lustre/ptlrpc/gss/gss_api.h

   1 /*
   2  * Modifications for Lustre
   3  *
   4  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
   5  *
   6  * Author: Eric Mei <ericm@clusterfs.com>
   7  */
   8
   9 /*
  10  * Somewhat simplified version of the gss api.
  11  *
  12  * Dug Song <dugsong@monkey.org>
  13  * Andy Adamson <andros@umich.edu>
  14  * Bruce Fields <bfields@umich.edu>
  15  * Copyright (c) 2000 The Regents of the University of Michigan
  16  *
  17  */
  18
  19 #ifndef __PTLRPC_GSS_GSS_API_H_
  20 #define __PTLRPC_GSS_GSS_API_H_
  21
  22 #include <uapi/linux/lustre/lgss.h>
  23
  24 struct gss_api_mech;
  25
  26 typedef int (*digest_hash)(
  27         struct ahash_request *req, rawobj_t *hdr,
  28         int msgcnt, rawobj_t *msgs,
  29         int iovcnt, struct bio_vec *iovs);
  30
  31 /* The mechanism-independent gss-api context: */
  32 struct gss_ctx {
  33         struct gss_api_mech *mech_type;
  34         void *internal_ctx_id;
  35         digest_hash hash_func;
  36 };
  37
  38 #define GSS_C_NO_BUFFER         ((rawobj_t) 0)
  39 #define GSS_C_NO_CONTEXT        ((struct gss_ctx *) 0)
  40 #define GSS_C_NULL_OID          ((rawobj_t) 0)
  41
  42 /*
  43  * gss-api prototypes; note that these are somewhat simplified versions of
  44  * the prototypes specified in RFC 2744.
  45  */
  46 __u32 lgss_import_sec_context(
  47                 rawobj_t                *input_token,
  48                 struct gss_api_mech     *mech,
  49                 struct gss_ctx         **ctx);
  50 __u32 lgss_copy_reverse_context(
  51                 struct gss_ctx          *ctx,
  52                 struct gss_ctx         **ctx_new);
  53 __u32 lgss_inquire_context(
  54                 struct gss_ctx          *ctx,
  55                 time64_t *endtime);
  56 __u32 lgss_get_mic(
  57                 struct gss_ctx          *ctx,
  58                 int                      msgcnt,
  59                 rawobj_t                *msgs,
  60                 int                      iovcnt,
  61                 struct bio_vec             *iovs,
  62                 rawobj_t                *mic_token);
  63 __u32 lgss_verify_mic(
  64                 struct gss_ctx          *ctx,
  65                 int                      msgcnt,
  66                 rawobj_t                *msgs,
  67                 int                      iovcnt,
  68                 struct bio_vec             *iovs,
  69                 rawobj_t                *mic_token);
  70 __u32 lgss_wrap(
  71                 struct gss_ctx          *ctx,
  72                 rawobj_t                *gsshdr,
  73                 rawobj_t                *msg,
  74                 int                      msg_buflen,
  75                 rawobj_t                *out_token);
  76 __u32 lgss_unwrap(
  77                 struct gss_ctx          *ctx,
  78                 rawobj_t                *gsshdr,
  79                 rawobj_t                *token,
  80                 rawobj_t                *out_msg);
  81 __u32 lgss_prep_bulk(
  82                 struct gss_ctx          *gctx,
  83                 struct ptlrpc_bulk_desc *desc);
  84 __u32 lgss_wrap_bulk(
  85                 struct gss_ctx          *gctx,
  86                 struct ptlrpc_bulk_desc *desc,
  87                 rawobj_t                *token,
  88                 int                      adj_nob);
  89 __u32 lgss_unwrap_bulk(
  90                 struct gss_ctx          *gctx,
  91                 struct ptlrpc_bulk_desc *desc,
  92                 rawobj_t                *token,
  93                 int                      adj_nob);
  94 __u32 lgss_delete_sec_context(
  95                 struct gss_ctx         **ctx);
  96 int lgss_display(
  97                 struct gss_ctx          *ctx,
  98                 char                    *buf,
  99                 int                      bufsize);
 100
 101 struct subflavor_desc {
 102         __u32           sf_subflavor;
 103         __u32           sf_qop;
 104         __u32           sf_service;
 105         char           *sf_name;
 106 };
 107
 108 /* Each mechanism is described by the following struct: */
 109 struct gss_api_mech {
 110         struct list_head        gm_list;
 111         struct module          *gm_owner;
 112         char                   *gm_name;
 113         rawobj_t                gm_oid;
 114         atomic_t                gm_count;
 115         struct gss_api_ops     *gm_ops;
 116         int                     gm_sf_num;
 117         struct subflavor_desc  *gm_sfs;
 118 };
 119
 120 /* and must provide the following operations: */
 121 struct gss_api_ops {
 122         __u32 (*gss_import_sec_context)(
 123                         rawobj_t               *input_token,
 124                         struct gss_ctx         *ctx);
 125         __u32 (*gss_copy_reverse_context)(
 126                         struct gss_ctx         *ctx,
 127                         struct gss_ctx         *ctx_new);
 128         __u32 (*gss_inquire_context)(
 129                         struct gss_ctx         *ctx,
 130                         time64_t *endtime);
 131         __u32 (*gss_get_mic)(
 132                         struct gss_ctx         *ctx,
 133                         int                     msgcnt,
 134                         rawobj_t               *msgs,
 135                         int                     iovcnt,
 136                         struct bio_vec         *iovs,
 137                         rawobj_t               *mic_token);
 138         __u32 (*gss_verify_mic)(
 139                         struct gss_ctx         *ctx,
 140                         int                     msgcnt,
 141                         rawobj_t               *msgs,
 142                         int                     iovcnt,
 143                         struct bio_vec         *iovs,
 144                         rawobj_t               *mic_token);
 145         __u32 (*gss_wrap)(
 146                         struct gss_ctx         *ctx,
 147                         rawobj_t               *gsshdr,
 148                         rawobj_t               *msg,
 149                         int                     msg_buflen,
 150                         rawobj_t               *out_token);
 151         __u32 (*gss_unwrap)(
 152                         struct gss_ctx         *ctx,
 153                         rawobj_t               *gsshdr,
 154                         rawobj_t               *token,
 155                         rawobj_t               *out_msg);
 156         __u32 (*gss_prep_bulk)(
 157                         struct gss_ctx         *gctx,
 158                         struct ptlrpc_bulk_desc *desc);
 159         __u32 (*gss_wrap_bulk)(
 160                         struct gss_ctx         *gctx,
 161                         struct ptlrpc_bulk_desc *desc,
 162                         rawobj_t               *token,
 163                         int                     adj_nob);
 164         __u32 (*gss_unwrap_bulk)(
 165                         struct gss_ctx         *gctx,
 166                         struct ptlrpc_bulk_desc *desc,
 167                         rawobj_t               *token,
 168                         int                     adj_nob);
 169         void (*gss_delete_sec_context)(
 170                         void                   *ctx);
 171         int  (*gss_display)(
 172                         struct gss_ctx         *ctx,
 173                         char                   *buf,
 174                         int                     bufsize);
 175 };
 176
 177 int lgss_mech_register(struct gss_api_mech *mech);
 178 void lgss_mech_unregister(struct gss_api_mech *mech);
 179
 180 struct gss_api_mech * lgss_OID_to_mech(rawobj_t *oid);
 181 struct gss_api_mech * lgss_name_to_mech(char *name);
 182 struct gss_api_mech * lgss_subflavor_to_mech(__u32 subflavor);
 183
 184 struct gss_api_mech * lgss_mech_get(struct gss_api_mech *mech);
 185 void lgss_mech_put(struct gss_api_mech *mech);
 186
 187 #endif /* __PTLRPC_GSS_GSS_API_H_ */