#ifndef LGSS_UTILS_H
#define LGSS_UTILS_H
+#include <inttypes.h>
#include <stdlib.h>
#include <stdint.h>
#include <gssapi/gssapi.h>
+#include "lsupport.h"
+
#define LGSS_SVC_MGS_STR "lustre_mgs"
#define LGSS_SVC_MDS_STR "lustre_mds"
#define LGSS_SVC_OSS_STR "lustre_oss"
****************************************/
typedef enum {
- LGSS_MUTEX_KRB5 = 0,
- LGSS_MUTEX_MAX
+ LGSS_MUTEX_KRB5 = 0,
+ LGSS_MUTEX_MAX
} lgss_mutex_id_t;
int lgss_mutex_lock(lgss_mutex_id_t mid);
void lgss_set_loglevel(loglevel_t level);
-void __logmsg(loglevel_t level, const char *func, const char *format, ...);
+void __logmsg(loglevel_t level, const char *func, const char *format, ...)
+ __attribute__((format(printf, 3, 4)));
+
void __logmsg_gss(loglevel_t level, const char *func, const gss_OID mech,
- uint32_t major, uint32_t minor, const char *format, ...);
+ uint32_t major, uint32_t minor, const char *format, ...)
+ __attribute__((format(printf, 6, 7)));
#define logmsg(loglevel, format, args...) \
do { \
#define printerr(priority, format, args...) \
logmsg(priority, format, ##args)
-#define pgsserr(msg, maj_stat, min_stat, mech) \
- logmsg_gss(LL_ERR, mech, maj_stat, min_stat, "")
+#define pgsserr(msg, maj_stat, min_stat, mech) \
+ logmsg_gss(LL_ERR, mech, maj_stat, min_stat, msg)
/****************************************
* GSS MECH, OIDs *
extern gss_OID_desc krb5oid;
extern gss_OID_desc spkm3oid;
-
-typedef enum {
- LGSS_MECH_KRB5 = 0,
-} lgss_mech_t;
+extern gss_OID_desc nulloid;
+extern gss_OID_desc skoid;
/****************************************
* client credentials *
struct lgss_cred;
struct lgss_mech_type {
- char *lmt_name;
- lgss_mech_t lmt_mech_n;
-
- int (*lmt_init)(void);
- void (*lmt_fini)(void);
- int (*lmt_prepare_cred)(struct lgss_cred *cred);
- void (*lmt_release_cred)(struct lgss_cred *cred);
- int (*lmt_using_cred)(struct lgss_cred *cred);
-};
-
-enum {
- LGSS_ROOT_CRED_ROOT = 0x01,
- LGSS_ROOT_CRED_MDT = 0x02,
- LGSS_ROOT_CRED_OST = 0x04,
-
- LGSS_ROOT_CRED_NR = 3
+ char *lmt_name;
+ enum lgss_mech lmt_mech_n;
+
+ int (*lmt_init)(void);
+ void (*lmt_fini)(void);
+ int (*lmt_prepare_cred)(struct lgss_cred *cred);
+ void (*lmt_release_cred)(struct lgss_cred *cred);
+ int (*lmt_using_cred)(struct lgss_cred *cred);
+ int (*lmt_validate_cred)(struct lgss_cred *cred,
+ gss_buffer_desc *token,
+ gss_buffer_desc *ctx_token);
};
struct lgss_cred {
- int lc_uid;
- unsigned int lc_root_flags;
- uint64_t lc_self_nid;
- uint64_t lc_tgt_nid;
- uint32_t lc_tgt_svc;
-
- struct lgss_mech_type *lc_mech;
- void *lc_mech_cred;
+ int lc_uid;
+ unsigned int lc_root_flags;
+ uint64_t lc_self_nid;
+ uint64_t lc_tgt_nid;
+ uint32_t lc_tgt_svc;
+ char lc_svc_type;
+ char *lc_tgt_uuid;
+
+ struct lgss_mech_type *lc_mech;
+ void *lc_mech_cred;
+ gss_buffer_desc lc_mech_token;
};
struct lgss_mech_type *lgss_name2mech(const char *mech_name);
int lgss_prepare_cred(struct lgss_cred *cred);
void lgss_release_cred(struct lgss_cred *cred);
int lgss_using_cred(struct lgss_cred *cred);
+int lgss_validate_cred(struct lgss_cred *cred, gss_buffer_desc *token,
+ gss_buffer_desc *ctx_token);
int lgss_get_service_str(char **string, uint32_t lsvc, uint64_t tgt_nid);
-
-extern gss_OID_desc krb5oid;
-extern gss_OID_desc spkm3oid;
-
static inline
int gss_OID_equal(gss_OID_desc *oid1, gss_OID_desc *oid2)
{