gss_krb5: Introduce encryption type framework Make the client and server code consistent regarding the extra buffer space made available for the auth code when wrapping data. Add some comments/documentation about the available buffer space in the xdr_buf head and tail when gss_wrap is called. Add a compile-time check to make sure we are not exceeding the available buffer space. Add a central function to shift head data. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

commit: 725f2865d4df31ac0768b13ae763beadc4bb8ce9 [log] [tgz]
author: Kevin Coffman <kwc@citi.umich.edu> Wed Mar 17 13:02:46 2010 -0400
committer: Trond Myklebust <Trond.Myklebust@netapp.com> Fri May 14 15:09:15 2010 -0400
tree: 20b2da47713e7f38a61d37cbb2c95ad52c88609f
parent: 4fc4c3ce0dc1096cbd0daa3fe8f6905cbec2b87e [diff] [blame]
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index a6e9056..496281f 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c

@@ -155,11 +155,9 @@
 
 	ptr = buf->head[0].iov_base + offset;
 	/* shift data to make room for header. */
+	xdr_extend_head(buf, offset, headlen);
+
 	/* XXX Would be cleverer to encrypt while copying. */
-	/* XXX bounds checking, slack, etc. */
-	memmove(ptr + headlen, ptr, buf->head[0].iov_len - offset);
-	buf->head[0].iov_len += headlen;
-	buf->len += headlen;
 	BUG_ON((buf->len - offset - headlen) % blocksize);
 
 	g_make_token_header(&kctx->mech_used,
commit	725f2865d4df31ac0768b13ae763beadc4bb8ce9	[log] [tgz]
author	Kevin Coffman <kwc@citi.umich.edu>	Wed Mar 17 13:02:46 2010 -0400
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	Fri May 14 15:09:15 2010 -0400
tree	20b2da47713e7f38a61d37cbb2c95ad52c88609f
parent	4fc4c3ce0dc1096cbd0daa3fe8f6905cbec2b87e [diff] [blame]