diff options
Diffstat (limited to 'include/linux/sunrpc/gss_api.h')
| -rw-r--r-- | include/linux/sunrpc/gss_api.h | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/include/linux/sunrpc/gss_api.h b/include/linux/sunrpc/gss_api.h index a19e2547ae6a..161463e59624 100644 --- a/include/linux/sunrpc/gss_api.h +++ b/include/linux/sunrpc/gss_api.h | |||
| @@ -25,10 +25,21 @@ struct gss_ctx { | |||
| 25 | 25 | ||
| 26 | #define GSS_C_NO_BUFFER ((struct xdr_netobj) 0) | 26 | #define GSS_C_NO_BUFFER ((struct xdr_netobj) 0) |
| 27 | #define GSS_C_NO_CONTEXT ((struct gss_ctx *) 0) | 27 | #define GSS_C_NO_CONTEXT ((struct gss_ctx *) 0) |
| 28 | #define GSS_C_NULL_OID ((struct xdr_netobj) 0) | 28 | #define GSS_C_QOP_DEFAULT (0) |
| 29 | 29 | ||
| 30 | /*XXX arbitrary length - is this set somewhere? */ | 30 | /*XXX arbitrary length - is this set somewhere? */ |
| 31 | #define GSS_OID_MAX_LEN 32 | 31 | #define GSS_OID_MAX_LEN 32 |
| 32 | struct rpcsec_gss_oid { | ||
| 33 | unsigned int len; | ||
| 34 | u8 data[GSS_OID_MAX_LEN]; | ||
| 35 | }; | ||
| 36 | |||
| 37 | /* From RFC 3530 */ | ||
| 38 | struct rpcsec_gss_info { | ||
| 39 | struct rpcsec_gss_oid oid; | ||
| 40 | u32 qop; | ||
| 41 | u32 service; | ||
| 42 | }; | ||
| 32 | 43 | ||
| 33 | /* gss-api prototypes; note that these are somewhat simplified versions of | 44 | /* gss-api prototypes; note that these are somewhat simplified versions of |
| 34 | * the prototypes specified in RFC 2744. */ | 45 | * the prototypes specified in RFC 2744. */ |
| @@ -37,6 +48,7 @@ int gss_import_sec_context( | |||
| 37 | size_t bufsize, | 48 | size_t bufsize, |
| 38 | struct gss_api_mech *mech, | 49 | struct gss_api_mech *mech, |
| 39 | struct gss_ctx **ctx_id, | 50 | struct gss_ctx **ctx_id, |
| 51 | time_t *endtime, | ||
| 40 | gfp_t gfp_mask); | 52 | gfp_t gfp_mask); |
| 41 | u32 gss_get_mic( | 53 | u32 gss_get_mic( |
| 42 | struct gss_ctx *ctx_id, | 54 | struct gss_ctx *ctx_id, |
| @@ -58,12 +70,14 @@ u32 gss_unwrap( | |||
| 58 | u32 gss_delete_sec_context( | 70 | u32 gss_delete_sec_context( |
| 59 | struct gss_ctx **ctx_id); | 71 | struct gss_ctx **ctx_id); |
| 60 | 72 | ||
| 61 | u32 gss_svc_to_pseudoflavor(struct gss_api_mech *, u32 service); | 73 | rpc_authflavor_t gss_svc_to_pseudoflavor(struct gss_api_mech *, u32 qop, |
| 74 | u32 service); | ||
| 62 | u32 gss_pseudoflavor_to_service(struct gss_api_mech *, u32 pseudoflavor); | 75 | u32 gss_pseudoflavor_to_service(struct gss_api_mech *, u32 pseudoflavor); |
| 63 | char *gss_service_to_auth_domain_name(struct gss_api_mech *, u32 service); | 76 | char *gss_service_to_auth_domain_name(struct gss_api_mech *, u32 service); |
| 64 | 77 | ||
| 65 | struct pf_desc { | 78 | struct pf_desc { |
| 66 | u32 pseudoflavor; | 79 | u32 pseudoflavor; |
| 80 | u32 qop; | ||
| 67 | u32 service; | 81 | u32 service; |
| 68 | char *name; | 82 | char *name; |
| 69 | char *auth_domain_name; | 83 | char *auth_domain_name; |
| @@ -76,7 +90,7 @@ struct pf_desc { | |||
| 76 | struct gss_api_mech { | 90 | struct gss_api_mech { |
| 77 | struct list_head gm_list; | 91 | struct list_head gm_list; |
| 78 | struct module *gm_owner; | 92 | struct module *gm_owner; |
| 79 | struct xdr_netobj gm_oid; | 93 | struct rpcsec_gss_oid gm_oid; |
| 80 | char *gm_name; | 94 | char *gm_name; |
| 81 | const struct gss_api_ops *gm_ops; | 95 | const struct gss_api_ops *gm_ops; |
| 82 | /* pseudoflavors supported by this mechanism: */ | 96 | /* pseudoflavors supported by this mechanism: */ |
| @@ -92,6 +106,7 @@ struct gss_api_ops { | |||
| 92 | const void *input_token, | 106 | const void *input_token, |
| 93 | size_t bufsize, | 107 | size_t bufsize, |
| 94 | struct gss_ctx *ctx_id, | 108 | struct gss_ctx *ctx_id, |
| 109 | time_t *endtime, | ||
| 95 | gfp_t gfp_mask); | 110 | gfp_t gfp_mask); |
| 96 | u32 (*gss_get_mic)( | 111 | u32 (*gss_get_mic)( |
| 97 | struct gss_ctx *ctx_id, | 112 | struct gss_ctx *ctx_id, |
| @@ -119,7 +134,13 @@ void gss_mech_unregister(struct gss_api_mech *); | |||
| 119 | 134 | ||
| 120 | /* returns a mechanism descriptor given an OID, and increments the mechanism's | 135 | /* returns a mechanism descriptor given an OID, and increments the mechanism's |
| 121 | * reference count. */ | 136 | * reference count. */ |
| 122 | struct gss_api_mech * gss_mech_get_by_OID(struct xdr_netobj *); | 137 | struct gss_api_mech * gss_mech_get_by_OID(struct rpcsec_gss_oid *); |
| 138 | |||
| 139 | /* Given a GSS security tuple, look up a pseudoflavor */ | ||
| 140 | rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *); | ||
| 141 | |||
| 142 | /* Given a pseudoflavor, look up a GSS security tuple */ | ||
| 143 | int gss_mech_flavor2info(rpc_authflavor_t, struct rpcsec_gss_info *); | ||
| 123 | 144 | ||
| 124 | /* Returns a reference to a mechanism, given a name like "krb5" etc. */ | 145 | /* Returns a reference to a mechanism, given a name like "krb5" etc. */ |
| 125 | struct gss_api_mech *gss_mech_get_by_name(const char *); | 146 | struct gss_api_mech *gss_mech_get_by_name(const char *); |
| @@ -130,9 +151,6 @@ struct gss_api_mech *gss_mech_get_by_pseudoflavor(u32); | |||
| 130 | /* Fill in an array with a list of supported pseudoflavors */ | 151 | /* Fill in an array with a list of supported pseudoflavors */ |
| 131 | int gss_mech_list_pseudoflavors(rpc_authflavor_t *, int); | 152 | int gss_mech_list_pseudoflavors(rpc_authflavor_t *, int); |
| 132 | 153 | ||
| 133 | /* Just increments the mechanism's reference count and returns its input: */ | ||
| 134 | struct gss_api_mech * gss_mech_get(struct gss_api_mech *); | ||
| 135 | |||
| 136 | /* For every successful gss_mech_get or gss_mech_get_by_* call there must be a | 154 | /* For every successful gss_mech_get or gss_mech_get_by_* call there must be a |
| 137 | * corresponding call to gss_mech_put. */ | 155 | * corresponding call to gss_mech_put. */ |
| 138 | void gss_mech_put(struct gss_api_mech *); | 156 | void gss_mech_put(struct gss_api_mech *); |