1 /* 2 * linux/include/linux/sunrpc/gss_api.h 3 * 4 * Somewhat simplified version of the gss api. 5 * 6 * Dug Song <dugsong@monkey.org> 7 * Andy Adamson <andros@umich.edu> 8 * Bruce Fields <bfields@umich.edu> 9 * Copyright (c) 2000 The Regents of the University of Michigan 10 */ 11 12 #ifndef _LINUX_SUNRPC_GSS_API_H 13 #define _LINUX_SUNRPC_GSS_API_H 14 15 #ifdef __KERNEL__ 16 #include <linux/sunrpc/xdr.h> 17 #include <linux/uio.h> 18 19 /* The mechanism-independent gss-api context: */ 20 struct gss_ctx { 21 struct gss_api_mech *mech_type; 22 void *internal_ctx_id; 23 }; 24 25 #define GSS_C_NO_BUFFER ((struct xdr_netobj) 0) 26 #define GSS_C_NO_CONTEXT ((struct gss_ctx *) 0) 27 #define GSS_C_NULL_OID ((struct xdr_netobj) 0) 28 29 /*XXX arbitrary length - is this set somewhere? */ 30 #define GSS_OID_MAX_LEN 32 31 32 /* gss-api prototypes; note that these are somewhat simplified versions of 33 * the prototypes specified in RFC 2744. */ 34 int gss_import_sec_context( 35 const void* input_token, 36 size_t bufsize, 37 struct gss_api_mech *mech, 38 struct gss_ctx **ctx_id); 39 u32 gss_get_mic( 40 struct gss_ctx *ctx_id, 41 struct xdr_buf *message, 42 struct xdr_netobj *mic_token); 43 u32 gss_verify_mic( 44 struct gss_ctx *ctx_id, 45 struct xdr_buf *message, 46 struct xdr_netobj *mic_token); 47 u32 gss_wrap( 48 struct gss_ctx *ctx_id, 49 int offset, 50 struct xdr_buf *outbuf, 51 struct page **inpages); 52 u32 gss_unwrap( 53 struct gss_ctx *ctx_id, 54 int offset, 55 struct xdr_buf *inbuf); 56 u32 gss_delete_sec_context( 57 struct gss_ctx **ctx_id); 58 59 u32 gss_svc_to_pseudoflavor(struct gss_api_mech *, u32 service); 60 u32 gss_pseudoflavor_to_service(struct gss_api_mech *, u32 pseudoflavor); 61 char *gss_service_to_auth_domain_name(struct gss_api_mech *, u32 service); 62 63 struct pf_desc { 64 u32 pseudoflavor; 65 u32 service; 66 char *name; 67 char *auth_domain_name; 68 }; 69 70 /* Different mechanisms (e.g., krb5 or spkm3) may implement gss-api, and 71 * mechanisms may be dynamically registered or unregistered by modules. */ 72 73 /* Each mechanism is described by the following struct: */ 74 struct gss_api_mech { 75 struct list_head gm_list; 76 struct module *gm_owner; 77 struct xdr_netobj gm_oid; 78 char *gm_name; 79 const struct gss_api_ops *gm_ops; 80 /* pseudoflavors supported by this mechanism: */ 81 int gm_pf_num; 82 struct pf_desc * gm_pfs; 83 }; 84 85 /* and must provide the following operations: */ 86 struct gss_api_ops { 87 int (*gss_import_sec_context)( 88 const void *input_token, 89 size_t bufsize, 90 struct gss_ctx *ctx_id); 91 u32 (*gss_get_mic)( 92 struct gss_ctx *ctx_id, 93 struct xdr_buf *message, 94 struct xdr_netobj *mic_token); 95 u32 (*gss_verify_mic)( 96 struct gss_ctx *ctx_id, 97 struct xdr_buf *message, 98 struct xdr_netobj *mic_token); 99 u32 (*gss_wrap)( 100 struct gss_ctx *ctx_id, 101 int offset, 102 struct xdr_buf *outbuf, 103 struct page **inpages); 104 u32 (*gss_unwrap)( 105 struct gss_ctx *ctx_id, 106 int offset, 107 struct xdr_buf *buf); 108 void (*gss_delete_sec_context)( 109 void *internal_ctx_id); 110 }; 111 112 int gss_mech_register(struct gss_api_mech *); 113 void gss_mech_unregister(struct gss_api_mech *); 114 115 /* returns a mechanism descriptor given an OID, and increments the mechanism's 116 * reference count. */ 117 struct gss_api_mech * gss_mech_get_by_OID(struct xdr_netobj *); 118 119 /* Returns a reference to a mechanism, given a name like "krb5" etc. */ 120 struct gss_api_mech *gss_mech_get_by_name(const char *); 121 122 /* Similar, but get by pseudoflavor. */ 123 struct gss_api_mech *gss_mech_get_by_pseudoflavor(u32); 124 125 /* Just increments the mechanism's reference count and returns its input: */ 126 struct gss_api_mech * gss_mech_get(struct gss_api_mech *); 127 128 /* For every successful gss_mech_get or gss_mech_get_by_* call there must be a 129 * corresponding call to gss_mech_put. */ 130 void gss_mech_put(struct gss_api_mech *); 131 132 #endif /* __KERNEL__ */ 133 #endif /* _LINUX_SUNRPC_GSS_API_H */ 134 135