-/* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
- * vim:expandtab:shiftwidth=8:tabstop=8:
- *
+/*
* Modifications for Lustre
- * Copyright 2007, Cluster File Systems, Inc.
- * All rights reserved
+ *
+ * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
+ *
* Author: Eric Mei <ericm@clusterfs.com>
*/
#ifndef LGSS_UTILS_H
#define LGSS_UTILS_H
+#include <inttypes.h>
#include <stdlib.h>
#include <stdint.h>
#include <gssapi/gssapi.h>
-#include <libcfs/libcfs.h>
+#include "lsupport.h"
-#define LGSS_SVC_MDS_STR "lustre_mds"
-#define LGSS_SVC_OST_STR "lustre_oss"
#define LGSS_SVC_MGS_STR "lustre_mgs"
+#define LGSS_SVC_MDS_STR "lustre_mds"
+#define LGSS_SVC_OSS_STR "lustre_oss"
#define LGSS_USR_ROOT_STR "lustre_root"
typedef enum {
- LGSS_SVC_MDS = 0,
- LGSS_SVC_OSS = 1,
- LGSS_SVC_MGS = 2,
+ LGSS_SVC_MGS = 0,
+ LGSS_SVC_MDS = 1,
+ LGSS_SVC_OSS = 2,
LGSS_SVC_MAX
} lgss_svc_t;
****************************************/
typedef enum {
- LGSS_MUTEX_KRB5 = 0,
- LGSS_MUTEX_MAX
+ LGSS_MUTEX_KRB5 = 0,
+ LGSS_MUTEX_MAX
} lgss_mutex_id_t;
int lgss_mutex_lock(lgss_mutex_id_t mid);
extern loglevel_t g_log_level;
-void __logmsg(loglevel_t level, const char *func, const char *format, ...);
+void lgss_set_loglevel(loglevel_t level);
+
+void __logmsg(loglevel_t level, const char *func, const char *format, ...)
+ __attribute__((format(printf, 3, 4)));
+
void __logmsg_gss(loglevel_t level, const char *func, const gss_OID mech,
- uint32_t major, uint32_t minor, const char *format, ...);
+ uint32_t major, uint32_t minor, const char *format, ...)
+ __attribute__((format(printf, 6, 7)));
#define logmsg(loglevel, format, args...) \
do { \
- if (unlikely(loglevel <= g_log_level)) \
+ if (loglevel <= g_log_level) \
__logmsg(loglevel, __FUNCTION__, format, ##args); \
} while (0)
#define logmsg_gss(loglevel, mech, major, minor, format, args...) \
do { \
- if (unlikely(loglevel <= g_log_level)) \
+ if (loglevel <= g_log_level) \
__logmsg_gss(loglevel, __FUNCTION__, mech, \
major, minor, format, ##args); \
} while (0)
#define lassert(exp) \
do { \
- if ((int)(exp) == 0) { \
+ if (!(exp)) { \
logmsg(LL_ERR, "ASSERTION FAILED: %s", #exp); \
exit(-1); \
} \
#define printerr(priority, format, args...) \
logmsg(priority, format, ##args)
-#define pgsserr(msg, maj_stat, min_stat, mech) \
- logmsg_gss(LL_ERR, mech, maj_stat, min_stat, "")
+#define pgsserr(msg, maj_stat, min_stat, mech) \
+ logmsg_gss(LL_ERR, mech, maj_stat, min_stat, msg)
/****************************************
* GSS MECH, OIDs *
extern gss_OID_desc krb5oid;
extern gss_OID_desc spkm3oid;
-
-typedef enum {
- LGSS_MECH_KRB5 = 0,
-} lgss_mech_t;
+extern gss_OID_desc nulloid;
+extern gss_OID_desc skoid;
/****************************************
* client credentials *
struct lgss_cred;
struct lgss_mech_type {
- char *lmt_name;
- lgss_mech_t lmt_mech_n;
-
- int (*lmt_init)(void);
- void (*lmt_fini)(void);
- int (*lmt_prepare_cred)(struct lgss_cred *cred);
- void (*lmt_release_cred)(struct lgss_cred *cred);
- int (*lmt_using_cred)(struct lgss_cred *cred);
+ char *lmt_name;
+ enum lgss_mech lmt_mech_n;
+
+ int (*lmt_init)(void);
+ void (*lmt_fini)(void);
+ int (*lmt_prepare_cred)(struct lgss_cred *cred);
+ void (*lmt_release_cred)(struct lgss_cred *cred);
+ int (*lmt_using_cred)(struct lgss_cred *cred);
+ int (*lmt_validate_cred)(struct lgss_cred *cred,
+ gss_buffer_desc *token,
+ gss_buffer_desc *ctx_token);
};
struct lgss_cred {
- int lc_uid;
- unsigned int lc_fl_root:1,
- lc_fl_mds:1;
- uint64_t lc_tgt_nid;
- uint32_t lc_tgt_svc;
-
- struct lgss_mech_type *lc_mech;
- void *lc_mech_cred;
+ int lc_uid;
+ unsigned int lc_root_flags;
+ uint64_t lc_self_nid;
+ uint64_t lc_tgt_nid;
+ uint32_t lc_tgt_svc;
+ char lc_svc_type;
+ char *lc_tgt_uuid;
+
+ struct lgss_mech_type *lc_mech;
+ void *lc_mech_cred;
+ gss_buffer_desc lc_mech_token;
};
struct lgss_mech_type *lgss_name2mech(const char *mech_name);
int lgss_prepare_cred(struct lgss_cred *cred);
void lgss_release_cred(struct lgss_cred *cred);
int lgss_using_cred(struct lgss_cred *cred);
+int lgss_validate_cred(struct lgss_cred *cred, gss_buffer_desc *token,
+ gss_buffer_desc *ctx_token);
int lgss_get_service_str(char **string, uint32_t lsvc, uint64_t tgt_nid);
-
-extern gss_OID_desc krb5oid;
-extern gss_OID_desc spkm3oid;
-
static inline
int gss_OID_equal(gss_OID_desc *oid1, gss_OID_desc *oid2)
{