lustre/utils/gss/lgss_utils.h

   1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
   2  * vim:expandtab:shiftwidth=8:tabstop=8:
   3  *
   4  * Modifications for Lustre
   5  * Copyright 2007, Cluster File Systems, Inc.
   6  * All rights reserved
   7  * Author: Eric Mei <ericm@clusterfs.com>
   8  */
   9
  10 /*
  11   Copyright (c) 2004 The Regents of the University of Michigan.
  12   All rights reserved.
  13
  14   Redistribution and use in source and binary forms, with or without
  15   modification, are permitted provided that the following conditions
  16   are met:
  17
  18   1. Redistributions of source code must retain the above copyright
  19      notice, this list of conditions and the following disclaimer.
  20   2. Redistributions in binary form must reproduce the above copyright
  21      notice, this list of conditions and the following disclaimer in the
  22      documentation and/or other materials provided with the distribution.
  23   3. Neither the name of the University nor the names of its
  24      contributors may be used to endorse or promote products derived
  25      from this software without specific prior written permission.
  26
  27   THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  28   WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  29   MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  30   DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  31   FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  32   CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  33   SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  34   BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  35   LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  36   NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  37   SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  38 */
  39
  40 #ifndef LGSS_UTILS_H
  41 #define LGSS_UTILS_H
  42
  43 #include <stdlib.h>
  44 #include <gssapi/gssapi.h>
  45
  46 #ifndef likely
  47 #define likely(exp)             (exp)
  48 #endif
  49
  50 #ifndef unlikely
  51 #define unlikely(exp)           (exp)
  52 #endif
  53
  54 #define LGSS_SVC_MDS_STR        "lustre_mds"
  55 #define LGSS_SVC_OST_STR        "lustre_oss"
  56 #define LGSS_SVC_MGS_STR        "lustre_mgs"
  57 #define LGSS_USR_ROOT_STR       "lustre_root"
  58
  59 typedef enum {
  60         LGSS_SVC_MDS    = 0,
  61         LGSS_SVC_OSS    = 1,
  62         LGSS_SVC_MGS    = 2,
  63         LGSS_SVC_MAX
  64 } lgss_svc_t;
  65
  66 extern const char *lgss_svc_str[LGSS_SVC_MAX];
  67
  68 /****************************************
  69  * inter-process locking                *
  70  ****************************************/
  71
  72 typedef enum {
  73         LGSS_MUTEX_KRB5         = 0,
  74         LGSS_MUTEX_MAX
  75 } lgss_mutex_id_t;
  76
  77 int lgss_mutex_lock(lgss_mutex_id_t mid);
  78 int lgss_mutex_unlock(lgss_mutex_id_t mid);
  79
  80 /****************************************
  81  * log facilities                       *
  82  ****************************************/
  83
  84 /*
  85  * log level:
  86  * LL_ERR:      critical error messages
  87  * LL_WARN:     warning (default)
  88  * LL_INFO:     important infomation
  89  * LL_DEBUG:    debugging
  90  * LL_TRACE:    excessive tracing messages
  91  */
  92 typedef enum {
  93         LL_ERR          = 0,
  94         LL_WARN         = 1,
  95         LL_INFO         = 2,
  96         LL_DEBUG        = 3,
  97         LL_TRACE        = 4,
  98         LL_MAX
  99 } loglevel_t;
 100
 101 extern loglevel_t g_log_level;
 102
 103 void __logmsg(loglevel_t level, const char *func, const char *format, ...);
 104 void __logmsg_gss(loglevel_t level, const char *func, const gss_OID mech,
 105                   uint32_t major, uint32_t minor, const char *format, ...);
 106
 107 #define logmsg(loglevel, format, args...)                               \
 108 do {                                                                    \
 109         if (unlikely(loglevel <= g_log_level))                          \
 110                 __logmsg(loglevel, __FUNCTION__, format, ##args);       \
 111 } while (0)
 112
 113 #define logmsg_gss(loglevel, mech, major, minor, format, args...)       \
 114 do {                                                                    \
 115         if (unlikely(loglevel <= g_log_level))                          \
 116                 __logmsg_gss(loglevel, __FUNCTION__, mech,              \
 117                              major, minor, format, ##args);             \
 118 } while (0)
 119
 120 #define lassert(exp)                                                    \
 121 do {                                                                    \
 122         if ((int)(exp) == 0) {                                          \
 123                 logmsg(LL_ERR, "ASSERTION FAILED: %s", #exp);           \
 124                 exit(-1);                                               \
 125         }                                                               \
 126 } while (0)
 127
 128 /*
 129  * for compatible reason, we're using files (context_xxx.c) from nfs-utils
 130  */
 131 #define printerr(priority, format, args...)                             \
 132         logmsg(priority, format, ##args)
 133
 134 #define pgsserr(msg, maj_stat, min_stat, mech)                          \
 135         logmsg_gss(LL_ERR, mech, maj_stat, min_stat, "")
 136
 137 /****************************************
 138  * GSS MECH, OIDs                       *
 139  ****************************************/
 140
 141 extern gss_OID_desc krb5oid;
 142 extern gss_OID_desc spkm3oid;
 143
 144 typedef enum {
 145         LGSS_MECH_KRB5  = 0,
 146 } lgss_mech_t;
 147
 148 /****************************************
 149  * client credentials                   *
 150  ****************************************/
 151
 152 struct lgss_cred;
 153
 154 struct lgss_mech_type {
 155         char               *lmt_name;
 156         lgss_mech_t         lmt_mech_n;
 157
 158         int                (*lmt_init)(void);
 159         void               (*lmt_fini)(void);
 160         int                (*lmt_prepare_cred)(struct lgss_cred *cred);
 161         void               (*lmt_release_cred)(struct lgss_cred *cred);
 162         int                (*lmt_using_cred)(struct lgss_cred *cred);
 163 };
 164
 165 struct lgss_cred {
 166         int                     lc_uid;
 167         unsigned int            lc_fl_root:1,
 168                                 lc_fl_mds:1;
 169         uint64_t                lc_tgt_nid;
 170         uint32_t                lc_tgt_svc;
 171
 172         struct lgss_mech_type  *lc_mech;
 173         void                   *lc_mech_cred;
 174 };
 175
 176 struct lgss_mech_type *lgss_name2mech(const char *mech_name);
 177 int  lgss_mech_initialize(struct lgss_mech_type *mech);
 178 void lgss_mech_finalize(struct lgss_mech_type *mech);
 179
 180 struct lgss_cred * lgss_create_cred(struct lgss_mech_type *mech);
 181 void lgss_destroy_cred(struct lgss_cred *cred);
 182 int lgss_prepare_cred(struct lgss_cred *cred);
 183 void lgss_release_cred(struct lgss_cred *cred);
 184 int lgss_using_cred(struct lgss_cred *cred);
 185
 186 int lgss_get_service_str(char **string, uint32_t lsvc, uint64_t tgt_nid);
 187
 188
 189 extern gss_OID_desc krb5oid;
 190 extern gss_OID_desc spkm3oid;
 191
 192 static inline
 193 int gss_OID_equal(gss_OID_desc *oid1, gss_OID_desc *oid2)
 194 {
 195         return (oid1->length == oid2->length &&
 196                 memcmp(oid1->elements, oid2->elements, oid1->length) == 0);
 197 }
 198
 199 #ifndef g_OID_equal
 200 #define g_OID_equal(o1,o2)      gss_OID_equal((o1), (o2))
 201 #endif
 202
 203 #endif /* LGSS_UTILS_H */