1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
2 * vim:expandtab:shiftwidth=8:tabstop=8:
4 * Modifications for Lustre
5 * Copyright 2004 - 2006, Cluster File Systems, Inc.
7 * Author: Eric Mei <ericm@clusterfs.com>
11 * Adapted from MIT Kerberos 5-1.2.1 include/gssapi/gssapi.h
13 * Copyright (c) 2002 The Regents of the University of Michigan.
14 * All rights reserved.
16 * Andy Adamson <andros@umich.edu>
20 * Copyright 1993 by OpenVision Technologies, Inc.
22 * Permission to use, copy, modify, distribute, and sell this software
23 * and its documentation for any purpose is hereby granted without fee,
24 * provided that the above copyright notice appears in all copies and
25 * that both that copyright notice and this permission notice appear in
26 * supporting documentation, and that the name of OpenVision not be used
27 * in advertising or publicity pertaining to distribution of the software
28 * without specific, written prior permission. OpenVision makes no
29 * representations about the suitability of this software for any
30 * purpose. It is provided "as is" without express or implied warranty.
32 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
33 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
34 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
35 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
36 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
37 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
38 * PERFORMANCE OF THIS SOFTWARE.
41 #ifndef __PTLRPC_GSS_GSS_ERR_H_
42 #define __PTLRPC_GSS_GSS_ERR_H_
44 typedef unsigned int OM_uint32;
47 * Flag bits for context-level services.
49 #define GSS_C_DELEG_FLAG (1)
50 #define GSS_C_MUTUAL_FLAG (2)
51 #define GSS_C_REPLAY_FLAG (4)
52 #define GSS_C_SEQUENCE_FLAG (8)
53 #define GSS_C_CONF_FLAG (16)
54 #define GSS_C_INTEG_FLAG (32)
55 #define GSS_C_ANON_FLAG (64)
56 #define GSS_C_PROT_READY_FLAG (128)
57 #define GSS_C_TRANS_FLAG (256)
60 * Credential usage options
62 #define GSS_C_BOTH (0)
63 #define GSS_C_INITIATE (1)
64 #define GSS_C_ACCEPT (2)
67 * Status code types for gss_display_status
69 #define GSS_C_GSS_CODE (1)
70 #define GSS_C_MECH_CODE (2)
74 * Define the default Quality of Protection for per-message services. Note
75 * that an implementation that offers multiple levels of QOP may either reserve
76 * a value (for example zero, as assumed here) to mean "default protection", or
77 * alternatively may simply equate GSS_C_QOP_DEFAULT to a specific explicit
78 * QOP value. However a value of 0 should always be interpreted by a GSSAPI
79 * implementation as a request for the default protection level.
81 #define GSS_C_QOP_DEFAULT (0)
84 * Expiration time of 2^32-1 seconds means infinite lifetime for a
85 * credential or security context
87 #define GSS_C_INDEFINITE ((OM_uint32) 0xfffffffful)
90 /* Major status codes */
92 #define GSS_S_COMPLETE (0)
95 * Some "helper" definitions to make the status code macros obvious.
97 #define GSS_C_CALLING_ERROR_OFFSET (24)
98 #define GSS_C_ROUTINE_ERROR_OFFSET (16)
99 #define GSS_C_SUPPLEMENTARY_OFFSET (0)
100 #define GSS_C_CALLING_ERROR_MASK ((OM_uint32) 0377ul)
101 #define GSS_C_ROUTINE_ERROR_MASK ((OM_uint32) 0377ul)
102 #define GSS_C_SUPPLEMENTARY_MASK ((OM_uint32) 0177777ul)
105 * The macros that test status codes for error conditions. Note that the
106 * GSS_ERROR() macro has changed slightly from the V1 GSSAPI so that it now
107 * evaluates its argument only once.
109 #define GSS_CALLING_ERROR(x) \
110 ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET))
111 #define GSS_ROUTINE_ERROR(x) \
112 ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))
113 #define GSS_SUPPLEMENTARY_INFO(x) \
114 ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET))
115 #define GSS_ERROR(x) \
116 ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \
117 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)))
120 * Now the actual status code definitions
126 #define GSS_S_CALL_INACCESSIBLE_READ \
127 (((OM_uint32) 1ul) << GSS_C_CALLING_ERROR_OFFSET)
128 #define GSS_S_CALL_INACCESSIBLE_WRITE \
129 (((OM_uint32) 2ul) << GSS_C_CALLING_ERROR_OFFSET)
130 #define GSS_S_CALL_BAD_STRUCTURE \
131 (((OM_uint32) 3ul) << GSS_C_CALLING_ERROR_OFFSET)
136 #define GSS_S_BAD_MECH \
137 (((OM_uint32) 1ul) << GSS_C_ROUTINE_ERROR_OFFSET)
138 #define GSS_S_BAD_NAME \
139 (((OM_uint32) 2ul) << GSS_C_ROUTINE_ERROR_OFFSET)
140 #define GSS_S_BAD_NAMETYPE \
141 (((OM_uint32) 3ul) << GSS_C_ROUTINE_ERROR_OFFSET)
142 #define GSS_S_BAD_BINDINGS \
143 (((OM_uint32) 4ul) << GSS_C_ROUTINE_ERROR_OFFSET)
144 #define GSS_S_BAD_STATUS \
145 (((OM_uint32) 5ul) << GSS_C_ROUTINE_ERROR_OFFSET)
146 #define GSS_S_BAD_SIG \
147 (((OM_uint32) 6ul) << GSS_C_ROUTINE_ERROR_OFFSET)
148 #define GSS_S_NO_CRED \
149 (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET)
150 #define GSS_S_NO_CONTEXT \
151 (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET)
152 #define GSS_S_DEFECTIVE_TOKEN \
153 (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET)
154 #define GSS_S_DEFECTIVE_CREDENTIAL \
155 (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET)
156 #define GSS_S_CREDENTIALS_EXPIRED \
157 (((OM_uint32) 11ul) << GSS_C_ROUTINE_ERROR_OFFSET)
158 #define GSS_S_CONTEXT_EXPIRED \
159 (((OM_uint32) 12ul) << GSS_C_ROUTINE_ERROR_OFFSET)
160 #define GSS_S_FAILURE \
161 (((OM_uint32) 13ul) << GSS_C_ROUTINE_ERROR_OFFSET)
162 #define GSS_S_BAD_QOP \
163 (((OM_uint32) 14ul) << GSS_C_ROUTINE_ERROR_OFFSET)
164 #define GSS_S_UNAUTHORIZED \
165 (((OM_uint32) 15ul) << GSS_C_ROUTINE_ERROR_OFFSET)
166 #define GSS_S_UNAVAILABLE \
167 (((OM_uint32) 16ul) << GSS_C_ROUTINE_ERROR_OFFSET)
168 #define GSS_S_DUPLICATE_ELEMENT \
169 (((OM_uint32) 17ul) << GSS_C_ROUTINE_ERROR_OFFSET)
170 #define GSS_S_NAME_NOT_MN \
171 (((OM_uint32) 18ul) << GSS_C_ROUTINE_ERROR_OFFSET)
174 * Supplementary info bits:
176 #define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0))
177 #define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1))
178 #define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2))
179 #define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3))
180 #define GSS_S_GAP_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4))
182 /* XXXX these are not part of the GSSAPI C bindings! (but should be) */
184 #define GSS_CALLING_ERROR_FIELD(x) \
185 (((x) >> GSS_C_CALLING_ERROR_OFFSET) & GSS_C_CALLING_ERROR_MASK)
186 #define GSS_ROUTINE_ERROR_FIELD(x) \
187 (((x) >> GSS_C_ROUTINE_ERROR_OFFSET) & GSS_C_ROUTINE_ERROR_MASK)
188 #define GSS_SUPPLEMENTARY_INFO_FIELD(x) \
189 (((x) >> GSS_C_SUPPLEMENTARY_OFFSET) & GSS_C_SUPPLEMENTARY_MASK)
191 /* XXXX This is a necessary evil until the spec is fixed */
192 #define GSS_S_CRED_UNAVAIL GSS_S_FAILURE
194 #endif /* __PTLRPC_GSS_GSS_ERR_H_ */