From: steved@redhat.com
To: linux-nfs@vger.kernel.org
Subject: [PATCH 00/23] Add new enctypes for gss_krb5 (Round 5)
Date: Wed, 17 Mar 2010 13:02:45 -0400 [thread overview]
Message-ID: <1268845388-9516-1-git-send-email-steved@redhat.com> (raw)
From: Steve Dickson <steved@redhat.com>
Here is the next round of Kevin Coffman's encryption patches.
This series includes all of the review comments from the
previous posting except for one.
Its the question as to why there were two occurrences of
GSS_KRB5_TOK_HDR_LEN define in the GSS_KRB5_MAX_SLACK_NEEDED
macro. Since Kevin is traveling and the reason didn't seem
obvious plus I didn't see it as being a showstopper (due to
all the recent testing), I decided to proceed as. If later
its deemed a supplemental patch is needed, I'll post the patch
Again, the details of the original patches are at:
http://marc.info/?l=linux-nfs&m=121010783625159&w=2
steved.
J. Bruce Fields (1):
gss_krb5: Don't expect blocksize to always be 8 when calculating
padding
Kevin Coffman (21):
gss_krb5: Introduce encryption type framework
gss_krb5: Added and improved code comments
gss_krb5: split up functions in preparation of adding new enctypes
gss_krb5: prepare for new context format
gss_krb5: introduce encryption type framework
gss_krb5: add ability to have a keyed checksum (hmac)
gss_krb5: import functionality to derive keys into the kernel
gss_krb5: handle new context format from gssd
gss_krb5: add support for triple-des encryption
Add new pipefs file indicating which Kerberos enctypes the kernel
supports
Update pipefs file indicating which Kerberos enctypes the kernel
supports
xdr: Add an export for the helper function write_bytes_to_xdr_buf()
gss_krb5: add support for new token formats in rfc4121
gss_krb5: add remaining pieces to enable AES encryption support
gss_krb5: Update pipefs file
gssd_krb5: arcfour-hmac support
gss_krb5: Save the raw session key in the context
gssd_krb5: More arcfour-hmac support
gss_krb5: Use confounder length in wrap code
gss_krb5: Add support for rc4-hmac encryption
Update the pipefs file
Peter Staubach (1):
Fixed a typo in gss_verify_mic_v2()
include/linux/sunrpc/gss_krb5.h | 183 +++++++++-
net/sunrpc/auth_gss/Makefile | 2 +-
net/sunrpc/auth_gss/auth_gss.c | 14 +-
net/sunrpc/auth_gss/gss_krb5_crypto.c | 697 ++++++++++++++++++++++++++++++++-
net/sunrpc/auth_gss/gss_krb5_keys.c | 335 ++++++++++++++++
net/sunrpc/auth_gss/gss_krb5_mech.c | 582 +++++++++++++++++++++++++--
net/sunrpc/auth_gss/gss_krb5_seal.c | 155 ++++++--
net/sunrpc/auth_gss/gss_krb5_seqnum.c | 83 ++++-
net/sunrpc/auth_gss/gss_krb5_unseal.c | 113 +++++-
net/sunrpc/auth_gss/gss_krb5_wrap.c | 473 ++++++++++++++++++++---
net/sunrpc/auth_gss/gss_mech_switch.c | 14 +
net/sunrpc/auth_gss/svcauth_gss.c | 15 +
net/sunrpc/rpc_pipe.c | 27 ++
net/sunrpc/xdr.c | 1 +
14 files changed, 2527 insertions(+), 167 deletions(-)
create mode 100644 net/sunrpc/auth_gss/gss_krb5_keys.c
next reply other threads:[~2010-03-17 17:03 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-17 17:02 steved [this message]
2010-03-17 17:02 ` [PATCH 01/23] gss_krb5: Introduce encryption type framework steved
2010-03-17 17:02 ` [PATCH 02/23] gss_krb5: Added and improved code comments steved
2010-03-17 17:10 ` Chuck Lever
2010-03-17 17:02 ` [PATCH 03/23] gss_krb5: Don't expect blocksize to always be 8 when calculating padding steved
2010-03-17 17:02 ` [PATCH 04/23] gss_krb5: split up functions in preparation of adding new enctypes steved
2010-03-17 17:02 ` [PATCH 05/23] gss_krb5: prepare for new context format steved
2010-03-17 17:02 ` [PATCH 06/23] gss_krb5: introduce encryption type framework steved
2010-03-17 17:02 ` [PATCH 07/23] gss_krb5: add ability to have a keyed checksum (hmac) steved
2010-03-17 17:02 ` [PATCH 08/23] gss_krb5: import functionality to derive keys into the kernel steved
2010-03-17 17:02 ` [PATCH 09/23] gss_krb5: handle new context format from gssd steved
2010-03-17 17:02 ` [PATCH 10/23] gss_krb5: add support for triple-des encryption steved
2010-03-17 17:02 ` [PATCH 11/23] Add new pipefs file indicating which Kerberos enctypes the kernel supports steved
2010-03-17 17:02 ` [PATCH 12/23] Update " steved
2010-03-17 17:02 ` [PATCH 13/23] xdr: Add an export for the helper function write_bytes_to_xdr_buf() steved
2010-03-17 17:02 ` [PATCH 14/23] gss_krb5: add support for new token formats in rfc4121 steved
2010-03-17 17:03 ` [PATCH 15/23] gss_krb5: add remaining pieces to enable AES encryption support steved
2010-03-17 17:03 ` [PATCH 16/23] gss_krb5: Update pipefs file steved
2010-03-17 17:03 ` [PATCH 17/23] gssd_krb5: arcfour-hmac support steved
2010-03-17 17:03 ` [PATCH 18/23] gss_krb5: Save the raw session key in the context steved
2010-03-17 17:03 ` [PATCH 19/23] gssd_krb5: More arcfour-hmac support steved
2010-03-17 17:03 ` [PATCH 20/23] gss_krb5: Use confounder length in wrap code steved
2010-03-17 17:03 ` [PATCH 21/23] gss_krb5: Add support for rc4-hmac encryption steved
2010-03-17 17:03 ` [PATCH 22/23] Update the pipefs file steved
2010-03-17 17:03 ` [PATCH 23/23] Fixed a typo in gss_verify_mic_v2() steved
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1268845388-9516-1-git-send-email-steved@redhat.com \
--to=steved@redhat.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.