/include/linux/sunrpc/gss_api.h
C Header | 141 lines | 93 code | 20 blank | 28 comment | 0 complexity | 696de15c614086b4b4439e8aee30b19c MD5 | raw file
Possible License(s): LGPL-2.0, AGPL-1.0, GPL-2.0
1/* 2 * linux/include/linux/sunrpc/gss_api.h 3 * 4 * Somewhat simplified version of the gss api. 5 * 6 * Dug Song <dugsong@monkey.org> 7 * Andy Adamson <andros@umich.edu> 8 * Bruce Fields <bfields@umich.edu> 9 * Copyright (c) 2000 The Regents of the University of Michigan 10 */ 11 12#ifndef _LINUX_SUNRPC_GSS_API_H 13#define _LINUX_SUNRPC_GSS_API_H 14 15#ifdef __KERNEL__ 16#include <linux/sunrpc/xdr.h> 17#include <linux/uio.h> 18 19/* The mechanism-independent gss-api context: */ 20struct gss_ctx { 21 struct gss_api_mech *mech_type; 22 void *internal_ctx_id; 23}; 24 25#define GSS_C_NO_BUFFER ((struct xdr_netobj) 0) 26#define GSS_C_NO_CONTEXT ((struct gss_ctx *) 0) 27#define GSS_C_NULL_OID ((struct xdr_netobj) 0) 28 29/*XXX arbitrary length - is this set somewhere? */ 30#define GSS_OID_MAX_LEN 32 31 32/* gss-api prototypes; note that these are somewhat simplified versions of 33 * the prototypes specified in RFC 2744. */ 34int gss_import_sec_context( 35 const void* input_token, 36 size_t bufsize, 37 struct gss_api_mech *mech, 38 struct gss_ctx **ctx_id, 39 gfp_t gfp_mask); 40u32 gss_get_mic( 41 struct gss_ctx *ctx_id, 42 struct xdr_buf *message, 43 struct xdr_netobj *mic_token); 44u32 gss_verify_mic( 45 struct gss_ctx *ctx_id, 46 struct xdr_buf *message, 47 struct xdr_netobj *mic_token); 48u32 gss_wrap( 49 struct gss_ctx *ctx_id, 50 int offset, 51 struct xdr_buf *outbuf, 52 struct page **inpages); 53u32 gss_unwrap( 54 struct gss_ctx *ctx_id, 55 int offset, 56 struct xdr_buf *inbuf); 57u32 gss_delete_sec_context( 58 struct gss_ctx **ctx_id); 59 60u32 gss_svc_to_pseudoflavor(struct gss_api_mech *, u32 service); 61u32 gss_pseudoflavor_to_service(struct gss_api_mech *, u32 pseudoflavor); 62char *gss_service_to_auth_domain_name(struct gss_api_mech *, u32 service); 63 64struct pf_desc { 65 u32 pseudoflavor; 66 u32 service; 67 char *name; 68 char *auth_domain_name; 69}; 70 71/* Different mechanisms (e.g., krb5 or spkm3) may implement gss-api, and 72 * mechanisms may be dynamically registered or unregistered by modules. */ 73 74/* Each mechanism is described by the following struct: */ 75struct gss_api_mech { 76 struct list_head gm_list; 77 struct module *gm_owner; 78 struct xdr_netobj gm_oid; 79 char *gm_name; 80 const struct gss_api_ops *gm_ops; 81 /* pseudoflavors supported by this mechanism: */ 82 int gm_pf_num; 83 struct pf_desc * gm_pfs; 84 /* Should the following be a callback operation instead? */ 85 const char *gm_upcall_enctypes; 86}; 87 88/* and must provide the following operations: */ 89struct gss_api_ops { 90 int (*gss_import_sec_context)( 91 const void *input_token, 92 size_t bufsize, 93 struct gss_ctx *ctx_id, 94 gfp_t gfp_mask); 95 u32 (*gss_get_mic)( 96 struct gss_ctx *ctx_id, 97 struct xdr_buf *message, 98 struct xdr_netobj *mic_token); 99 u32 (*gss_verify_mic)( 100 struct gss_ctx *ctx_id, 101 struct xdr_buf *message, 102 struct xdr_netobj *mic_token); 103 u32 (*gss_wrap)( 104 struct gss_ctx *ctx_id, 105 int offset, 106 struct xdr_buf *outbuf, 107 struct page **inpages); 108 u32 (*gss_unwrap)( 109 struct gss_ctx *ctx_id, 110 int offset, 111 struct xdr_buf *buf); 112 void (*gss_delete_sec_context)( 113 void *internal_ctx_id); 114}; 115 116int gss_mech_register(struct gss_api_mech *); 117void gss_mech_unregister(struct gss_api_mech *); 118 119/* returns a mechanism descriptor given an OID, and increments the mechanism's 120 * reference count. */ 121struct gss_api_mech * gss_mech_get_by_OID(struct xdr_netobj *); 122 123/* Returns a reference to a mechanism, given a name like "krb5" etc. */ 124struct gss_api_mech *gss_mech_get_by_name(const char *); 125 126/* Similar, but get by pseudoflavor. */ 127struct gss_api_mech *gss_mech_get_by_pseudoflavor(u32); 128 129/* Fill in an array with a list of supported pseudoflavors */ 130int gss_mech_list_pseudoflavors(u32 *); 131 132/* Just increments the mechanism's reference count and returns its input: */ 133struct gss_api_mech * gss_mech_get(struct gss_api_mech *); 134 135/* For every successful gss_mech_get or gss_mech_get_by_* call there must be a 136 * corresponding call to gss_mech_put. */ 137void gss_mech_put(struct gss_api_mech *); 138 139#endif /* __KERNEL__ */ 140#endif /* _LINUX_SUNRPC_GSS_API_H */ 141