summaryrefslogtreecommitdiffstats
path: root/net/sunrpc/netns.h
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2012-05-25 18:09:56 -0400
committerJ. Bruce Fields <bfields@redhat.com>2013-04-26 11:41:28 -0400
commit030d794bf49855f5e2a9e8dfbfad34211d1eb08b (patch)
treeb92b6fecf0856d48d232f266d7ac7e2b0ff09a17 /net/sunrpc/netns.h
parent1d658336b05f8697d6445834f8867f8ad5e4f735 (diff)
downloadlinux-030d794bf49855f5e2a9e8dfbfad34211d1eb08b.tar.gz
linux-030d794bf49855f5e2a9e8dfbfad34211d1eb08b.tar.bz2
linux-030d794bf49855f5e2a9e8dfbfad34211d1eb08b.zip
SUNRPC: Use gssproxy upcall for server RPCGSS authentication.
The main advantge of this new upcall mechanism is that it can handle big tickets as seen in Kerberos implementations where tickets carry authorization data like the MS-PAC buffer with AD or the Posix Authorization Data being discussed in IETF on the krbwg working group. The Gssproxy program is used to perform the accept_sec_context call on the kernel's behalf. The code is changed to also pass the input buffer straight to upcall mechanism to avoid allocating and copying many pages as tokens can be as big (potentially more in future) as 64KiB. Signed-off-by: Simo Sorce <simo@redhat.com> [bfields: containerization, negotiation api] Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'net/sunrpc/netns.h')
-rw-r--r--net/sunrpc/netns.h3
1 files changed, 3 insertions, 0 deletions
diff --git a/net/sunrpc/netns.h b/net/sunrpc/netns.h
index e9f8895d70ca..7111a4c9113b 100644
--- a/net/sunrpc/netns.h
+++ b/net/sunrpc/netns.h
@@ -25,7 +25,10 @@ struct sunrpc_net {
unsigned int rpcb_users;
struct mutex gssp_lock;
+ wait_queue_head_t gssp_wq;
struct rpc_clnt *gssp_clnt;
+ int use_gss_proxy;
+ struct proc_dir_entry *use_gssp_proc;
};
extern int sunrpc_net_id;