Commit | Line | Data |
---|---|---|
1da177e4 | 1 | /* |
f30c2269 | 2 | * linux/include/linux/sunrpc/auth_gss.h |
1da177e4 LT |
3 | * |
4 | * Declarations for RPCSEC_GSS | |
5 | * | |
6 | * Dug Song <dugsong@monkey.org> | |
7 | * Andy Adamson <andros@umich.edu> | |
8 | * Bruce Fields <bfields@umich.edu> | |
9 | * Copyright (c) 2000 The Regents of the University of Michigan | |
1da177e4 LT |
10 | */ |
11 | ||
12 | #ifndef _LINUX_SUNRPC_AUTH_GSS_H | |
13 | #define _LINUX_SUNRPC_AUTH_GSS_H | |
14 | ||
15 | #ifdef __KERNEL__ | |
16 | #include <linux/sunrpc/auth.h> | |
17 | #include <linux/sunrpc/svc.h> | |
18 | #include <linux/sunrpc/gss_api.h> | |
19 | ||
20 | #define RPC_GSS_VERSION 1 | |
21 | ||
22 | #define MAXSEQ 0x80000000 /* maximum legal sequence number, from rfc 2203 */ | |
23 | ||
24 | enum rpc_gss_proc { | |
25 | RPC_GSS_PROC_DATA = 0, | |
26 | RPC_GSS_PROC_INIT = 1, | |
27 | RPC_GSS_PROC_CONTINUE_INIT = 2, | |
28 | RPC_GSS_PROC_DESTROY = 3 | |
29 | }; | |
30 | ||
31 | enum rpc_gss_svc { | |
32 | RPC_GSS_SVC_NONE = 1, | |
33 | RPC_GSS_SVC_INTEGRITY = 2, | |
34 | RPC_GSS_SVC_PRIVACY = 3 | |
35 | }; | |
36 | ||
37 | /* on-the-wire gss cred: */ | |
38 | struct rpc_gss_wire_cred { | |
39 | u32 gc_v; /* version */ | |
40 | u32 gc_proc; /* control procedure */ | |
41 | u32 gc_seq; /* sequence number */ | |
42 | u32 gc_svc; /* service */ | |
43 | struct xdr_netobj gc_ctx; /* context handle */ | |
44 | }; | |
45 | ||
46 | /* on-the-wire gss verifier: */ | |
47 | struct rpc_gss_wire_verf { | |
48 | u32 gv_flavor; | |
49 | struct xdr_netobj gv_verf; | |
50 | }; | |
51 | ||
52 | /* return from gss NULL PROC init sec context */ | |
53 | struct rpc_gss_init_res { | |
54 | struct xdr_netobj gr_ctx; /* context handle */ | |
55 | u32 gr_major; /* major status */ | |
56 | u32 gr_minor; /* minor status */ | |
57 | u32 gr_win; /* sequence window */ | |
58 | struct xdr_netobj gr_token; /* token */ | |
59 | }; | |
60 | ||
61 | /* The gss_cl_ctx struct holds all the information the rpcsec_gss client | |
62 | * code needs to know about a single security context. In particular, | |
63 | * gc_gss_ctx is the context handle that is used to do gss-api calls, while | |
64 | * gc_wire_ctx is the context handle that is used to identify the context on | |
65 | * the wire when communicating with a server. */ | |
66 | ||
67 | struct gss_cl_ctx { | |
68 | atomic_t count; | |
69 | enum rpc_gss_proc gc_proc; | |
70 | u32 gc_seq; | |
71 | spinlock_t gc_seq_lock; | |
a3b25571 | 72 | struct gss_ctx *gc_gss_ctx; |
1da177e4 | 73 | struct xdr_netobj gc_wire_ctx; |
2004c726 | 74 | struct xdr_netobj gc_acceptor; |
1da177e4 LT |
75 | u32 gc_win; |
76 | unsigned long gc_expiry; | |
5d28dc82 | 77 | struct rcu_head gc_rcu; |
1da177e4 LT |
78 | }; |
79 | ||
80 | struct gss_upcall_msg; | |
81 | struct gss_cred { | |
82 | struct rpc_cred gc_base; | |
83 | enum rpc_gss_svc gc_service; | |
5b22216e | 84 | struct gss_cl_ctx __rcu *gc_ctx; |
1da177e4 | 85 | struct gss_upcall_msg *gc_upcall; |
68c97153 | 86 | const char *gc_principal; |
126e216a | 87 | unsigned long gc_upcall_timestamp; |
1da177e4 LT |
88 | }; |
89 | ||
1da177e4 LT |
90 | #endif /* __KERNEL__ */ |
91 | #endif /* _LINUX_SUNRPC_AUTH_GSS_H */ | |
92 |