lustre/sec/gss/gss_api.h

   1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
   2  * vim:expandtab:shiftwidth=8:tabstop=8:
   3  *
   4  * Modifications for Lustre
   5  * Copyright 2004, Cluster File Systems, Inc.
   6  * All rights reserved
   7  * Author: Eric Mei <ericm@clusterfs.com>
   8  */
   9
  10 /*
  11  * Somewhat simplified version of the gss api.
  12  *
  13  * Dug Song <dugsong@monkey.org>
  14  * Andy Adamson <andros@umich.edu>
  15  * Bruce Fields <bfields@umich.edu>
  16  * Copyright (c) 2000 The Regents of the University of Michigan
  17  *
  18  */
  19
  20 #ifndef __SEC_GSS_GSS_API_H_
  21 #define __SEC_GSS_GSS_API_H_
  22
  23 struct gss_api_mech;
  24
  25 /* The mechanism-independent gss-api context: */
  26 struct gss_ctx {
  27         struct gss_api_mech        *mech_type;
  28         void                       *internal_ctx_id;
  29 };
  30
  31 #define GSS_C_NO_BUFFER                ((rawobj_t) 0)
  32 #define GSS_C_NO_CONTEXT        ((struct gss_ctx *) 0)
  33 #define GSS_C_NULL_OID                ((rawobj_t) 0)
  34
  35 /*XXX  arbitrary length - is this set somewhere? */
  36 #define GSS_OID_MAX_LEN 32
  37
  38 /* gss-api prototypes; note that these are somewhat simplified versions of
  39  * the prototypes specified in RFC 2744. */
  40 __u32 kgss_import_sec_context(
  41                 rawobj_t                *input_token,
  42                 struct gss_api_mech     *mech,
  43                 struct gss_ctx         **ctx_id);
  44 __u32 kgss_inquire_context(
  45                 struct gss_ctx         *ctx_id,
  46                 __u64                  *endtime);
  47 __u32 kgss_get_mic(
  48                 struct gss_ctx          *ctx_id,
  49                 __u32                    qop,
  50                 rawobj_t                *message,
  51                 rawobj_t                *mic_token);
  52 __u32 kgss_verify_mic(
  53                 struct gss_ctx          *ctx_id,
  54                 rawobj_t                *message,
  55                 rawobj_t                *mic_token,
  56                 __u32                   *qstate);
  57 __u32 kgss_wrap(
  58                 struct gss_ctx          *ctx_id,
  59                 __u32                    qop,
  60                 rawobj_buf_t            *in_token,
  61                 rawobj_t                *out_token);
  62 __u32 kgss_unwrap(
  63                 struct gss_ctx          *ctx_id,
  64                 __u32                    qop,
  65                 rawobj_t                *in_token,
  66                 rawobj_t                *out_token);
  67 __u32 kgss_delete_sec_context(
  68                 struct gss_ctx         **ctx_id);
  69
  70 struct subflavor_desc {
  71         __u32           subflavor;
  72         __u32           qop;
  73         __u32           service;
  74         char           *name;
  75 };
  76
  77 /* Each mechanism is described by the following struct: */
  78 struct gss_api_mech {
  79         struct list_head        gm_list;
  80         struct module          *gm_owner;
  81         char                   *gm_name;
  82         rawobj_t                gm_oid;
  83         atomic_t                gm_count;
  84         struct gss_api_ops     *gm_ops;
  85         int                     gm_sf_num;
  86         struct subflavor_desc  *gm_sfs;
  87 };
  88
  89 /* and must provide the following operations: */
  90 struct gss_api_ops {
  91         __u32 (*gss_import_sec_context)(
  92                         rawobj_t               *input_token,
  93                         struct gss_ctx         *ctx_id);
  94         __u32 (*gss_inquire_context)(
  95                         struct gss_ctx         *ctx_id,
  96                         __u64                  *endtime);
  97         __u32 (*gss_get_mic)(
  98                         struct gss_ctx         *ctx_id,
  99                         __u32                   qop,
 100                         rawobj_t               *message,
 101                         rawobj_t               *mic_token);
 102         __u32 (*gss_verify_mic)(
 103                         struct gss_ctx         *ctx_id,
 104                         rawobj_t               *message,
 105                         rawobj_t               *mic_token,
 106                         __u32                  *qstate);
 107         __u32 (*gss_wrap)(
 108                         struct gss_ctx         *ctx,
 109                         __u32                   qop,
 110                         rawobj_buf_t           *in_token,
 111                         rawobj_t               *out_token);
 112         __u32 (*gss_unwrap)(
 113                         struct gss_ctx         *ctx,
 114                         __u32                   qop,
 115                         rawobj_t               *in_token,
 116                         rawobj_t               *out_token);
 117         void (*gss_delete_sec_context)(
 118                         void                   *internal_ctx_id);
 119 };
 120
 121 int kgss_mech_register(struct gss_api_mech *mech);
 122 void kgss_mech_unregister(struct gss_api_mech *mech);
 123
 124 struct gss_api_mech * kgss_OID_to_mech(rawobj_t *);
 125 struct gss_api_mech * kgss_name_to_mech(char *name);
 126 struct gss_api_mech * kgss_subflavor_to_mech(__u32 subflavor);
 127
 128 struct gss_api_mech * kgss_mech_get(struct gss_api_mech *);
 129 void kgss_mech_put(struct gss_api_mech *);
 130
 131 #endif /* __SEC_GSS_GSS_API_H_ */