Re: [PATCH 8/8] AFS: Add security support
On Wed, Apr 11, 2007 at 08:10:37PM +0100, David Howells wrote: Add security support to the AFS filesystem. Kerberos IV tickets are added as RxRPC keys are added to the session keyring with the klog program. open() and other VFS operations then find this ticket with request_key() and either use it immediately (eg: mkdir, unlink) or attach it to a file descriptor (open). Just curious--when is the actual crypto done? There doesn't seem to be any in this patch. --b. - To unsubscribe from this list: send the line unsubscribe linux-fsdevel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 8/8] AFS: Add security support
J. Bruce Fields [EMAIL PROTECTED] wrote: Just curious--when is the actual crypto done? There doesn't seem to be any in this patch. See AF_RXRPC patch: http://people.redhat.com/~dhowells/rxrpc/04-af_rxrpc.diff You turn on CONFIG_RXKAD and load the rxkad module thus built (assuming you haven't built it in) after loading the af_rxrpc module. I probably should've mentioned that in the cover. So anyone using sockets of family AF_RXRPC can use it. See these test programs: (1) The klog test program fetches a ticket from the kaserver and adds it as a key of type rxrpc: http://people.redhat.com/~dhowells/rxrpc/klog.c (2) The listen test program which listens for potentially secured incoming calls: http://people.redhat.com/~dhowells/rxrpc/listen.c (3) The rxrpc test program which can make secure calls: http://people.redhat.com/~dhowells/rxrpc/rxrpc.c David - To unsubscribe from this list: send the line unsubscribe linux-fsdevel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html