diff options
Diffstat (limited to 'include/linux/sunrpc/gss_api.h')
-rw-r--r-- | include/linux/sunrpc/gss_api.h | 122 |
1 files changed, 122 insertions, 0 deletions
diff --git a/include/linux/sunrpc/gss_api.h b/include/linux/sunrpc/gss_api.h new file mode 100644 index 000000000000..689262f63059 --- /dev/null +++ b/include/linux/sunrpc/gss_api.h | |||
@@ -0,0 +1,122 @@ | |||
1 | /* | ||
2 | * linux/include/linux/gss_api.h | ||
3 | * | ||
4 | * Somewhat simplified version of the gss api. | ||
5 | * | ||
6 | * Dug Song <dugsong@monkey.org> | ||
7 | * Andy Adamson <andros@umich.edu> | ||
8 | * Bruce Fields <bfields@umich.edu> | ||
9 | * Copyright (c) 2000 The Regents of the University of Michigan | ||
10 | * | ||
11 | * $Id$ | ||
12 | */ | ||
13 | |||
14 | #ifndef _LINUX_SUNRPC_GSS_API_H | ||
15 | #define _LINUX_SUNRPC_GSS_API_H | ||
16 | |||
17 | #ifdef __KERNEL__ | ||
18 | #include <linux/sunrpc/xdr.h> | ||
19 | #include <linux/uio.h> | ||
20 | |||
21 | /* The mechanism-independent gss-api context: */ | ||
22 | struct gss_ctx { | ||
23 | struct gss_api_mech *mech_type; | ||
24 | void *internal_ctx_id; | ||
25 | }; | ||
26 | |||
27 | #define GSS_C_NO_BUFFER ((struct xdr_netobj) 0) | ||
28 | #define GSS_C_NO_CONTEXT ((struct gss_ctx *) 0) | ||
29 | #define GSS_C_NULL_OID ((struct xdr_netobj) 0) | ||
30 | |||
31 | /*XXX arbitrary length - is this set somewhere? */ | ||
32 | #define GSS_OID_MAX_LEN 32 | ||
33 | |||
34 | /* gss-api prototypes; note that these are somewhat simplified versions of | ||
35 | * the prototypes specified in RFC 2744. */ | ||
36 | int gss_import_sec_context( | ||
37 | const void* input_token, | ||
38 | size_t bufsize, | ||
39 | struct gss_api_mech *mech, | ||
40 | struct gss_ctx **ctx_id); | ||
41 | u32 gss_get_mic( | ||
42 | struct gss_ctx *ctx_id, | ||
43 | u32 qop, | ||
44 | struct xdr_buf *message, | ||
45 | struct xdr_netobj *mic_token); | ||
46 | u32 gss_verify_mic( | ||
47 | struct gss_ctx *ctx_id, | ||
48 | struct xdr_buf *message, | ||
49 | struct xdr_netobj *mic_token, | ||
50 | u32 *qstate); | ||
51 | u32 gss_delete_sec_context( | ||
52 | struct gss_ctx **ctx_id); | ||
53 | |||
54 | u32 gss_pseudoflavor_to_service(struct gss_api_mech *, u32 pseudoflavor); | ||
55 | char *gss_service_to_auth_domain_name(struct gss_api_mech *, u32 service); | ||
56 | |||
57 | struct pf_desc { | ||
58 | u32 pseudoflavor; | ||
59 | u32 qop; | ||
60 | u32 service; | ||
61 | char *name; | ||
62 | char *auth_domain_name; | ||
63 | }; | ||
64 | |||
65 | /* Different mechanisms (e.g., krb5 or spkm3) may implement gss-api, and | ||
66 | * mechanisms may be dynamically registered or unregistered by modules. */ | ||
67 | |||
68 | /* Each mechanism is described by the following struct: */ | ||
69 | struct gss_api_mech { | ||
70 | struct list_head gm_list; | ||
71 | struct module *gm_owner; | ||
72 | struct xdr_netobj gm_oid; | ||
73 | char *gm_name; | ||
74 | struct gss_api_ops *gm_ops; | ||
75 | /* pseudoflavors supported by this mechanism: */ | ||
76 | int gm_pf_num; | ||
77 | struct pf_desc * gm_pfs; | ||
78 | }; | ||
79 | |||
80 | /* and must provide the following operations: */ | ||
81 | struct gss_api_ops { | ||
82 | int (*gss_import_sec_context)( | ||
83 | const void *input_token, | ||
84 | size_t bufsize, | ||
85 | struct gss_ctx *ctx_id); | ||
86 | u32 (*gss_get_mic)( | ||
87 | struct gss_ctx *ctx_id, | ||
88 | u32 qop, | ||
89 | struct xdr_buf *message, | ||
90 | struct xdr_netobj *mic_token); | ||
91 | u32 (*gss_verify_mic)( | ||
92 | struct gss_ctx *ctx_id, | ||
93 | struct xdr_buf *message, | ||
94 | struct xdr_netobj *mic_token, | ||
95 | u32 *qstate); | ||
96 | void (*gss_delete_sec_context)( | ||
97 | void *internal_ctx_id); | ||
98 | }; | ||
99 | |||
100 | int gss_mech_register(struct gss_api_mech *); | ||
101 | void gss_mech_unregister(struct gss_api_mech *); | ||
102 | |||
103 | /* returns a mechanism descriptor given an OID, and increments the mechanism's | ||
104 | * reference count. */ | ||
105 | struct gss_api_mech * gss_mech_get_by_OID(struct xdr_netobj *); | ||
106 | |||
107 | /* Returns a reference to a mechanism, given a name like "krb5" etc. */ | ||
108 | struct gss_api_mech *gss_mech_get_by_name(const char *); | ||
109 | |||
110 | /* Similar, but get by pseudoflavor. */ | ||
111 | struct gss_api_mech *gss_mech_get_by_pseudoflavor(u32); | ||
112 | |||
113 | /* Just increments the mechanism's reference count and returns its input: */ | ||
114 | struct gss_api_mech * gss_mech_get(struct gss_api_mech *); | ||
115 | |||
116 | /* For every succesful gss_mech_get or gss_mech_get_by_* call there must be a | ||
117 | * corresponding call to gss_mech_put. */ | ||
118 | void gss_mech_put(struct gss_api_mech *); | ||
119 | |||
120 | #endif /* __KERNEL__ */ | ||
121 | #endif /* _LINUX_SUNRPC_GSS_API_H */ | ||
122 | |||