// SPDX-License-Identifier: BSD-3-Clause /* * linux/net/sunrpc/gss_krb5_mech.c * * Copyright (c) 2001-2008 The Regents of the University of Michigan. * All rights reserved. * * Andy Adamson <[email protected]> * J. Bruce Fields <[email protected]> */ #include <crypto/hash.h> #include <crypto/skcipher.h> #include <linux/err.h> #include <linux/module.h> #include <linux/init.h> #include <linux/types.h> #include <linux/slab.h> #include <linux/sunrpc/auth.h> #include <linux/sunrpc/gss_krb5.h> #include <linux/sunrpc/xdr.h> #include <kunit/visibility.h> #include "auth_gss_internal.h" #include "gss_krb5_internal.h" #if IS_ENABLED(CONFIG_SUNRPC_DEBUG) #define RPCDBG_FACILITY … #endif static struct gss_api_mech gss_kerberos_mech; static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = …; /* * The list of advertised enctypes is specified in order of most * preferred to least. */ static char gss_krb5_enctype_priority_list[64]; static void gss_krb5_prepare_enctype_priority_list(void) { … } /** * gss_krb5_lookup_enctype - Retrieve profile information for a given enctype * @etype: ENCTYPE value * * Returns a pointer to a gss_krb5_enctype structure, or NULL if no * matching etype is found. */ VISIBLE_IF_KUNIT const struct gss_krb5_enctype *gss_krb5_lookup_enctype(u32 etype) { … } EXPORT_SYMBOL_IF_KUNIT(…); static struct crypto_sync_skcipher * gss_krb5_alloc_cipher_v2(const char *cname, const struct xdr_netobj *key) { … } static struct crypto_ahash * gss_krb5_alloc_hash_v2(struct krb5_ctx *kctx, const struct xdr_netobj *key) { … } static int gss_krb5_import_ctx_v2(struct krb5_ctx *ctx, gfp_t gfp_mask) { … } static int gss_import_v2_context(const void *p, const void *end, struct krb5_ctx *ctx, gfp_t gfp_mask) { … } static int gss_krb5_import_sec_context(const void *p, size_t len, struct gss_ctx *ctx_id, time64_t *endtime, gfp_t gfp_mask) { … } static void gss_krb5_delete_sec_context(void *internal_ctx) { … } /** * gss_krb5_get_mic - get_mic for the Kerberos GSS mechanism * @gctx: GSS context * @text: plaintext to checksum * @token: buffer into which to write the computed checksum * * Return values: * %GSS_S_COMPLETE - success, and @token is filled in * %GSS_S_FAILURE - checksum could not be generated * %GSS_S_CONTEXT_EXPIRED - Kerberos context is no longer valid */ static u32 gss_krb5_get_mic(struct gss_ctx *gctx, struct xdr_buf *text, struct xdr_netobj *token) { … } /** * gss_krb5_verify_mic - verify_mic for the Kerberos GSS mechanism * @gctx: GSS context * @message_buffer: plaintext to check * @read_token: received checksum to check * * Return values: * %GSS_S_COMPLETE - computed and received checksums match * %GSS_S_DEFECTIVE_TOKEN - received checksum is not valid * %GSS_S_BAD_SIG - computed and received checksums do not match * %GSS_S_FAILURE - received checksum could not be checked * %GSS_S_CONTEXT_EXPIRED - Kerberos context is no longer valid */ static u32 gss_krb5_verify_mic(struct gss_ctx *gctx, struct xdr_buf *message_buffer, struct xdr_netobj *read_token) { … } /** * gss_krb5_wrap - gss_wrap for the Kerberos GSS mechanism * @gctx: initialized GSS context * @offset: byte offset in @buf to start writing the cipher text * @buf: OUT: send buffer * @pages: plaintext to wrap * * Return values: * %GSS_S_COMPLETE - success, @buf has been updated * %GSS_S_FAILURE - @buf could not be wrapped * %GSS_S_CONTEXT_EXPIRED - Kerberos context is no longer valid */ static u32 gss_krb5_wrap(struct gss_ctx *gctx, int offset, struct xdr_buf *buf, struct page **pages) { … } /** * gss_krb5_unwrap - gss_unwrap for the Kerberos GSS mechanism * @gctx: initialized GSS context * @offset: starting byte offset into @buf * @len: size of ciphertext to unwrap * @buf: ciphertext to unwrap * * Return values: * %GSS_S_COMPLETE - success, @buf has been updated * %GSS_S_DEFECTIVE_TOKEN - received blob is not valid * %GSS_S_BAD_SIG - computed and received checksums do not match * %GSS_S_FAILURE - @buf could not be unwrapped * %GSS_S_CONTEXT_EXPIRED - Kerberos context is no longer valid */ static u32 gss_krb5_unwrap(struct gss_ctx *gctx, int offset, int len, struct xdr_buf *buf) { … } static const struct gss_api_ops gss_kerberos_ops = …; static struct pf_desc gss_kerberos_pfs[] = …; MODULE_ALIAS(…) …; MODULE_ALIAS(…) …; MODULE_ALIAS(…) …; MODULE_ALIAS(…) …; MODULE_ALIAS(…) …; MODULE_ALIAS(…) …; MODULE_ALIAS(…) …; static struct gss_api_mech gss_kerberos_mech = …; static int __init init_kerberos_module(void) { … } static void __exit cleanup_kerberos_module(void) { … } MODULE_DESCRIPTION(…) …; MODULE_LICENSE(…) …; module_init(…) …; module_exit(cleanup_kerberos_module);
Codebase Browser
linux