1/* 2 * Modifications for Lustre 3 * 4 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 5 * 6 * Author: Eric Mei <ericm@clusterfs.com> 7 */ 8 9/* 10 * Adapted from MIT Kerberos 5-1.2.1 include/gssapi/gssapi.h 11 * 12 * Copyright (c) 2002 The Regents of the University of Michigan. 13 * All rights reserved. 14 * 15 * Andy Adamson <andros@umich.edu> 16 */ 17 18/* 19 * Copyright 1993 by OpenVision Technologies, Inc. 20 * 21 * Permission to use, copy, modify, distribute, and sell this software 22 * and its documentation for any purpose is hereby granted without fee, 23 * provided that the above copyright notice appears in all copies and 24 * that both that copyright notice and this permission notice appear in 25 * supporting documentation, and that the name of OpenVision not be used 26 * in advertising or publicity pertaining to distribution of the software 27 * without specific, written prior permission. OpenVision makes no 28 * representations about the suitability of this software for any 29 * purpose. It is provided "as is" without express or implied warranty. 30 * 31 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 32 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 33 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 34 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 35 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 36 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 37 * PERFORMANCE OF THIS SOFTWARE. 38 */ 39 40#ifndef __PTLRPC_GSS_GSS_ERR_H_ 41#define __PTLRPC_GSS_GSS_ERR_H_ 42 43typedef unsigned int OM_uint32; 44 45/* 46 * Flag bits for context-level services. 47 */ 48#define GSS_C_DELEG_FLAG (1) 49#define GSS_C_MUTUAL_FLAG (2) 50#define GSS_C_REPLAY_FLAG (4) 51#define GSS_C_SEQUENCE_FLAG (8) 52#define GSS_C_CONF_FLAG (16) 53#define GSS_C_INTEG_FLAG (32) 54#define GSS_C_ANON_FLAG (64) 55#define GSS_C_PROT_READY_FLAG (128) 56#define GSS_C_TRANS_FLAG (256) 57 58/* 59 * Credential usage options 60 */ 61#define GSS_C_BOTH (0) 62#define GSS_C_INITIATE (1) 63#define GSS_C_ACCEPT (2) 64 65/* 66 * Status code types for gss_display_status 67 */ 68#define GSS_C_GSS_CODE (1) 69#define GSS_C_MECH_CODE (2) 70 71 72/* 73 * Define the default Quality of Protection for per-message services. Note 74 * that an implementation that offers multiple levels of QOP may either reserve 75 * a value (for example zero, as assumed here) to mean "default protection", or 76 * alternatively may simply equate GSS_C_QOP_DEFAULT to a specific explicit 77 * QOP value. However a value of 0 should always be interpreted by a GSSAPI 78 * implementation as a request for the default protection level. 79 */ 80#define GSS_C_QOP_DEFAULT (0) 81 82/* 83 * Expiration time of 2^32-1 seconds means infinite lifetime for a 84 * credential or security context 85 */ 86#define GSS_C_INDEFINITE ((OM_uint32) 0xfffffffful) 87 88 89/* Major status codes */ 90 91#define GSS_S_COMPLETE (0) 92 93/* 94 * Some "helper" definitions to make the status code macros obvious. 95 */ 96#define GSS_C_CALLING_ERROR_OFFSET (24) 97#define GSS_C_ROUTINE_ERROR_OFFSET (16) 98#define GSS_C_SUPPLEMENTARY_OFFSET (0) 99#define GSS_C_CALLING_ERROR_MASK ((OM_uint32) 0377ul) 100#define GSS_C_ROUTINE_ERROR_MASK ((OM_uint32) 0377ul) 101#define GSS_C_SUPPLEMENTARY_MASK ((OM_uint32) 0177777ul) 102 103/* 104 * The macros that test status codes for error conditions. Note that the 105 * GSS_ERROR() macro has changed slightly from the V1 GSSAPI so that it now 106 * evaluates its argument only once. 107 */ 108#define GSS_CALLING_ERROR(x) \ 109 ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) 110#define GSS_ROUTINE_ERROR(x) \ 111 ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) 112#define GSS_SUPPLEMENTARY_INFO(x) \ 113 ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) 114#define GSS_ERROR(x) \ 115 ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ 116 (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) 117 118/* 119 * Now the actual status code definitions 120 */ 121 122/* 123 * Calling errors: 124 */ 125#define GSS_S_CALL_INACCESSIBLE_READ \ 126 (((OM_uint32) 1ul) << GSS_C_CALLING_ERROR_OFFSET) 127#define GSS_S_CALL_INACCESSIBLE_WRITE \ 128 (((OM_uint32) 2ul) << GSS_C_CALLING_ERROR_OFFSET) 129#define GSS_S_CALL_BAD_STRUCTURE \ 130 (((OM_uint32) 3ul) << GSS_C_CALLING_ERROR_OFFSET) 131 132/* 133 * Routine errors: 134 */ 135#define GSS_S_BAD_MECH \ 136 (((OM_uint32) 1ul) << GSS_C_ROUTINE_ERROR_OFFSET) 137#define GSS_S_BAD_NAME \ 138 (((OM_uint32) 2ul) << GSS_C_ROUTINE_ERROR_OFFSET) 139#define GSS_S_BAD_NAMETYPE \ 140 (((OM_uint32) 3ul) << GSS_C_ROUTINE_ERROR_OFFSET) 141#define GSS_S_BAD_BINDINGS \ 142 (((OM_uint32) 4ul) << GSS_C_ROUTINE_ERROR_OFFSET) 143#define GSS_S_BAD_STATUS \ 144 (((OM_uint32) 5ul) << GSS_C_ROUTINE_ERROR_OFFSET) 145#define GSS_S_BAD_SIG \ 146 (((OM_uint32) 6ul) << GSS_C_ROUTINE_ERROR_OFFSET) 147#define GSS_S_NO_CRED \ 148 (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET) 149#define GSS_S_NO_CONTEXT \ 150 (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET) 151#define GSS_S_DEFECTIVE_TOKEN \ 152 (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET) 153#define GSS_S_DEFECTIVE_CREDENTIAL \ 154 (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET) 155#define GSS_S_CREDENTIALS_EXPIRED \ 156 (((OM_uint32) 11ul) << GSS_C_ROUTINE_ERROR_OFFSET) 157#define GSS_S_CONTEXT_EXPIRED \ 158 (((OM_uint32) 12ul) << GSS_C_ROUTINE_ERROR_OFFSET) 159#define GSS_S_FAILURE \ 160 (((OM_uint32) 13ul) << GSS_C_ROUTINE_ERROR_OFFSET) 161#define GSS_S_BAD_QOP \ 162 (((OM_uint32) 14ul) << GSS_C_ROUTINE_ERROR_OFFSET) 163#define GSS_S_UNAUTHORIZED \ 164 (((OM_uint32) 15ul) << GSS_C_ROUTINE_ERROR_OFFSET) 165#define GSS_S_UNAVAILABLE \ 166 (((OM_uint32) 16ul) << GSS_C_ROUTINE_ERROR_OFFSET) 167#define GSS_S_DUPLICATE_ELEMENT \ 168 (((OM_uint32) 17ul) << GSS_C_ROUTINE_ERROR_OFFSET) 169#define GSS_S_NAME_NOT_MN \ 170 (((OM_uint32) 18ul) << GSS_C_ROUTINE_ERROR_OFFSET) 171 172/* 173 * Supplementary info bits: 174 */ 175#define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) 176#define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) 177#define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) 178#define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) 179#define GSS_S_GAP_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) 180 181/* XXXX these are not part of the GSSAPI C bindings! (but should be) */ 182 183#define GSS_CALLING_ERROR_FIELD(x) \ 184 (((x) >> GSS_C_CALLING_ERROR_OFFSET) & GSS_C_CALLING_ERROR_MASK) 185#define GSS_ROUTINE_ERROR_FIELD(x) \ 186 (((x) >> GSS_C_ROUTINE_ERROR_OFFSET) & GSS_C_ROUTINE_ERROR_MASK) 187#define GSS_SUPPLEMENTARY_INFO_FIELD(x) \ 188 (((x) >> GSS_C_SUPPLEMENTARY_OFFSET) & GSS_C_SUPPLEMENTARY_MASK) 189 190/* XXXX This is a necessary evil until the spec is fixed */ 191#define GSS_S_CRED_UNAVAIL GSS_S_FAILURE 192 193#endif /* __PTLRPC_GSS_GSS_ERR_H_ */ 194