mv643xx_eth: Fix compile error for architectures without clk.
[linux-2.6/cjktty.git] / fs / cifs / cifs_spnego.c
blobe622863b292f736fc8cc6e5d2ab8105986ad83bf
1 /*
2 * fs/cifs/cifs_spnego.c -- SPNEGO upcall management for CIFS
4 * Copyright (c) 2007 Red Hat, Inc.
5 * Author(s): Jeff Layton (jlayton@redhat.com)
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 #include <linux/list.h>
23 #include <linux/slab.h>
24 #include <linux/string.h>
25 #include <keys/user-type.h>
26 #include <linux/key-type.h>
27 #include <linux/inet.h>
28 #include "cifsglob.h"
29 #include "cifs_spnego.h"
30 #include "cifs_debug.h"
32 /* create a new cifs key */
33 static int
34 cifs_spnego_key_instantiate(struct key *key, const void *data, size_t datalen)
36 char *payload;
37 int ret;
39 ret = -ENOMEM;
40 payload = kmalloc(datalen, GFP_KERNEL);
41 if (!payload)
42 goto error;
44 /* attach the data */
45 memcpy(payload, data, datalen);
46 key->payload.data = payload;
47 ret = 0;
49 error:
50 return ret;
53 static void
54 cifs_spnego_key_destroy(struct key *key)
56 kfree(key->payload.data);
61 * keytype for CIFS spnego keys
63 struct key_type cifs_spnego_key_type = {
64 .name = "cifs.spnego",
65 .instantiate = cifs_spnego_key_instantiate,
66 .match = user_match,
67 .destroy = cifs_spnego_key_destroy,
68 .describe = user_describe,
71 /* length of longest version string e.g. strlen("ver=0xFF") */
72 #define MAX_VER_STR_LEN 8
74 /* length of longest security mechanism name, eg in future could have
75 * strlen(";sec=ntlmsspi") */
76 #define MAX_MECH_STR_LEN 13
78 /* strlen of "host=" */
79 #define HOST_KEY_LEN 5
81 /* strlen of ";ip4=" or ";ip6=" */
82 #define IP_KEY_LEN 5
84 /* strlen of ";uid=0x" */
85 #define UID_KEY_LEN 7
87 /* strlen of ";creduid=0x" */
88 #define CREDUID_KEY_LEN 11
90 /* strlen of ";user=" */
91 #define USER_KEY_LEN 6
93 /* strlen of ";pid=0x" */
94 #define PID_KEY_LEN 7
96 /* get a key struct with a SPNEGO security blob, suitable for session setup */
97 struct key *
98 cifs_get_spnego_key(struct cifs_ses *sesInfo)
100 struct TCP_Server_Info *server = sesInfo->server;
101 struct sockaddr_in *sa = (struct sockaddr_in *) &server->dstaddr;
102 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &server->dstaddr;
103 char *description, *dp;
104 size_t desc_len;
105 struct key *spnego_key;
106 const char *hostname = server->hostname;
108 /* length of fields (with semicolons): ver=0xyz ip4=ipaddress
109 host=hostname sec=mechanism uid=0xFF user=username */
110 desc_len = MAX_VER_STR_LEN +
111 HOST_KEY_LEN + strlen(hostname) +
112 IP_KEY_LEN + INET6_ADDRSTRLEN +
113 MAX_MECH_STR_LEN +
114 UID_KEY_LEN + (sizeof(uid_t) * 2) +
115 CREDUID_KEY_LEN + (sizeof(uid_t) * 2) +
116 PID_KEY_LEN + (sizeof(pid_t) * 2) + 1;
118 if (sesInfo->user_name)
119 desc_len += USER_KEY_LEN + strlen(sesInfo->user_name);
121 spnego_key = ERR_PTR(-ENOMEM);
122 description = kzalloc(desc_len, GFP_KERNEL);
123 if (description == NULL)
124 goto out;
126 dp = description;
127 /* start with version and hostname portion of UNC string */
128 spnego_key = ERR_PTR(-EINVAL);
129 sprintf(dp, "ver=0x%x;host=%s;", CIFS_SPNEGO_UPCALL_VERSION,
130 hostname);
131 dp = description + strlen(description);
133 /* add the server address */
134 if (server->dstaddr.ss_family == AF_INET)
135 sprintf(dp, "ip4=%pI4", &sa->sin_addr);
136 else if (server->dstaddr.ss_family == AF_INET6)
137 sprintf(dp, "ip6=%pI6", &sa6->sin6_addr);
138 else
139 goto out;
141 dp = description + strlen(description);
143 /* for now, only sec=krb5 and sec=mskrb5 are valid */
144 if (server->sec_kerberos)
145 sprintf(dp, ";sec=krb5");
146 else if (server->sec_mskerberos)
147 sprintf(dp, ";sec=mskrb5");
148 else
149 goto out;
151 dp = description + strlen(description);
152 sprintf(dp, ";uid=0x%x", sesInfo->linux_uid);
154 dp = description + strlen(description);
155 sprintf(dp, ";creduid=0x%x", sesInfo->cred_uid);
157 if (sesInfo->user_name) {
158 dp = description + strlen(description);
159 sprintf(dp, ";user=%s", sesInfo->user_name);
162 dp = description + strlen(description);
163 sprintf(dp, ";pid=0x%x", current->pid);
165 cFYI(1, "key description = %s", description);
166 spnego_key = request_key(&cifs_spnego_key_type, description, "");
168 #ifdef CONFIG_CIFS_DEBUG2
169 if (cifsFYI && !IS_ERR(spnego_key)) {
170 struct cifs_spnego_msg *msg = spnego_key->payload.data;
171 cifs_dump_mem("SPNEGO reply blob:", msg->data, min(1024U,
172 msg->secblob_len + msg->sesskey_len));
174 #endif /* CONFIG_CIFS_DEBUG2 */
176 out:
177 kfree(description);
178 return spnego_key;