lustre/ptlrpc/gss/gss_api.h

   1 /*
   2  * Modifications for Lustre
   3  *
   4  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
   5  *
   6  * Author: Eric Mei <ericm@clusterfs.com>
   7  */
   8
   9 /*
  10  * Somewhat simplified version of the gss api.
  11  *
  12  * Dug Song <dugsong@monkey.org>
  13  * Andy Adamson <andros@umich.edu>
  14  * Bruce Fields <bfields@umich.edu>
  15  * Copyright (c) 2000 The Regents of the University of Michigan
  16  *
  17  */
  18
  19 #ifndef __PTLRPC_GSS_GSS_API_H_
  20 #define __PTLRPC_GSS_GSS_API_H_
  21
  22 struct gss_api_mech;
  23
  24 typedef int (*digest_hash)(
  25         struct ahash_request *req, rawobj_t *hdr,
  26         int msgcnt, rawobj_t *msgs,
  27         int iovcnt, lnet_kiov_t *iovs);
  28
  29 /* The mechanism-independent gss-api context: */
  30 struct gss_ctx {
  31         struct gss_api_mech *mech_type;
  32         void *internal_ctx_id;
  33         digest_hash hash_func;
  34 };
  35
  36 #define GSS_C_NO_BUFFER         ((rawobj_t) 0)
  37 #define GSS_C_NO_CONTEXT        ((struct gss_ctx *) 0)
  38 #define GSS_C_NULL_OID          ((rawobj_t) 0)
  39
  40 /*
  41  * gss-api prototypes; note that these are somewhat simplified versions of
  42  * the prototypes specified in RFC 2744.
  43  */
  44 __u32 lgss_import_sec_context(
  45                 rawobj_t                *input_token,
  46                 struct gss_api_mech     *mech,
  47                 struct gss_ctx         **ctx);
  48 __u32 lgss_copy_reverse_context(
  49                 struct gss_ctx          *ctx,
  50                 struct gss_ctx         **ctx_new);
  51 __u32 lgss_inquire_context(
  52                 struct gss_ctx          *ctx,
  53                 time64_t *endtime);
  54 __u32 lgss_get_mic(
  55                 struct gss_ctx          *ctx,
  56                 int                      msgcnt,
  57                 rawobj_t                *msgs,
  58                 int                      iovcnt,
  59                 lnet_kiov_t             *iovs,
  60                 rawobj_t                *mic_token);
  61 __u32 lgss_verify_mic(
  62                 struct gss_ctx          *ctx,
  63                 int                      msgcnt,
  64                 rawobj_t                *msgs,
  65                 int                      iovcnt,
  66                 lnet_kiov_t             *iovs,
  67                 rawobj_t                *mic_token);
  68 __u32 lgss_wrap(
  69                 struct gss_ctx          *ctx,
  70                 rawobj_t                *gsshdr,
  71                 rawobj_t                *msg,
  72                 int                      msg_buflen,
  73                 rawobj_t                *out_token);
  74 __u32 lgss_unwrap(
  75                 struct gss_ctx          *ctx,
  76                 rawobj_t                *gsshdr,
  77                 rawobj_t                *token,
  78                 rawobj_t                *out_msg);
  79 __u32 lgss_prep_bulk(
  80                 struct gss_ctx          *gctx,
  81                 struct ptlrpc_bulk_desc *desc);
  82 __u32 lgss_wrap_bulk(
  83                 struct gss_ctx          *gctx,
  84                 struct ptlrpc_bulk_desc *desc,
  85                 rawobj_t                *token,
  86                 int                      adj_nob);
  87 __u32 lgss_unwrap_bulk(
  88                 struct gss_ctx          *gctx,
  89                 struct ptlrpc_bulk_desc *desc,
  90                 rawobj_t                *token,
  91                 int                      adj_nob);
  92 __u32 lgss_delete_sec_context(
  93                 struct gss_ctx         **ctx);
  94 int lgss_display(
  95                 struct gss_ctx          *ctx,
  96                 char                    *buf,
  97                 int                      bufsize);
  98
  99 struct subflavor_desc {
 100         __u32           sf_subflavor;
 101         __u32           sf_qop;
 102         __u32           sf_service;
 103         char           *sf_name;
 104 };
 105
 106 /* Each mechanism is described by the following struct: */
 107 struct gss_api_mech {
 108         struct list_head        gm_list;
 109         struct module          *gm_owner;
 110         char                   *gm_name;
 111         rawobj_t                gm_oid;
 112         atomic_t                gm_count;
 113         struct gss_api_ops     *gm_ops;
 114         int                     gm_sf_num;
 115         struct subflavor_desc  *gm_sfs;
 116 };
 117
 118 /* and must provide the following operations: */
 119 struct gss_api_ops {
 120         __u32 (*gss_import_sec_context)(
 121                         rawobj_t               *input_token,
 122                         struct gss_ctx         *ctx);
 123         __u32 (*gss_copy_reverse_context)(
 124                         struct gss_ctx         *ctx,
 125                         struct gss_ctx         *ctx_new);
 126         __u32 (*gss_inquire_context)(
 127                         struct gss_ctx         *ctx,
 128                         time64_t *endtime);
 129         __u32 (*gss_get_mic)(
 130                         struct gss_ctx         *ctx,
 131                         int                     msgcnt,
 132                         rawobj_t               *msgs,
 133                         int                     iovcnt,
 134                         lnet_kiov_t            *iovs,
 135                         rawobj_t               *mic_token);
 136         __u32 (*gss_verify_mic)(
 137                         struct gss_ctx         *ctx,
 138                         int                     msgcnt,
 139                         rawobj_t               *msgs,
 140                         int                     iovcnt,
 141                         lnet_kiov_t            *iovs,
 142                         rawobj_t               *mic_token);
 143         __u32 (*gss_wrap)(
 144                         struct gss_ctx         *ctx,
 145                         rawobj_t               *gsshdr,
 146                         rawobj_t               *msg,
 147                         int                     msg_buflen,
 148                         rawobj_t               *out_token);
 149         __u32 (*gss_unwrap)(
 150                         struct gss_ctx         *ctx,
 151                         rawobj_t               *gsshdr,
 152                         rawobj_t               *token,
 153                         rawobj_t               *out_msg);
 154         __u32 (*gss_prep_bulk)(
 155                         struct gss_ctx         *gctx,
 156                         struct ptlrpc_bulk_desc *desc);
 157         __u32 (*gss_wrap_bulk)(
 158                         struct gss_ctx         *gctx,
 159                         struct ptlrpc_bulk_desc *desc,
 160                         rawobj_t               *token,
 161                         int                     adj_nob);
 162         __u32 (*gss_unwrap_bulk)(
 163                         struct gss_ctx         *gctx,
 164                         struct ptlrpc_bulk_desc *desc,
 165                         rawobj_t               *token,
 166                         int                     adj_nob);
 167         void (*gss_delete_sec_context)(
 168                         void                   *ctx);
 169         int  (*gss_display)(
 170                         struct gss_ctx         *ctx,
 171                         char                   *buf,
 172                         int                     bufsize);
 173 };
 174
 175 int lgss_mech_register(struct gss_api_mech *mech);
 176 void lgss_mech_unregister(struct gss_api_mech *mech);
 177
 178 struct gss_api_mech * lgss_OID_to_mech(rawobj_t *oid);
 179 struct gss_api_mech * lgss_name_to_mech(char *name);
 180 struct gss_api_mech * lgss_subflavor_to_mech(__u32 subflavor);
 181
 182 struct gss_api_mech * lgss_mech_get(struct gss_api_mech *mech);
 183 void lgss_mech_put(struct gss_api_mech *mech);
 184
 185 #endif /* __PTLRPC_GSS_GSS_API_H_ */