net/ceph/auth_x.h

0001 /* SPDX-License-Identifier: GPL-2.0 */
0002 #ifndef _FS_CEPH_AUTH_X_H
0003 #define _FS_CEPH_AUTH_X_H
0004
0005 #include <linux/rbtree.h>
0006
0007 #include <linux/ceph/auth.h>
0008
0009 #include "crypto.h"
0010 #include "auth_x_protocol.h"
0011
0012 /*
0013  * Handle ticket for a single service.
0014  */
0015 struct ceph_x_ticket_handler {
0016     struct rb_node node;
0017     unsigned int service;
0018
0019     struct ceph_crypto_key session_key;
0020     bool have_key;
0021
0022     u64 secret_id;
0023     struct ceph_buffer *ticket_blob;
0024
0025     time64_t renew_after, expires;
0026 };
0027
0028 #define CEPHX_AU_ENC_BUF_LEN    128  /* big enough for encrypted blob */
0029
0030 struct ceph_x_authorizer {
0031     struct ceph_authorizer base;
0032     struct ceph_crypto_key session_key;
0033     struct ceph_buffer *buf;
0034     unsigned int service;
0035     u64 nonce;
0036     u64 secret_id;
0037     char enc_buf[CEPHX_AU_ENC_BUF_LEN] __aligned(8);
0038 };
0039
0040 struct ceph_x_info {
0041     struct ceph_crypto_key secret;
0042
0043     bool starting;
0044     u64 server_challenge;
0045
0046     unsigned int have_keys;
0047     struct rb_root ticket_handlers;
0048
0049     struct ceph_x_authorizer auth_authorizer;
0050 };
0051
0052 int ceph_x_init(struct ceph_auth_client *ac);
0053
0054 #endif