lustre/sec/gss/gss_api.h

   1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
   2  * vim:expandtab:shiftwidth=8:tabstop=8:
   3  *
   4  * Modifications for Lustre
   5  * Copyright 2004, Cluster File Systems, Inc.
   6  * All rights reserved
   7  * Author: Eric Mei <ericm@clusterfs.com>
   8  */
   9
  10 /*
  11  * Somewhat simplified version of the gss api.
  12  *
  13  * Dug Song <dugsong@monkey.org>
  14  * Andy Adamson <andros@umich.edu>
  15  * Bruce Fields <bfields@umich.edu>
  16  * Copyright (c) 2000 The Regents of the University of Michigan
  17  *
  18  * $Id: gss_api.h,v 1.3 2005/04/04 13:12:39 yury Exp $
  19  */
  20
  21 #ifndef __SEC_GSS_GSS_API_H_
  22 #define __SEC_GSS_GSS_API_H_
  23
  24 struct gss_api_mech;
  25
  26 /* The mechanism-independent gss-api context: */
  27 struct gss_ctx {
  28         struct gss_api_mech        *mech_type;
  29         void                       *internal_ctx_id;
  30 };
  31
  32 #define GSS_C_NO_BUFFER                ((rawobj_t) 0)
  33 #define GSS_C_NO_CONTEXT        ((struct gss_ctx *) 0)
  34 #define GSS_C_NULL_OID                ((rawobj_t) 0)
  35
  36 /*XXX  arbitrary length - is this set somewhere? */
  37 #define GSS_OID_MAX_LEN 32
  38
  39 /* gss-api prototypes; note that these are somewhat simplified versions of
  40  * the prototypes specified in RFC 2744. */
  41 __u32 kgss_import_sec_context(
  42                 rawobj_t                *input_token,
  43                 struct gss_api_mech     *mech,
  44                 struct gss_ctx         **ctx_id);
  45 __u32 kgss_inquire_context(
  46                 struct gss_ctx         *ctx_id,
  47                 __u64                  *endtime);
  48 __u32 kgss_get_mic(
  49                 struct gss_ctx          *ctx_id,
  50                 __u32                    qop,
  51                 rawobj_t                *message,
  52                 rawobj_t                *mic_token);
  53 __u32 kgss_verify_mic(
  54                 struct gss_ctx          *ctx_id,
  55                 rawobj_t                *message,
  56                 rawobj_t                *mic_token,
  57                 __u32                   *qstate);
  58 __u32 kgss_wrap(
  59                 struct gss_ctx          *ctx_id,
  60                 __u32                    qop,
  61                 rawobj_buf_t            *in_token,
  62                 rawobj_t                *out_token);
  63 __u32 kgss_unwrap(
  64                 struct gss_ctx          *ctx_id,
  65                 __u32                    qop,
  66                 rawobj_t                *in_token,
  67                 rawobj_t                *out_token);
  68 __u32 kgss_delete_sec_context(
  69                 struct gss_ctx         **ctx_id);
  70
  71 struct subflavor_desc {
  72         __u32           subflavor;
  73         __u32           qop;
  74         __u32           service;
  75         char           *name;
  76 };
  77
  78 /* Each mechanism is described by the following struct: */
  79 struct gss_api_mech {
  80         struct list_head        gm_list;
  81         struct module          *gm_owner;
  82         char                   *gm_name;
  83         rawobj_t                gm_oid;
  84         atomic_t                gm_count;
  85         struct gss_api_ops     *gm_ops;
  86         int                     gm_sf_num;
  87         struct subflavor_desc  *gm_sfs;
  88 };
  89
  90 /* and must provide the following operations: */
  91 struct gss_api_ops {
  92         __u32 (*gss_import_sec_context)(
  93                         rawobj_t               *input_token,
  94                         struct gss_ctx         *ctx_id);
  95         __u32 (*gss_inquire_context)(
  96                         struct gss_ctx         *ctx_id,
  97                         __u64                  *endtime);
  98         __u32 (*gss_get_mic)(
  99                         struct gss_ctx         *ctx_id,
 100                         __u32                   qop,
 101                         rawobj_t               *message,
 102                         rawobj_t               *mic_token);
 103         __u32 (*gss_verify_mic)(
 104                         struct gss_ctx         *ctx_id,
 105                         rawobj_t               *message,
 106                         rawobj_t               *mic_token,
 107                         __u32                  *qstate);
 108         __u32 (*gss_wrap)(
 109                         struct gss_ctx         *ctx,
 110                         __u32                   qop,
 111                         rawobj_buf_t           *in_token,
 112                         rawobj_t               *out_token);
 113         __u32 (*gss_unwrap)(
 114                         struct gss_ctx         *ctx,
 115                         __u32                   qop,
 116                         rawobj_t               *in_token,
 117                         rawobj_t               *out_token);
 118         void (*gss_delete_sec_context)(
 119                         void                   *internal_ctx_id);
 120 };
 121
 122 int kgss_mech_register(struct gss_api_mech *mech);
 123 void kgss_mech_unregister(struct gss_api_mech *mech);
 124
 125 struct gss_api_mech * kgss_OID_to_mech(rawobj_t *);
 126 struct gss_api_mech * kgss_name_to_mech(char *name);
 127 struct gss_api_mech * kgss_subflavor_to_mech(__u32 subflavor);
 128
 129 struct gss_api_mech * kgss_mech_get(struct gss_api_mech *);
 130 void kgss_mech_put(struct gss_api_mech *);
 131
 132 #endif /* __SEC_GSS_GSS_API_H_ */