From 339412841d7620f93fea805fbd7469f08186f458 Mon Sep 17 00:00:00 2001 From: David Howells Date: Mon, 14 Sep 2009 01:17:35 +0000 Subject: RxRPC: Allow key payloads to be passed in XDR form Allow add_key() and KEYCTL_INSTANTIATE to accept key payloads in XDR form as described by openafs-1.4.10/src/auth/afs_token.xg. This provides a way of passing kaserver, Kerberos 4, Kerberos 5 and GSSAPI keys from userspace, and allows for future expansion. Signed-off-by: David Howells Signed-off-by: David S. Miller --- net/rxrpc/ar-security.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'net/rxrpc/ar-security.c') diff --git a/net/rxrpc/ar-security.c b/net/rxrpc/ar-security.c index dc62920e..49b3cc31 100644 --- a/net/rxrpc/ar-security.c +++ b/net/rxrpc/ar-security.c @@ -16,6 +16,7 @@ #include #include #include +#include #include "ar-internal.h" static LIST_HEAD(rxrpc_security_methods); @@ -122,6 +123,7 @@ EXPORT_SYMBOL_GPL(rxrpc_unregister_security); */ int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) { + struct rxrpc_key_token *token; struct rxrpc_security *sec; struct key *key = conn->key; int ret; @@ -135,7 +137,11 @@ int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) if (ret < 0) return ret; - sec = rxrpc_security_lookup(key->type_data.x[0]); + if (!key->payload.data) + return -EKEYREJECTED; + token = key->payload.data; + + sec = rxrpc_security_lookup(token->security_index); if (!sec) return -EKEYREJECTED; conn->security = sec; -- cgit v1.1