linux/net/sunrpc/auth_gss
J. Bruce Fields d922a84a8b rpcgss: krb5: sanity check sealalg value in the downcall
The sealalg is checked in several places, giving the impression it could be
either SEAL_ALG_NONE or SEAL_ALG_DES.  But in fact SEAL_ALG_NONE seems to
be sufficient only for making mic's, and all the contexts we get must be
capable of wrapping as well.  So the sealalg must be SEAL_ALG_DES.  As
with signalg, just check for the right value on the downcall and ignore it
otherwise.  Similarly, tighten expectations for the sealalg on incoming
tokens, in case we do support other values eventually.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2006-12-06 10:46:47 -05:00
..
Makefile RPCSEC_GSS: Add support for privacy to krb5 rpcsec_gss mechanism. 2005-10-18 23:19:46 -07:00
auth_gss.c rpc: spkm3 update 2006-12-06 10:46:44 -05:00
gss_generic_token.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
gss_krb5_crypto.c rpcgss: simplify make_checksum 2006-12-06 10:46:46 -05:00
gss_krb5_mech.c rpcgss: krb5: sanity check sealalg value in the downcall 2006-12-06 10:46:47 -05:00
gss_krb5_seal.c rpcgss: krb5: sanity check sealalg value in the downcall 2006-12-06 10:46:47 -05:00
gss_krb5_seqnum.c [SUNRPC] GSS: Use block ciphers where applicable 2006-09-21 11:46:15 +10:00
gss_krb5_unseal.c rpcgss: krb5: clean up some goto's, etc. 2006-12-06 10:46:46 -05:00
gss_krb5_wrap.c rpcgss: krb5: sanity check sealalg value in the downcall 2006-12-06 10:46:47 -05:00
gss_mech_switch.c [NET]: Conversions from kmalloc+memset to k(z|c)alloc. 2006-07-21 14:51:30 -07:00
gss_spkm3_mech.c rpc: spkm3 update 2006-12-06 10:46:44 -05:00
gss_spkm3_seal.c rpc: spkm3 update 2006-12-06 10:46:44 -05:00
gss_spkm3_token.c rpc: spkm3 update 2006-12-06 10:46:44 -05:00
gss_spkm3_unseal.c rpc: spkm3 update 2006-12-06 10:46:44 -05:00
svcauth_gss.c [SUNRPC]: Use k{mem,str}dup where applicable 2006-12-02 21:30:20 -08:00