1#ifndef __FS_CEPH_AUTH_X_PROTOCOL 2#define __FS_CEPH_AUTH_X_PROTOCOL 3 4#define CEPHX_GET_AUTH_SESSION_KEY 0x0100 5#define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200 6#define CEPHX_GET_ROTATING_KEY 0x0400 7 8/* common bits */ 9struct ceph_x_ticket_blob { 10 __u8 struct_v; 11 __le64 secret_id; 12 __le32 blob_len; 13 char blob[]; 14} __attribute__ ((packed)); 15 16 17/* common request/reply headers */ 18struct ceph_x_request_header { 19 __le16 op; 20} __attribute__ ((packed)); 21 22struct ceph_x_reply_header { 23 __le16 op; 24 __le32 result; 25} __attribute__ ((packed)); 26 27 28/* authenticate handshake */ 29 30/* initial hello (no reply header) */ 31struct ceph_x_server_challenge { 32 __u8 struct_v; 33 __le64 server_challenge; 34} __attribute__ ((packed)); 35 36struct ceph_x_authenticate { 37 __u8 struct_v; 38 __le64 client_challenge; 39 __le64 key; 40 /* ticket blob */ 41} __attribute__ ((packed)); 42 43struct ceph_x_service_ticket_request { 44 __u8 struct_v; 45 __le32 keys; 46} __attribute__ ((packed)); 47 48struct ceph_x_challenge_blob { 49 __le64 server_challenge; 50 __le64 client_challenge; 51} __attribute__ ((packed)); 52 53 54 55/* authorize handshake */ 56 57/* 58 * The authorizer consists of two pieces: 59 * a - service id, ticket blob 60 * b - encrypted with session key 61 */ 62struct ceph_x_authorize_a { 63 __u8 struct_v; 64 __le64 global_id; 65 __le32 service_id; 66 struct ceph_x_ticket_blob ticket_blob; 67} __attribute__ ((packed)); 68 69struct ceph_x_authorize_b { 70 __u8 struct_v; 71 __le64 nonce; 72} __attribute__ ((packed)); 73 74struct ceph_x_authorize_reply { 75 __u8 struct_v; 76 __le64 nonce_plus_one; 77} __attribute__ ((packed)); 78 79 80/* 81 * encyption bundle 82 */ 83#define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull 84 85struct ceph_x_encrypt_header { 86 __u8 struct_v; 87 __le64 magic; 88} __attribute__ ((packed)); 89 90#endif 91