libceph: factor out __ceph_x_decrypt()

commit c571fe24d243bfe7017f0e67fe800b3cc2a1d1f7 upstream.

Will be used for decrypting the server challenge which is only preceded
by ceph_x_encrypt_header.

Drop struct_v check to allow for extending ceph_x_encrypt_header in the
future.

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index 2034fb9..f6f22fc 100644 (file)
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -69,25 +69,40 @@ static int ceph_x_encrypt(struct ceph_crypto_key *secret, void *buf,
        return sizeof(u32) + ciphertext_len;
 }
 
+static int __ceph_x_decrypt(struct ceph_crypto_key *secret, void *p,
+                           int ciphertext_len)
+{
+       struct ceph_x_encrypt_header *hdr = p;
+       int plaintext_len;
+       int ret;
+
+       ret = ceph_crypt(secret, false, p, ciphertext_len, ciphertext_len,
+                        &plaintext_len);
+       if (ret)
+               return ret;
+
+       if (le64_to_cpu(hdr->magic) != CEPHX_ENC_MAGIC) {
+               pr_err("%s bad magic\n", __func__);
+               return -EINVAL;
+       }
+
+       return plaintext_len - sizeof(*hdr);
+}
+
 static int ceph_x_decrypt(struct ceph_crypto_key *secret, void **p, void *end)
 {
-       struct ceph_x_encrypt_header *hdr = *p + sizeof(u32);
-       int ciphertext_len, plaintext_len;
+       int ciphertext_len;
        int ret;
 
        ceph_decode_32_safe(p, end, ciphertext_len, e_inval);
        ceph_decode_need(p, end, ciphertext_len, e_inval);
 
-       ret = ceph_crypt(secret, false, *p, end - *p, ciphertext_len,
-                        &plaintext_len);
-       if (ret)
+       ret = __ceph_x_decrypt(secret, *p, ciphertext_len);
+       if (ret < 0)
                return ret;
 
-       if (hdr->struct_v != 1 || le64_to_cpu(hdr->magic) != CEPHX_ENC_MAGIC)
-               return -EPERM;
-
        *p += ciphertext_len;
-       return plaintext_len - sizeof(struct ceph_x_encrypt_header);
+       return ret;
 
 e_inval:
        return -EINVAL;