diff options
| author | David Howells <dhowells@redhat.com> | 2020-09-16 09:00:44 +0200 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2020-11-23 19:09:29 +0100 |
| commit | ec832bd06d6fdf08b0455ab7c2a7a9104e029638 (patch) | |
| tree | f8a8516a58681d66001736a2234058298ce4d96c /net/rxrpc/conn_event.c | |
| parent | rxrpc: Support keys with multiple authentication tokens (diff) | |
| download | linux-ec832bd06d6fdf08b0455ab7c2a7a9104e029638.tar.xz linux-ec832bd06d6fdf08b0455ab7c2a7a9104e029638.zip | |
rxrpc: Don't retain the server key in the connection
Don't retain a pointer to the server key in the connection, but rather get
it on demand when the server has to deal with a response packet.
This is necessary to implement RxGK (GSSAPI-mediated transport class),
where we can't know which key we'll need until we've challenged the client
and got back the response.
This also means that we don't need to do a key search in the accept path in
softirq mode.
Also, whilst we're at it, allow the security class to ask for a kvno and
encoding-type variant of a server key as RxGK needs different keys for
different encoding types. Keys of this type have an extra bit in the
description:
"<service-id>:<security-index>:<kvno>:<enctype>"
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'net/rxrpc/conn_event.c')
| -rw-r--r-- | net/rxrpc/conn_event.c | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/net/rxrpc/conn_event.c b/net/rxrpc/conn_event.c index bbf86203ed25..03a482ba770f 100644 --- a/net/rxrpc/conn_event.c +++ b/net/rxrpc/conn_event.c @@ -378,7 +378,6 @@ static void rxrpc_secure_connection(struct rxrpc_connection *conn) _enter("{%d}", conn->debug_id); ASSERT(conn->security_ix != 0); - ASSERT(conn->server_key); if (conn->security->issue_challenge(conn) < 0) { abort_code = RX_CALL_DEAD; |