diff options
author | David Howells <dhowells@redhat.com> | 2009-09-14 01:17:35 +0000 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2009-09-15 02:44:23 -0700 |
commit | 339412841d7620f93fea805fbd7469f08186f458 (patch) | |
tree | e2d385d76e3b9361671411442c5253417f95d5a6 /net/rxrpc/ar-security.c | |
parent | 8b815477f382f96deefbe5bd4404fa7b31cf5dcf (diff) |
RxRPC: Allow key payloads to be passed in XDR form
Allow add_key() and KEYCTL_INSTANTIATE to accept key payloads in XDR form as
described by openafs-1.4.10/src/auth/afs_token.xg. This provides a way of
passing kaserver, Kerberos 4, Kerberos 5 and GSSAPI keys from userspace, and
allows for future expansion.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/rxrpc/ar-security.c')
-rw-r--r-- | net/rxrpc/ar-security.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/net/rxrpc/ar-security.c b/net/rxrpc/ar-security.c index dc62920ee19..49b3cc31ee1 100644 --- a/net/rxrpc/ar-security.c +++ b/net/rxrpc/ar-security.c @@ -16,6 +16,7 @@ #include <linux/crypto.h> #include <net/sock.h> #include <net/af_rxrpc.h> +#include <keys/rxrpc-type.h> #include "ar-internal.h" static LIST_HEAD(rxrpc_security_methods); @@ -122,6 +123,7 @@ EXPORT_SYMBOL_GPL(rxrpc_unregister_security); */ int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) { + struct rxrpc_key_token *token; struct rxrpc_security *sec; struct key *key = conn->key; int ret; @@ -135,7 +137,11 @@ int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) if (ret < 0) return ret; - sec = rxrpc_security_lookup(key->type_data.x[0]); + if (!key->payload.data) + return -EKEYREJECTED; + token = key->payload.data; + + sec = rxrpc_security_lookup(token->security_index); if (!sec) return -EKEYREJECTED; conn->security = sec; |