RxRPC: Declare the security index constants symbolically

Declare the security index constants symbolically rather than just referring
to them numerically.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/linux/rxrpc.h b/include/linux/rxrpc.h
index f7b826b565c721bfbd823cc485bbfd41f787e332..a53915cd5581d7c7b9c21f334d3a01f093c0a1b4 100644 (file)
--- a/include/linux/rxrpc.h
+++ b/include/linux/rxrpc.h
@@ -58,5 +58,12 @@ struct sockaddr_rxrpc {
 #define RXRPC_SECURITY_AUTH    1       /* authenticated packets */
 #define RXRPC_SECURITY_ENCRYPT 2       /* encrypted packets */
 
+/*
+ * RxRPC security indices
+ */
+#define RXRPC_SECURITY_NONE    0       /* no security protocol */
+#define RXRPC_SECURITY_RXKAD   2       /* kaserver or kerberos 4 */
+#define RXRPC_SECURITY_RXGK    4       /* gssapi-based */
+#define RXRPC_SECURITY_RXK5    5       /* kerberos 5 */
 
 #endif /* _LINUX_RXRPC_H */

diff --git a/net/rxrpc/ar-key.c b/net/rxrpc/ar-key.c
index ad8c7a782da1f0daabcd7ff1f9076e1785ae0f23..b3d10e7ccd7e9344a80764f3f1d87f37c4cf68c4 100644 (file)
--- a/net/rxrpc/ar-key.c
+++ b/net/rxrpc/ar-key.c
@@ -122,7 +122,7 @@ static int rxrpc_instantiate(struct key *key, const void *data, size_t datalen)
                       tsec->ticket[6], tsec->ticket[7]);
 
        ret = -EPROTONOSUPPORT;
-       if (tsec->security_index != 2)
+       if (tsec->security_index != RXRPC_SECURITY_RXKAD)
                goto error;
 
        key->type_data.x[0] = tsec->security_index;
@@ -308,7 +308,7 @@ int rxrpc_get_server_data_key(struct rxrpc_connection *conn,
        _debug("key %d", key_serial(key));
 
        data.kver = 1;
-       data.tsec.security_index = 2;
+       data.tsec.security_index = RXRPC_SECURITY_RXKAD;
        data.tsec.ticket_len = 0;
        data.tsec.expiry = expiry;
        data.tsec.kvno = 0;

diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index ef8f91030a150ff6cb4605c8229dd1955b3528e0..acec76292c01421f1cb7e17f21a9a748b02d1cc0 100644 (file)
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -42,7 +42,7 @@ struct rxkad_level2_hdr {
        __be32  checksum;       /* decrypted data checksum */
 };
 
-MODULE_DESCRIPTION("RxRPC network protocol type-2 security (Kerberos)");
+MODULE_DESCRIPTION("RxRPC network protocol type-2 security (Kerberos 4)");
 MODULE_AUTHOR("Red Hat, Inc.");
 MODULE_LICENSE("GPL");
 
@@ -506,7 +506,7 @@ static int rxkad_verify_packet(const struct rxrpc_call *call,
        if (!call->conn->cipher)
                return 0;
 
-       if (sp->hdr.securityIndex != 2) {
+       if (sp->hdr.securityIndex != RXRPC_SECURITY_RXKAD) {
                *_abort_code = RXKADINCONSISTENCY;
                _leave(" = -EPROTO [not rxkad]");
                return -EPROTO;
@@ -1122,7 +1122,7 @@ static void rxkad_clear(struct rxrpc_connection *conn)
 static struct rxrpc_security rxkad = {
        .owner                          = THIS_MODULE,
        .name                           = "rxkad",
-       .security_index                 = RXKAD_VERSION,
+       .security_index                 = RXRPC_SECURITY_RXKAD,
        .init_connection_security       = rxkad_init_connection_security,
        .prime_packet_security          = rxkad_prime_packet_security,
        .secure_packet                  = rxkad_secure_packet,