,8 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp)
                default:
                        goto auth_err;
                }
+               svcdata->rsci = rsci;
+               cache_get(&rsci->h);
                ret = SVC_OK;
                goto out;
        }
@@ -1052,6 +1057,7 @@ static struct auth_ops svcauthops_gss = {
        .accept         = svcauth_gss_accept,
        .release        = svcauth_gss_release,
        .domain_release = svcauth_gss_domain_release,
+       .set_client     = svcauth_gss_set_client,
 };
 
 int