user/sven/linux.git/include/linux/sunrpc/gss_api.h, branch stable/2.6.16.y

RPCSEC_GSS remove all qop parameters

2005-10-19T06:19:47Z

Not only are the qop parameters that are passed around throughout the gssapi unused by any currently implemented mechanism, but there appears to be some doubt as to whether they will ever be used. Let's just kill them off for now. Signed-off-by: J. Bruce Fields Signed-off-by: Trond Myklebust

SUNRPC: Add support for privacy to generic gss-api code.

2005-10-19T06:19:42Z

Add support for privacy to generic gss-api code. This is dead code until we have both a mechanism that supports privacy and code in the client or server that uses it. Signed-off-by: J. Bruce Fields Signed-off-by: Trond Myklebust

RPCSEC_GSS: Misc little cleanups.

2005-03-10T12:59:09Z

Signed-off-by: Trond Myklebust

RPC: clean up the RPCSEC_GSS kerberos and spkm3 context import functions

2005-03-10T12:58:17Z

Signed-off-by: Trond Myklebust

[PATCH] gss_api build fix

2004-05-22T03:37:19Z

From: "J. Bruce Fields" Older gcc's don't like that dimensionless array. Remove it in favour of a pointer to the data.

RPCSEC_GSS: Fix module reference counting.

2004-05-20T11:49:58Z

Clean up the interface to the GSSAPI code. Patch by Bruce Fields

[PATCH] kNFSd: Add minimal server-side support for rpcsec_gss.

2004-02-26T14:45:25Z

From: NeilBrown From: "J. Bruce Fields" Note that the user (or exportfs, on the user's behalf) allows a gss pseudoflavor to be used to access an export by exporting to a special client named "gss/pseudoflavor-name", e.g., "gss/krb5" or "gss/lipkey-i".

RPCSEC_GSS: Client-side only support for rpcsec_gss integrity

2004-02-07T15:44:01Z

protection. Since this requires checksumming an entire request, instead of just the header, and since the request may include, for example, pages with write data, we modify the gss_api routines to pass xdr_bufs instead of xdr_netobjs where necessary. We add rpcauth_wrap_req and rpcauth_unwrap_resp to rpcauth.c, wrappers for the new rpc cred ops crwrap_req and crunwrap_req, which are called just before encoding, and just after decoding, respectively.

Trivial; I kept forgetting what each of the xdr_netobj's passed to the gss-api

2003-06-11T12:25:47Z

routine meant, so I thought I'd fool with the argument names in an effort to make them more helpful.

[PATCH] RPCSEC_GSS authentication framework [4/6]

2003-01-13T05:41:33Z

This patch provides the basic framework for RPCSEC_GSS authentication in the RPC client. The protocol is fully described in RFC-2203. Sun has supported it in their commercial NFSv3 and v2 implementations for quite some time, and it has been specified in RFC3010 as being mandatory for NFSv4. - Update the mount_data struct for NFSv2 and v3 in order to allow them to pass an RPCSEC_GSS security flavour. Compatibility with existing versions of the 'mount' program is ensured by requiring that RPCSEC support be enabled using the new flag NFS_MOUNT_SECFLAVOUR. - Provide secure authentication, and later data encryption on a per-user basis. A later patch will an provide an implementation of the Kerberos 5 security mechanism. SPKM and LIPKEY are still being planned. - Security context negotiation and initialization are all assumed to be done in userland. A later patch will provide the actual upcall mechanisms to allow for this.