1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
2 * vim:expandtab:shiftwidth=8:tabstop=8:
4 * Modified from NFSv4 project for Lustre
5 * Copyright 2004, Cluster File Systems, Inc.
7 * Author: Eric Mei <ericm@clusterfs.com>
10 #ifndef __SEC_GSS_GSS_INTERNAL_H_
11 #define __SEC_GSS_GSS_INTERNAL_H_
16 typedef struct rawobj_s {
21 int rawobj_alloc(rawobj_t *obj, char *buf, int len);
22 void rawobj_free(rawobj_t *obj);
23 int rawobj_equal(rawobj_t *a, rawobj_t *b);
24 int rawobj_dup(rawobj_t *dest, rawobj_t *src);
25 int rawobj_serialize(rawobj_t *obj, __u32 **buf, __u32 *buflen);
26 int rawobj_extract(rawobj_t *obj, __u32 **buf, __u32 *buflen);
27 int rawobj_extract_local(rawobj_t *obj, __u32 **buf, __u32 *buflen);
29 typedef struct rawobj_buf_s {
36 #define MAXSEQ 0x80000000 /* maximum legal sequence number, from rfc 2203 */
39 RPC_GSS_PROC_DATA = 0,
40 RPC_GSS_PROC_INIT = 1,
41 RPC_GSS_PROC_CONTINUE_INIT = 2,
42 RPC_GSS_PROC_DESTROY = 3,
47 RPC_GSS_SVC_INTEGRITY = 2,
48 RPC_GSS_SVC_PRIVACY = 3,
51 /* on-the-wire gss cred: */
52 struct rpc_gss_wire_cred {
53 __u32 gc_v; /* version */
54 __u32 gc_proc; /* control procedure */
55 __u32 gc_seq; /* sequence number */
56 __u32 gc_svc; /* service */
57 rawobj_t gc_ctx; /* context handle */
60 /* on-the-wire gss verifier: */
61 struct rpc_gss_wire_verf {
70 spinlock_t gc_seq_lock;
71 struct gss_ctx *gc_gss_ctx;
77 struct ptlrpc_cred gc_base;
78 ptlrpcs_flavor_t gc_flavor;
79 struct gss_cl_ctx *gc_ctx;
83 * This only guaranteed be enough for current krb5 des-cbc-crc . We might
84 * adjust this when new enc type or mech added in.
86 #define GSS_PRIVBUF_PREFIX_LEN (32)
87 #define GSS_PRIVBUF_SUFFIX_LEN (32)
89 /* This is too coarse. We'll let mech determine it */
90 #define GSS_MAX_AUTH_PAYLOAD (128)
92 /* gss_mech_switch.c */
93 int init_kerberos_module(void);
94 void cleanup_kerberos_module(void);
96 /* gss_generic_token.c */
97 int g_token_size(rawobj_t *mech, unsigned int body_size);
98 void g_make_token_header(rawobj_t *mech, int body_size, unsigned char **buf);
99 __u32 g_verify_token_header(rawobj_t *mech, int *body_size,
100 unsigned char **buf_in, int toksize);
103 int gss_svc_init(void);
104 void gss_svc_exit(void);
106 #endif /* __SEC_GSS_GSS_INTERNAL_H_ */