From ff4357229efe87781e65382c20d3d718ecc3114d Mon Sep 17 00:00:00 2001 From: Nathaniel Clark Date: Fri, 10 Jun 2016 14:44:50 -0400 Subject: [PATCH] LU-3289 gss: Cleanup gss code Address some lingering style and code issues that were commented on but not fixed. Signed-off-by: Nathaniel Clark Change-Id: I2396bf3a6a6e3621aa37fd5592eb9eeaeedb06e7 Reviewed-on: http://review.whamcloud.com/20727 Reviewed-by: Andreas Dilger Reviewed-by: Sebastien Buisson Tested-by: Jenkins Tested-by: Maloo --- lustre/include/lustre_nodemap.h | 1 - lustre/ptlrpc/gss/gss_crypto.c | 10 ++++---- lustre/ptlrpc/gss/gss_crypto.h | 56 ++++------------------------------------- lustre/ptlrpc/gss/gss_keyring.c | 3 ++- lustre/utils/gss/svcgssd.c | 6 ++++- 5 files changed, 17 insertions(+), 59 deletions(-) diff --git a/lustre/include/lustre_nodemap.h b/lustre/include/lustre_nodemap.h index 685e1d8..3f15a3c 100644 --- a/lustre/include/lustre_nodemap.h +++ b/lustre/include/lustre_nodemap.h @@ -28,7 +28,6 @@ #define _LUSTRE_NODEMAP_H #include -#include #define LUSTRE_NODEMAP_NAME "nodemap" diff --git a/lustre/ptlrpc/gss/gss_crypto.c b/lustre/ptlrpc/gss/gss_crypto.c index 2032f94..06f3542 100644 --- a/lustre/ptlrpc/gss/gss_crypto.c +++ b/lustre/ptlrpc/gss/gss_crypto.c @@ -228,8 +228,8 @@ void gss_teardown_sgtable(struct sg_table *sgt) sg_free_table(sgt); } -int gss_crypt_generic(struct crypto_blkcipher *tfm, int decrypt, void *iv, - void *in, void *out, int length) +int gss_crypt_generic(struct crypto_blkcipher *tfm, int decrypt, const void *iv, + const void *in, void *out, size_t length) { struct blkcipher_desc desc; struct scatterlist sg; @@ -243,7 +243,7 @@ int gss_crypt_generic(struct crypto_blkcipher *tfm, int decrypt, void *iv, desc.flags = 0; if (length % crypto_blkcipher_blocksize(tfm) != 0) { - CERROR("output length %d mismatch blocksize %d\n", + CERROR("output length %zu mismatch blocksize %d\n", length, crypto_blkcipher_blocksize(tfm)); goto out; } @@ -323,7 +323,7 @@ int gss_digest_hmac(struct crypto_hash *tfm, } if (hdr) { - rc = gss_setup_sgtable(&sgt, sg, (char *)hdr, sizeof(*hdr)); + rc = gss_setup_sgtable(&sgt, sg, hdr, sizeof(*hdr)); if (rc != 0) return rc; rc = crypto_hash_update(&desc, sg, sizeof(hdr->len)); @@ -385,7 +385,7 @@ int gss_digest_norm(struct crypto_hash *tfm, } if (hdr) { - rc = gss_setup_sgtable(&sgt, sg, (char *)hdr, sizeof(*hdr)); + rc = gss_setup_sgtable(&sgt, sg, hdr, sizeof(*hdr)); if (rc != 0) return rc; diff --git a/lustre/ptlrpc/gss/gss_crypto.h b/lustre/ptlrpc/gss/gss_crypto.h index 91d1a4b..f16f31b 100644 --- a/lustre/ptlrpc/gss/gss_crypto.h +++ b/lustre/ptlrpc/gss/gss_crypto.h @@ -1,51 +1,5 @@ -/* - * Modifications for Lustre - * - * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. - * - * Author: Eric Mei - */ - -/* - * linux/include/linux/sunrpc/gss_krb5_types.h - * - * Adapted from MIT Kerberos 5-1.2.1 lib/include/krb5.h, - * lib/gssapi/krb5/gssapiP_krb5.h, and others - * - * Copyright (c) 2000 The Regents of the University of Michigan. - * All rights reserved. - * - * Andy Adamson - * Bruce Fields - */ - -/* - * Copyright 1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - -#ifndef PTLRPC_GSS_UTILS_H -#define PTLRPC_GSS_UTILS_H +#ifndef PTLRPC_GSS_CRYPTO_H +#define PTLRPC_GSS_CRYPTO_H #include "gss_internal.h" @@ -65,8 +19,8 @@ int gss_get_keyblock(char **ptr, const char *end, struct gss_keyblock *kb, int gss_setup_sgtable(struct sg_table *sgt, struct scatterlist *prealloc_sg, const void *buf, unsigned int buf_len); void gss_teardown_sgtable(struct sg_table *sgt); -int gss_crypt_generic(struct crypto_blkcipher *tfm, int decrypt, void *iv, - void *in, void *out, int length); +int gss_crypt_generic(struct crypto_blkcipher *tfm, int decrypt, const void *iv, + const void *in, void *out, size_t length); int gss_digest_hmac(struct crypto_hash *tfm, rawobj_t *key, rawobj_t *hdr, int msgcnt, rawobj_t *msgs, int iovcnt, lnet_kiov_t *iovs, rawobj_t *cksum); @@ -78,4 +32,4 @@ int gss_crypt_rawobjs(struct crypto_blkcipher *tfm, int use_internal_iv, int inobj_cnt, rawobj_t *inobjs, rawobj_t *outobj, int enc); -#endif /* PTLRPC_GSS_UTILS_H */ +#endif /* PTLRPC_GSS_CRYPTO_H */ diff --git a/lustre/ptlrpc/gss/gss_keyring.c b/lustre/ptlrpc/gss/gss_keyring.c index 1c28ede..5f19c97 100644 --- a/lustre/ptlrpc/gss/gss_keyring.c +++ b/lustre/ptlrpc/gss/gss_keyring.c @@ -1429,7 +1429,8 @@ int gss_kt_update(struct key *key, const void *data, size_t datalen) goto out; } - rc = rawobj_extract_local(&tmpobj, (__u32 **) &data,&datalen32); + rc = rawobj_extract_local(&tmpobj, + (__u32 **) &data, &datalen32); if (rc) { CERROR("failed extract mech\n"); goto out; diff --git a/lustre/utils/gss/svcgssd.c b/lustre/utils/gss/svcgssd.c index 51aabf2..77cb6bc 100644 --- a/lustre/utils/gss/svcgssd.c +++ b/lustre/utils/gss/svcgssd.c @@ -256,7 +256,11 @@ main(int argc, char *argv[]) initerr(progname, verbosity, fg); /* For kerberos use gss mechanisms but ignore for sk and null */ - if (krb_enabled && gssd_check_mechs() == 0) { + if (krb_enabled) { + if (gssd_check_mechs()) { + printerr(0, "ERROR: problem with gssapi library\n"); + exit(1); + } if (gssd_get_local_realm()) { printerr(0, "ERROR: Can't get Local Kerberos realm\n"); exit(1); -- 1.8.3.1