auth_x_protocol.h 1.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
  1. /* SPDX-License-Identifier: GPL-2.0 */
  2. #ifndef __FS_CEPH_AUTH_X_PROTOCOL
  3. #define __FS_CEPH_AUTH_X_PROTOCOL
  4. #define CEPHX_GET_AUTH_SESSION_KEY 0x0100
  5. #define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200
  6. #define CEPHX_GET_ROTATING_KEY 0x0400
  7. /* common bits */
  8. struct ceph_x_ticket_blob {
  9. __u8 struct_v;
  10. __le64 secret_id;
  11. __le32 blob_len;
  12. char blob[];
  13. } __attribute__ ((packed));
  14. /* common request/reply headers */
  15. struct ceph_x_request_header {
  16. __le16 op;
  17. } __attribute__ ((packed));
  18. struct ceph_x_reply_header {
  19. __le16 op;
  20. __le32 result;
  21. } __attribute__ ((packed));
  22. /* authenticate handshake */
  23. /* initial hello (no reply header) */
  24. struct ceph_x_server_challenge {
  25. __u8 struct_v;
  26. __le64 server_challenge;
  27. } __attribute__ ((packed));
  28. struct ceph_x_authenticate {
  29. __u8 struct_v;
  30. __le64 client_challenge;
  31. __le64 key;
  32. /* ticket blob */
  33. } __attribute__ ((packed));
  34. struct ceph_x_service_ticket_request {
  35. __u8 struct_v;
  36. __le32 keys;
  37. } __attribute__ ((packed));
  38. struct ceph_x_challenge_blob {
  39. __le64 server_challenge;
  40. __le64 client_challenge;
  41. } __attribute__ ((packed));
  42. /* authorize handshake */
  43. /*
  44. * The authorizer consists of two pieces:
  45. * a - service id, ticket blob
  46. * b - encrypted with session key
  47. */
  48. struct ceph_x_authorize_a {
  49. __u8 struct_v;
  50. __le64 global_id;
  51. __le32 service_id;
  52. struct ceph_x_ticket_blob ticket_blob;
  53. } __attribute__ ((packed));
  54. struct ceph_x_authorize_b {
  55. __u8 struct_v;
  56. __le64 nonce;
  57. __u8 have_challenge;
  58. __le64 server_challenge_plus_one;
  59. } __attribute__ ((packed));
  60. struct ceph_x_authorize_challenge {
  61. __u8 struct_v;
  62. __le64 server_challenge;
  63. } __attribute__ ((packed));
  64. struct ceph_x_authorize_reply {
  65. __u8 struct_v;
  66. __le64 nonce_plus_one;
  67. } __attribute__ ((packed));
  68. /*
  69. * encyption bundle
  70. */
  71. #define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull
  72. struct ceph_x_encrypt_header {
  73. __u8 struct_v;
  74. __le64 magic;
  75. } __attribute__ ((packed));
  76. #endif