From: NeilBrown <neilb@cse.unsw.edu.au>

Doesn't actually add integrity support on the server yet; just adapts
server-side code to the gss api changes necessary to get integrity working on
the client.


---

 25-akpm/net/sunrpc/auth_gss/gss_krb5_seal.c |    3 ---
 25-akpm/net/sunrpc/auth_gss/svcauth_gss.c   |   16 ++++++++++------
 2 files changed, 10 insertions(+), 9 deletions(-)

diff -puN net/sunrpc/auth_gss/gss_krb5_seal.c~knfsd-gss-api-integrity-checking net/sunrpc/auth_gss/gss_krb5_seal.c
--- 25/net/sunrpc/auth_gss/gss_krb5_seal.c~knfsd-gss-api-integrity-checking	Wed Feb 25 16:53:55 2004
+++ 25-akpm/net/sunrpc/auth_gss/gss_krb5_seal.c	Wed Feb 25 16:53:55 2004
@@ -169,8 +169,5 @@ krb5_make_token(struct krb5_ctx *ctx, in
 	return ((ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE);
 out_err:
 	if (md5cksum.data) kfree(md5cksum.data);
-	if (token->data) kfree(token->data);
-	token->data = 0;
-	token->len = 0;
 	return GSS_S_FAILURE;
 }
diff -puN net/sunrpc/auth_gss/svcauth_gss.c~knfsd-gss-api-integrity-checking net/sunrpc/auth_gss/svcauth_gss.c
--- 25/net/sunrpc/auth_gss/svcauth_gss.c~knfsd-gss-api-integrity-checking	Wed Feb 25 16:53:55 2004
+++ 25-akpm/net/sunrpc/auth_gss/svcauth_gss.c	Wed Feb 25 16:53:55 2004
@@ -535,14 +535,16 @@ gss_verify_header(struct svc_rqst *rqstp
 		  u32 *rpcstart, struct rpc_gss_wire_cred *gc, u32 *authp)
 {
 	struct gss_ctx		*ctx_id = rsci->mechctx;
-	struct xdr_netobj	rpchdr;
+	struct xdr_buf		rpchdr;
 	struct xdr_netobj	checksum;
 	u32			flavor = 0;
 	struct iovec		*argv = &rqstp->rq_arg.head[0];
+	struct iovec		iov;
 
 	/* data to compute the checksum over: */
-	rpchdr.data = (u8 *)rpcstart;
-	rpchdr.len = (u8 *)argv->iov_base - (u8 *)rpcstart;
+	iov.iov_base = rpcstart;
+	iov.iov_len = (u8 *)argv->iov_base - (u8 *)rpcstart;
+	xdr_buf_from_iov(&iov, &rpchdr);
 
 	*authp = rpc_autherr_badverf;
 	if (argv->iov_len < 4)
@@ -580,15 +582,17 @@ gss_write_verf(struct svc_rqst *rqstp, s
 {
 	u32			xdr_seq;
 	u32			maj_stat;
-	struct xdr_netobj	verf_data;
+	struct xdr_buf		verf_data;
 	struct xdr_netobj	mic;
 	u32			*p;
+	struct iovec		iov;
 
 	svc_putu32(rqstp->rq_res.head, htonl(RPC_AUTH_GSS));
 	xdr_seq = htonl(seq);
 
-	verf_data.data = (u8 *)&xdr_seq;
-	verf_data.len = sizeof(xdr_seq);
+	iov.iov_base = &xdr_seq;
+	iov.iov_len = sizeof(xdr_seq);
+	xdr_buf_from_iov(&iov, &verf_data);
 	p = rqstp->rq_res.head->iov_base + rqstp->rq_res.head->iov_len;
 	maj_stat = gss_get_mic(ctx_id, 0, &verf_data, &mic);
 	if (maj_stat != GSS_S_COMPLETE)

_