Commit | Line | Data |
---|---|---|
1da177e4 | 1 | /* |
f30c2269 | 2 | * linux/include/linux/sunrpc/auth_gss.h |
1da177e4 LT |
3 | * |
4 | * Declarations for RPCSEC_GSS | |
5 | * | |
6 | * Dug Song <dugsong@monkey.org> | |
7 | * Andy Adamson <andros@umich.edu> | |
8 | * Bruce Fields <bfields@umich.edu> | |
9 | * Copyright (c) 2000 The Regents of the University of Michigan | |
10 | * | |
11 | * $Id$ | |
12 | */ | |
13 | ||
14 | #ifndef _LINUX_SUNRPC_AUTH_GSS_H | |
15 | #define _LINUX_SUNRPC_AUTH_GSS_H | |
16 | ||
17 | #ifdef __KERNEL__ | |
18 | #include <linux/sunrpc/auth.h> | |
19 | #include <linux/sunrpc/svc.h> | |
20 | #include <linux/sunrpc/gss_api.h> | |
21 | ||
22 | #define RPC_GSS_VERSION 1 | |
23 | ||
24 | #define MAXSEQ 0x80000000 /* maximum legal sequence number, from rfc 2203 */ | |
25 | ||
26 | enum rpc_gss_proc { | |
27 | RPC_GSS_PROC_DATA = 0, | |
28 | RPC_GSS_PROC_INIT = 1, | |
29 | RPC_GSS_PROC_CONTINUE_INIT = 2, | |
30 | RPC_GSS_PROC_DESTROY = 3 | |
31 | }; | |
32 | ||
33 | enum rpc_gss_svc { | |
34 | RPC_GSS_SVC_NONE = 1, | |
35 | RPC_GSS_SVC_INTEGRITY = 2, | |
36 | RPC_GSS_SVC_PRIVACY = 3 | |
37 | }; | |
38 | ||
39 | /* on-the-wire gss cred: */ | |
40 | struct rpc_gss_wire_cred { | |
41 | u32 gc_v; /* version */ | |
42 | u32 gc_proc; /* control procedure */ | |
43 | u32 gc_seq; /* sequence number */ | |
44 | u32 gc_svc; /* service */ | |
45 | struct xdr_netobj gc_ctx; /* context handle */ | |
46 | }; | |
47 | ||
48 | /* on-the-wire gss verifier: */ | |
49 | struct rpc_gss_wire_verf { | |
50 | u32 gv_flavor; | |
51 | struct xdr_netobj gv_verf; | |
52 | }; | |
53 | ||
54 | /* return from gss NULL PROC init sec context */ | |
55 | struct rpc_gss_init_res { | |
56 | struct xdr_netobj gr_ctx; /* context handle */ | |
57 | u32 gr_major; /* major status */ | |
58 | u32 gr_minor; /* minor status */ | |
59 | u32 gr_win; /* sequence window */ | |
60 | struct xdr_netobj gr_token; /* token */ | |
61 | }; | |
62 | ||
63 | /* The gss_cl_ctx struct holds all the information the rpcsec_gss client | |
64 | * code needs to know about a single security context. In particular, | |
65 | * gc_gss_ctx is the context handle that is used to do gss-api calls, while | |
66 | * gc_wire_ctx is the context handle that is used to identify the context on | |
67 | * the wire when communicating with a server. */ | |
68 | ||
69 | struct gss_cl_ctx { | |
70 | atomic_t count; | |
71 | enum rpc_gss_proc gc_proc; | |
72 | u32 gc_seq; | |
73 | spinlock_t gc_seq_lock; | |
74 | struct gss_ctx *gc_gss_ctx; | |
75 | struct xdr_netobj gc_wire_ctx; | |
76 | u32 gc_win; | |
77 | unsigned long gc_expiry; | |
78 | }; | |
79 | ||
80 | struct gss_upcall_msg; | |
81 | struct gss_cred { | |
82 | struct rpc_cred gc_base; | |
83 | enum rpc_gss_svc gc_service; | |
84 | struct gss_cl_ctx *gc_ctx; | |
85 | struct gss_upcall_msg *gc_upcall; | |
86 | }; | |
87 | ||
1da177e4 LT |
88 | #endif /* __KERNEL__ */ |
89 | #endif /* _LINUX_SUNRPC_AUTH_GSS_H */ | |
90 |