xref: /kernel/linux/linux-6.6/net/rxrpc/insecure.c (revision 62306a36) 
1// SPDX-License-Identifier: GPL-2.0-or-later
2/* Null security operations.
3 *
4 * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
6 */
7
8#include <net/af_rxrpc.h>
9#include "ar-internal.h"
10
11static int none_init_connection_security(struct rxrpc_connection *conn,
12					 struct rxrpc_key_token *token)
13{
14	return 0;
15}
16
17/*
18 * Work out how much data we can put in an unsecured packet.
19 */
20static int none_how_much_data(struct rxrpc_call *call, size_t remain,
21			       size_t *_buf_size, size_t *_data_size, size_t *_offset)
22{
23	*_buf_size = *_data_size = min_t(size_t, remain, RXRPC_JUMBO_DATALEN);
24	*_offset = 0;
25	return 0;
26}
27
28static int none_secure_packet(struct rxrpc_call *call, struct rxrpc_txbuf *txb)
29{
30	return 0;
31}
32
33static int none_verify_packet(struct rxrpc_call *call, struct sk_buff *skb)
34{
35	struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
36
37	sp->flags |= RXRPC_RX_VERIFIED;
38	return 0;
39}
40
41static void none_free_call_crypto(struct rxrpc_call *call)
42{
43}
44
45static int none_respond_to_challenge(struct rxrpc_connection *conn,
46				     struct sk_buff *skb)
47{
48	return rxrpc_abort_conn(conn, skb, RX_PROTOCOL_ERROR, -EPROTO,
49				rxrpc_eproto_rxnull_challenge);
50}
51
52static int none_verify_response(struct rxrpc_connection *conn,
53				struct sk_buff *skb)
54{
55	return rxrpc_abort_conn(conn, skb, RX_PROTOCOL_ERROR, -EPROTO,
56				rxrpc_eproto_rxnull_response);
57}
58
59static void none_clear(struct rxrpc_connection *conn)
60{
61}
62
63static int none_init(void)
64{
65	return 0;
66}
67
68static void none_exit(void)
69{
70}
71
72/*
73 * RxRPC Kerberos-based security
74 */
75const struct rxrpc_security rxrpc_no_security = {
76	.name				= "none",
77	.security_index			= RXRPC_SECURITY_NONE,
78	.init				= none_init,
79	.exit				= none_exit,
80	.init_connection_security	= none_init_connection_security,
81	.free_call_crypto		= none_free_call_crypto,
82	.how_much_data			= none_how_much_data,
83	.secure_packet			= none_secure_packet,
84	.verify_packet			= none_verify_packet,
85	.respond_to_challenge		= none_respond_to_challenge,
86	.verify_response		= none_verify_response,
87	.clear				= none_clear,
88};
89