400f26b542e86995662a0cc5483656b7b1f42af6 |
|
26-May-2012 |
Simo Sorce <simo@redhat.com> |
SUNRPC: conditionally return endtime from import_sec_context We expose this parameter for a future caller. It will be used to extract the endtime from the gss-proxy upcall mechanism, in order to set the rsc cache expiration time. Signed-off-by: Simo Sorce <simo@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
83523d083a045a2069e5f3443d2e4f810a6e6d9a |
|
16-Mar-2013 |
Chuck Lever <chuck.lever@oracle.com> |
SUNRPC: Consider qop when looking up pseudoflavors The NFSv4 SECINFO operation returns a list of security flavors that the server supports for a particular share. An NFSv4 client is supposed to pick a pseudoflavor it supports that corresponds to one of the flavors returned by the server. GSS flavors in this list have a GSS tuple that identify a specific GSS pseudoflavor. Currently our client ignores the GSS tuple's "qop" value. A matching pseudoflavor is chosen based only on the OID and service value. So far this omission has not had much effect on Linux. The NFSv4 protocol currently supports only one qop value: GSS_C_QOP_DEFAULT, also known as zero. However, if an NFSv4 server happens to return something other than zero in the qop field, our client won't notice. This could cause the client to behave in incorrect ways that could have security implications. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
f783288f0cf47f1988f5284c89e325bd22c74f91 |
|
16-Mar-2013 |
Chuck Lever <chuck.lever@oracle.com> |
SUNRPC: Load GSS kernel module by OID The current GSS mech switch can find and load GSS pseudoflavor modules by name ("krb5") or pseudoflavor number ("390003"), but cannot find GSS modules by GSS tuple: [ "1.2.840.113554.1.2.2", GSS_C_QOP_DEFAULT, RPC_GSS_SVC_NONE ] This is important when dealing with a SECINFO request. A SECINFO reply contains a list of flavors the server supports for the requested export, but GSS flavors also have a GSS tuple that maps to a pseudoflavor (like 390003 for krb5). If the GSS module that supports the OID in the tuple is not loaded, our client is not able to load that module dynamically to support that pseudoflavor. Add a way for the GSS mech switch to load GSS pseudoflavor support by OID before searching for the pseudoflavor that matches the OID and service. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
fb15b26f8ba3ff629a052faf3f4a4744585ca2dc |
|
16-Mar-2013 |
Chuck Lever <chuck.lever@oracle.com> |
SUNRPC: Define rpcsec_gss_info structure The NFSv4 SECINFO procedure returns a list of security flavors. Any GSS flavor also has a GSS tuple containing an OID, a quality-of- protection value, and a service value, which specifies a particular GSS pseudoflavor. For simplicity and efficiency, I'd like to return each GSS tuple from the NFSv4 SECINFO XDR decoder and pass it straight into the RPC client. Define a data structure that is visible to both the NFS client and the RPC client. Take structure and field names from the relevant standards to avoid confusion. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
95c961747284a6b83a5e2d81240e214b0fa3464d |
|
15-Apr-2012 |
Eric Dumazet <eric.dumazet@gmail.com> |
net: cleanup unsigned to unsigned int Use of "unsigned int" is preferred to bare "unsigned" in net tree. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
09acfea5d8de419ebe84be43b08f7b79c965215f |
|
11-Mar-2012 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
SUNRPC: Fix a few sparse warnings net/sunrpc/svcsock.c:412:22: warning: incorrect type in assignment (different address spaces) - svc_partial_recvfrom now takes a struct kvec, so the variable save_iovbase needs to be an ordinary (void *) Make a bunch of variables in net/sunrpc/xprtsock.c static Fix a couple of "warning: symbol 'foo' was not declared. Should it be static?" reports. Fix a couple of conflicting function declarations. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
058c5c99999609e3de7e15b49049665f02d06577 |
|
22-Jun-2011 |
J. Bruce Fields <bfields@redhat.com> |
rpc: allow autoloading of gss mechanisms Remove the need for an explicit modprobe of rpcsec_gss_krb5. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
b084f598df36b62dfae83c10ed17f0b66b50f442 |
|
31-May-2011 |
J. Bruce Fields <bfields@redhat.com> |
nfsd: fix dependency of nfsd on auth_rpcgss Commit b0b0c0a26e84 "nfsd: add proc file listing kernel's gss_krb5 enctypes" added an nunnecessary dependency of nfsd on the auth_rpcgss module. It's a little ad hoc, but since the only piece of information nfsd needs from rpcsec_gss_krb5 is a single static string, one solution is just to share it with an include file. Cc: stable@kernel.org Reported-by: Michael Guntsche <mike@it-loops.com> Cc: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
0867659fa3c245bf203d837a82e0f6ea5079c2c5 |
|
06-Apr-2011 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
Revert "net/sunrpc: Use static const char arrays" This reverts commit 411b5e05617593efebc06241dbc56f42150f2abe. Olga Kornievskaia reports: Problem: linux client mounting linux server using rc4-hmac-md5 enctype. gssd fails with create a context after receiving a reply from the server. Diagnose: putting printout statements in the server kernel and kerberos libraries revealed that client and server derived different integrity keys. Server kernel code was at fault due the the commit [aglo@skydive linux-pnfs]$ git show 411b5e05617593efebc06241dbc56f42150f2abe Trond: The problem is that since it relies on virt_to_page(), you cannot call sg_set_buf() for data in the const section. Reported-by: Olga Kornievskaia <aglo@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: stable@kernel.org [2.6.36+]
|
f8628220bb395104697be9c447c1085846dfc97c |
|
03-Mar-2011 |
Kevin Coffman <kwc@citi.umich.edu> |
gss:krb5 only include enctype numbers in gm_upcall_enctypes Make the value in gm_upcall_enctypes just the enctype values. This allows the values to be used more easily elsewhere. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
540c8cb6a576f34a9a0b04467f46bb6e67a1f852 |
|
03-Mar-2011 |
Kevin Coffman <kwc@citi.umich.edu> |
gss:krb5 only include enctype numbers in gm_upcall_enctypes Make the value in gm_upcall_enctypes just the enctype values. This allows the values to be used more easily elsewhere. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
411b5e05617593efebc06241dbc56f42150f2abe |
|
13-Sep-2010 |
Joe Perches <joe@perches.com> |
net/sunrpc: Use static const char arrays Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
ce8477e1176389ed920550f4c925ad4a815b22d5 |
|
13-Sep-2010 |
Bian Naimeng <biannm@cn.fujitsu.com> |
gss:krb5 miss returning error to caller when import security context krb5 miss returning error to up layer when import security context, it may be return ok though it has failed to import security context. Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
1f4c86c0be9064ab4eebd9e67c84606c1cfeec4b |
|
13-May-2010 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
NFS: Don't use GFP_KERNEL in rpcsec_gss downcalls Again, we can deadlock if the memory reclaim triggers a writeback that requires a rpcsec_gss credential lookup. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
fc54a0c65fc8cae6b0355512f0b619c1515e7d7f |
|
08-Apr-2010 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
gss_krb5: Advertise rc4-hmac enctype support in the rpcsec_gss/krb5 upcall Update the upcall info indicating which Kerberos enctypes the kernel supports Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
fffdaef2eb4a7333952e55cf97f1fc0fcc35f981 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: Add support for rc4-hmac encryption Add necessary changes to add kernel support for the rc4-hmac Kerberos encryption type used by Microsoft and described in rfc4757. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
5af46547ec451918f3ba51efe59b317d33adf701 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: Use confounder length in wrap code All encryption types use a confounder at the beginning of the wrap token. In all encryption types except arcfour-hmac, the confounder is the same as the blocksize. arcfour-hmac has a blocksize of one, but uses an eight byte confounder. Add an entry to the crypto framework definitions for the confounder length and change the wrap/unwrap code to use the confounder length rather than assuming it is always the blocksize. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
fc263a917afad3bda7b823a6edc803a40e7f6015 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: Save the raw session key in the context This is needed for deriving arcfour-hmac keys "on the fly" using the sequence number or checksu Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
bf6d359c508cf83401c942262a9749752598394d |
|
08-Apr-2010 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
gss_krb5: Advertise AES enctype support in the rpcsec_gss/krb5 upcall Update upcall info indicating which Kerberos enctypes the kernel supports Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
934a95aa1c9c6ad77838800b79c306e982437605 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: add remaining pieces to enable AES encryption support Add the remaining pieces to enable support for Kerberos AES encryption types. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
4018bf3eec5ff6bf1234a602a4e72518757a7f55 |
|
08-Apr-2010 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
gss_krb5: Advertise triple-des enctype support in the rpcsec_gss/krb5 upcall Update the upcall info indicating which Kerberos enctypes the kernel supports. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
958142e97e04d6c266ae093739bbbbd03afcd497 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: add support for triple-des encryption Add the final pieces to support the triple-des encryption type. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
683ac6656cb05b6e83593770ffc049eee4a4d119 |
|
08-Apr-2010 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
gss_krb5: Add upcall info indicating supported kerberos enctypes The text based upcall now indicates which Kerberos encryption types are supported by the kernel rpcsecgss code. This is used by gssd to determine which encryption types it should attempt to negotiate when creating a context with a server. The server principal's database and keytab encryption types are what limits what it should negotiate. Therefore, its keytab should be created with only the enctypes listed by this file. Currently we support des-cbc-crc, des-cbc-md4 and des-cbc-md5 Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
47d84807762966c3611c38adecec6ea703ddda7a |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: handle new context format from gssd For encryption types other than DES, gssd sends down context information in a new format. This new format includes the information needed to support the new Kerberos GSS-API tokens defined in rfc4121. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
4891f2d008e4343eedea39ba1fe74864f1d32be0 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: import functionality to derive keys into the kernel Import the code to derive Kerberos keys from a base key into the kernel. This will allow us to change the format of the context information sent down from gssd to include only a single key. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
e1f6c07b1160ef28e8754d12e6c03288dd9d5ca8 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: add ability to have a keyed checksum (hmac) Encryption types besides DES may use a keyed checksum (hmac). Modify the make_checksum() function to allow for a key and take care of enctype-specific processing such as truncating the resulting hash. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
81d4a4333a1dfd6070f046265d928bb4c79aff88 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: introduce encryption type framework Add enctype framework and change functions to use the generic values from it rather than the values hard-coded for des. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
a8cc1cb7d7a12b0e2855832d10cfbfaffebfad6c |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: prepare for new context format Prepare for new context format by splitting out the old "v1" context processing function Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
1ac3719a2214c545c7e19d34e272a148ca9a24f1 |
|
17-Mar-2010 |
Kevin Coffman <kwc@citi.umich.edu> |
gss_krb5: split up functions in preparation of adding new enctypes Add encryption type to the krb5 context structure and use it to switch to the correct functions depending on the encryption type. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
14ace024b1e16d2bb9445c8387494fbbd820a738 |
|
18-Dec-2009 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
SUNRPC: Fix up an error return value in gss_import_sec_context_kerberos() If the context allocation fails, the function currently returns a random error code, since the variable 'p' still points to a valid memory location. Ensure that it returns ENOMEM... Cc: stable@kernel.org Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
0f38b873aeaae698c3693748438547c8493165fb |
|
11-Jun-2008 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
SUNRPC: Use GFP_NOFS when allocating credentials Since the credentials may be allocated during the call to rpc_new_task(), which again may be called by a memory allocator... Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
ef338bee3f4f509e82066e100f76fecbbbbc4cca |
|
10-Nov-2007 |
Kevin Coffman <kwc@citi.umich.edu> |
sunrpc: return error if unsupported enctype or cksumtype is encountered Return an error from gss_import_sec_context_kerberos if the negotiated context contains encryption or checksum types not supported by the kernel code. This fixes an Oops because success was assumed and later code found no internal_ctx_id. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
ae4c40b1d81f5299c04330306736b2f0f0539f4b |
|
17-Jul-2007 |
Usha Ketineni <ketineni@us.ibm.com> |
knfsd: rpc: add gss krb5 and spkm3 oid values Adds oid values to the gss_api mechanism structures. On the NFSV4 server side, these are required as part of the security triple (oid,qop,service) information being sent in the response of the SECINFO operation. Signed-off-by: Usha Ketineni <uketinen@us.ibm.com> Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
f1c0a8615090359d57e096157feb9f900cbb233c |
|
24-Jun-2007 |
Trond Myklebust <Trond.Myklebust@netapp.com> |
SUNRPC: Mark auth and cred operation tables as constant. Also do the same for gss_api operation tables. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
8885cb367f86ce02bed3bf18192d74a53ac3b81f |
|
31-Jan-2007 |
Chuck Lever <chuck.lever@oracle.com> |
SUNRPC: fix print format for tk_pid in auth_gss support The tk_pid field is an unsigned short. The proper print format specifier for that type is %5u, not %4d. Also clean up some miscellaneous print formatting nits. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
717757ad1038ab6aacb89bad579c89b006efd913 |
|
05-Dec-2006 |
J. Bruce Fields <bfields@fieldses.org> |
rpcgss: krb5: ignore seed We're currently not actually using seed or seed_init. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
d922a84a8bf1d627810906d033223d4fa629fdbf |
|
05-Dec-2006 |
J. Bruce Fields <bfields@fieldses.org> |
rpcgss: krb5: sanity check sealalg value in the downcall The sealalg is checked in several places, giving the impression it could be either SEAL_ALG_NONE or SEAL_ALG_DES. But in fact SEAL_ALG_NONE seems to be sufficient only for making mic's, and all the contexts we get must be capable of wrapping as well. So the sealalg must be SEAL_ALG_DES. As with signalg, just check for the right value on the downcall and ignore it otherwise. Similarly, tighten expectations for the sealalg on incoming tokens, in case we do support other values eventually. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
e678e06bf8fa25981a6fa1f08b979fd086d713f8 |
|
05-Dec-2006 |
J. Bruce Fields <bfields@fieldses.org> |
gss: krb5: remove signalg and sealalg We designed the krb5 context import without completely understanding the context. Now it's clear that there are a number of fields that we ignore, or that we depend on having one single value. In particular, we only support one value of signalg currently; so let's check the signalg field in the downcall (in case we decide there's something else we could support here eventually), but ignore it otherwise. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
e69062b4f728dca01ec1a9eb4ed55b73a374f164 |
|
21-Nov-2006 |
Arnaldo Carvalho de Melo <acme@mandriva.com> |
[SUNRPC]: Use k{mem,str}dup where applicable Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
|
378c6697a282c383d89428380a3405bf95189347 |
|
22-Aug-2006 |
Herbert Xu <herbert@gondor.apana.org.au> |
[SUNRPC] GSS: Use block ciphers where applicable This patch converts SUNRPC/GSS to use the new block cipher type where applicable. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
0da974f4f303a6842516b764507e3c0a03f41e5a |
|
21-Jul-2006 |
Panagiotis Issaris <takis@issaris.org> |
[NET]: Conversions from kmalloc+memset to k(z|c)alloc. Signed-off-by: Panagiotis Issaris <takis@issaris.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
d6e05edc59ecd79e8badf440c0d295a979bdfa3e |
|
26-Jun-2006 |
Andreas Mohr <andi@lisas.de> |
spelling fixes acquired (aquired) contiguous (contigious) successful (succesful, succesfull) surprise (suprise) whether (weather) some other misspellings Signed-off-by: Andreas Mohr <andi@lisas.de> Signed-off-by: Adrian Bunk <bunk@stusta.de>
|
9e56904e41e242169007e69d9916059dab995d90 |
|
03-Jan-2006 |
J. Bruce Fields <bfields@fieldses.org> |
SUNRPC: Make krb5 report unsupported encryption types Print messages when an unsupported encrytion algorthm is requested or there is an error locating a supported algorthm. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
a0857d03b21fa54653c9d2fe7a315381176015b4 |
|
13-Oct-2005 |
J. Bruce Fields <bfields@fieldses.org> |
RPCSEC_GSS: krb5 cleanup Remove some senseless wrappers. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
00fd6e14255fe7a249315746386d640bc4e9e758 |
|
13-Oct-2005 |
J. Bruce Fields <bfields@fieldses.org> |
RPCSEC_GSS remove all qop parameters Not only are the qop parameters that are passed around throughout the gssapi unused by any currently implemented mechanism, but there appears to be some doubt as to whether they will ever be used. Let's just kill them off for now. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
14ae162c24d985593d5b19437d7f3d8fd0062b59 |
|
13-Oct-2005 |
J. Bruce Fields <bfields@fieldses.org> |
RPCSEC_GSS: Add support for privacy to krb5 rpcsec_gss mechanism. Add support for privacy to the krb5 rpcsec_gss mechanism. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
bfa91516b57483fc9c81d8d90325fd2c3c16ac48 |
|
13-Oct-2005 |
J. Bruce Fields <bfields@fieldses.org> |
RPCSEC_GSS: krb5 pre-privacy cleanup The code this was originally derived from processed wrap and mic tokens using the same functions. This required some contortions, and more would be required with the addition of xdr_buf's, so it's better to separate out the two code paths. In preparation for adding privacy support, remove the last vestiges of the old wrap token code. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
86b9f57dfdf455763d2be73a742a9a88bb664173 |
|
11-Aug-2005 |
Chuck Lever <cel@citi.umich.edu> |
[PATCH] RPC: Eliminate socket.h includes in RPC client Clean-up: get rid of unnecessary socket.h and in.h includes in the generic parts of the RPC client. Test-plan: Compile kernel with CONFIG_NFS enabled. Version: Thu, 11 Aug 2005 16:06:23 -0400 Signed-off-by: Chuck Lever <cel@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
|
573dbd95964b01a942aa0c68e92b06f2c9536964 |
|
02-Sep-2005 |
Jesper Juhl <jesper.juhl@gmail.com> |
[CRYPTO]: crypto_free_tfm() callers no longer need to check for NULL Since the patch to add a NULL short-circuit to crypto_free_tfm() went in, there's no longer any need for callers of that function to check for NULL. This patch removes the redundant NULL checks and also a few similar checks for NULL before calls to kfree() that I ran into while doing the crypto_free_tfm bits. I've succesfuly compile tested this patch, and a kernel with the patch applied boots and runs just fine. When I posted the patch to LKML (and other lists/people on Cc) it drew the following comments : J. Bruce Fields commented "I've no problem with the auth_gss or nfsv4 bits.--b." Sridhar Samudrala said "sctp change looks fine." Herbert Xu signed off on the patch. So, I guess this is ready to be dropped into -mm and eventually mainline. Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
|
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 |
|
17-Apr-2005 |
Linus Torvalds <torvalds@ppc970.osdl.org> |
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!
|