* yet. this need to be fixed in the future.
*/
static struct krb5_enctype enctypes[] = {
- [ENCTYPE_DES_CBC_RAW] = { /* des-cbc-md5 */
- "des-cbc-md5",
- "cbc(des)",
- "md5",
- 0,
- 16,
- 8,
- 0,
- },
- [ENCTYPE_DES3_CBC_RAW] = { /* des3-hmac-sha1 */
- "des3-hmac-sha1",
- "cbc(des3_ede)",
- "hmac(sha1)",
- 0,
- 20,
- 8,
- 1,
- },
- [ENCTYPE_AES128_CTS_HMAC_SHA1_96] = { /* aes128-cts */
- "aes128-cts-hmac-sha1-96",
- "cbc(aes)",
- "hmac(sha1)",
- 0,
- 12,
- 16,
- 1,
- },
- [ENCTYPE_AES256_CTS_HMAC_SHA1_96] = { /* aes256-cts */
- "aes256-cts-hmac-sha1-96",
- "cbc(aes)",
- "hmac(sha1)",
- 0,
- 12,
- 16,
- 1,
- },
- [ENCTYPE_ARCFOUR_HMAC] = { /* arcfour-hmac-md5 */
- "arcfour-hmac-md5",
- "ecb(arc4)",
- "hmac(md5)",
- 0,
- 16,
- 8,
- 1,
- },
+ [ENCTYPE_DES_CBC_RAW] = { /* des-cbc-md5 */
+ .ke_dispname = "des-cbc-md5",
+ .ke_enc_name = "cbc(des)",
+ .ke_hash_name = "md5",
+ .ke_hash_size = 16,
+ .ke_conf_size = 8,
+ },
+ [ENCTYPE_DES3_CBC_RAW] = { /* des3-hmac-sha1 */
+ .ke_dispname = "des3-hmac-sha1",
+ .ke_enc_name = "cbc(des3_ede)",
+ .ke_hash_name = "hmac(sha1)",
+ .ke_hash_size = 20,
+ .ke_conf_size = 8,
+ .ke_hash_hmac = 1,
+ },
+ [ENCTYPE_AES128_CTS_HMAC_SHA1_96] = { /* aes128-cts */
+ .ke_dispname = "aes128-cts-hmac-sha1-96",
+ .ke_enc_name = "cbc(aes)",
+ .ke_hash_name = "hmac(sha1)",
+ .ke_hash_size = 12,
+ .ke_conf_size = 16,
+ .ke_hash_hmac = 1,
+ },
+ [ENCTYPE_AES256_CTS_HMAC_SHA1_96] = { /* aes256-cts */
+ .ke_dispname = "aes256-cts-hmac-sha1-96",
+ .ke_enc_name = "cbc(aes)",
+ .ke_hash_name = "hmac(sha1)",
+ .ke_hash_size = 12,
+ .ke_conf_size = 16,
+ .ke_hash_hmac = 1,
+ },
+ [ENCTYPE_ARCFOUR_HMAC] = { /* arcfour-hmac-md5 */
+ .ke_dispname = "arcfour-hmac-md5",
+ .ke_enc_name = "ecb(arc4)",
+ .ke_hash_name = "hmac(md5)",
+ .ke_hash_size = 16,
+ .ke_conf_size = 8,
+ .ke_hash_hmac = 1,
+ }
};
#define MAX_ENCTYPES sizeof(enctypes)/sizeof(struct krb5_enctype)
rawobj_t cksum = RAWOBJ_EMPTY;
rawobj_t data_desc[3], cipher;
__u8 conf[GSS_MAX_CIPHER_BLOCK];
+ __u8 local_iv[16] = {0};
int rc = 0;
LASSERT(ke);
GOTO(arc4_out_tfm, rc = -EACCES);
}
- rc = gss_crypt_rawobjs(arc4_tfm, 1, 3, data_desc, &cipher, 1);
+ rc = gss_crypt_rawobjs(arc4_tfm, NULL, 3, data_desc,
+ &cipher, 1);
arc4_out_tfm:
crypto_free_blkcipher(arc4_tfm);
arc4_out_key:
arc4_out:
do {} while(0); /* just to avoid compile warning */
} else {
- rc = gss_crypt_rawobjs(kctx->kc_keye.kb_tfm, 0, 3, data_desc,
- &cipher, 1);
+ rc = gss_crypt_rawobjs(kctx->kc_keye.kb_tfm, local_iv, 3,
+ data_desc, &cipher, 1);
}
if (rc != 0) {
rawobj_t hash_objs[3];
int rc = 0;
__u32 major;
+ __u8 local_iv[16] = {0};
LASSERT(ke);
GOTO(arc4_out_tfm, rc = -EACCES);
}
- rc = gss_crypt_rawobjs(arc4_tfm, 1, 1, &cipher_in,
+ rc = gss_crypt_rawobjs(arc4_tfm, NULL, 1, &cipher_in,
&plain_out, 0);
arc4_out_tfm:
crypto_free_blkcipher(arc4_tfm);
arc4_out:
cksum = RAWOBJ_EMPTY;
} else {
- rc = gss_crypt_rawobjs(kctx->kc_keye.kb_tfm, 0, 1, &cipher_in,
- &plain_out, 0);
+ rc = gss_crypt_rawobjs(kctx->kc_keye.kb_tfm, local_iv, 1,
+ &cipher_in, &plain_out, 0);
}
if (rc != 0) {
},
};
-/*
- * currently we leave module owner NULL
- */
static struct gss_api_mech gss_kerberos_mech = {
- .gm_owner = NULL, /*THIS_MODULE, */
+ /* .gm_owner uses default NULL value for THIS_MODULE */
.gm_name = "krb5",
.gm_oid = (rawobj_t)
{9, "\052\206\110\206\367\022\001\002\002"},