For the arcfour-hmac support, the make_seq_num and get_seq_num functions need access to the kerberos context structure. This will be used in a later patch. Signed-off-by: Kevin Coffman --- include/linux/sunrpc/gss_krb5.h | 6 ++++-- net/sunrpc/auth_gss/gss_krb5_seal.c | 5 ++--- net/sunrpc/auth_gss/gss_krb5_seqnum.c | 6 ++++-- net/sunrpc/auth_gss/gss_krb5_unseal.c | 3 ++- net/sunrpc/auth_gss/gss_krb5_wrap.c | 6 +++--- 5 files changed, 15 insertions(+), 11 deletions(-) diff -up linux-2.6.29.noarch/include/linux/sunrpc/gss_krb5.h.orig linux-2.6.29.noarch/include/linux/sunrpc/gss_krb5.h --- linux-2.6.29.noarch/include/linux/sunrpc/gss_krb5.h.orig 2009-04-30 16:09:23.678334000 -0400 +++ linux-2.6.29.noarch/include/linux/sunrpc/gss_krb5.h 2009-04-30 16:10:21.259572000 -0400 @@ -275,12 +275,14 @@ gss_decrypt_xdr_buf(struct crypto_blkcip int offset); s32 -krb5_make_seq_num(struct crypto_blkcipher *key, +krb5_make_seq_num(struct krb5_ctx *kctx, + struct crypto_blkcipher *key, int direction, u32 seqnum, unsigned char *cksum, unsigned char *buf); s32 -krb5_get_seq_num(struct crypto_blkcipher *key, +krb5_get_seq_num(struct krb5_ctx *kctx, + struct crypto_blkcipher *key, unsigned char *cksum, unsigned char *buf, int *direction, u32 *seqnum); diff -up linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_seal.c.orig linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_seal.c --- linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_seal.c.orig 2009-04-30 16:07:52.481360000 -0400 +++ linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_seal.c 2009-04-30 16:10:21.266572000 -0400 @@ -153,9 +153,8 @@ gss_get_mic_v1(struct krb5_ctx *ctx, str seq_send = ctx->seq_send++; spin_unlock(&krb5_seq_lock); - if (krb5_make_seq_num(ctx->seq, ctx->initiate ? 0 : 0xff, - seq_send, ptr + GSS_KRB5_TOK_HDR_LEN, - ptr + 8)) + if (krb5_make_seq_num(ctx, ctx->seq, ctx->initiate ? 0 : 0xff, + seq_send, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8)) return GSS_S_FAILURE; return (ctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE; diff -up linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_seqnum.c.orig linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_seqnum.c --- linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_seqnum.c.orig 2009-03-23 19:12:14.000000000 -0400 +++ linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_seqnum.c 2009-04-30 16:10:21.274572000 -0400 @@ -41,7 +41,8 @@ #endif s32 -krb5_make_seq_num(struct crypto_blkcipher *key, +krb5_make_seq_num(struct krb5_ctx *kctx, + struct crypto_blkcipher *key, int direction, u32 seqnum, unsigned char *cksum, unsigned char *buf) @@ -62,7 +63,8 @@ krb5_make_seq_num(struct crypto_blkciphe } s32 -krb5_get_seq_num(struct crypto_blkcipher *key, +krb5_get_seq_num(struct krb5_ctx *kctx, + struct crypto_blkcipher *key, unsigned char *cksum, unsigned char *buf, int *direction, u32 *seqnum) diff -up linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_unseal.c.orig linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_unseal.c --- linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_unseal.c.orig 2009-04-30 16:07:52.489352000 -0400 +++ linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_unseal.c 2009-04-30 16:10:21.281572000 -0400 @@ -132,7 +132,8 @@ gss_verify_mic_v1(struct krb5_ctx *ctx, /* do sequencing checks */ - if (krb5_get_seq_num(ctx->seq, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8, &direction, &seqnum)) + if (krb5_get_seq_num(ctx, ctx->seq, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8, + &direction, &seqnum)) return GSS_S_FAILURE; if ((ctx->initiate && direction != 0xff) || diff -up linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_wrap.c.orig linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_wrap.c --- linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_wrap.c.orig 2009-04-30 16:07:52.497344000 -0400 +++ linux-2.6.29.noarch/net/sunrpc/auth_gss/gss_krb5_wrap.c 2009-04-30 16:10:21.288572000 -0400 @@ -229,7 +229,7 @@ gss_wrap_kerberos_v1(struct krb5_ctx *kc /* XXX would probably be more efficient to compute checksum * and encrypt at the same time: */ - if ((krb5_make_seq_num(kctx->seq, kctx->initiate ? 0 : 0xff, + if ((krb5_make_seq_num(kctx, kctx->seq, kctx->initiate ? 0 : 0xff, seq_send, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8))) return GSS_S_FAILURE; @@ -316,8 +316,8 @@ gss_unwrap_kerberos_v1(struct krb5_ctx * /* do sequencing checks */ - if (krb5_get_seq_num(kctx->seq, ptr + GSS_KRB5_TOK_HDR_LEN, ptr + 8, - &direction, &seqnum)) + if (krb5_get_seq_num(kctx, kctx->seq, ptr + GSS_KRB5_TOK_HDR_LEN, + ptr + 8, &direction, &seqnum)) return GSS_S_BAD_SIG; if ((kctx->initiate && direction != 0xff) ||