Merge branch 'for-2.6.25' of master.kernel.org:/pub/scm/linux/kernel/git/galak/powerp...

[~andy/linux] / net / sunrpc / auth_gss / gss_krb5_unseal.c

diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index 75a75a6d133657ed12546e28c9f11b83e7c6cf87..e30a993466bc2ccb27de86c66656390baecf22dc 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -86,7 +86,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
        unsigned char           *ptr = (unsigned char *)read_token->data;
        int                     bodysize;
 
-       dprintk("RPC:      krb5_read_token\n");
+       dprintk("RPC:       krb5_read_token\n");
 
        if (g_verify_token_header(&ctx->mech_used, &bodysize, &ptr,
                                        read_token->len))
@@ -99,16 +99,14 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
        /* XXX sanity-check bodysize?? */
 
        signalg = ptr[0] + (ptr[1] << 8);
-       sealalg = ptr[2] + (ptr[3] << 8);
-
-       /* Sanity checks */
-
-       if ((ptr[4] != 0xff) || (ptr[5] != 0xff))
+       if (signalg != SGN_ALG_DES_MAC_MD5)
                return GSS_S_DEFECTIVE_TOKEN;
 
-       if (sealalg != 0xffff)
+       sealalg = ptr[2] + (ptr[3] << 8);
+       if (sealalg != SEAL_ALG_NONE)
                return GSS_S_DEFECTIVE_TOKEN;
-       if (signalg != SGN_ALG_DES_MAC_MD5)
+
+       if ((ptr[4] != 0xff) || (ptr[5] != 0xff))
                return GSS_S_DEFECTIVE_TOKEN;
 
        if (make_checksum("md5", ptr - 2, 8, message_buffer, 0, &md5cksum))