1#ifndef _FS_CEPH_AUTH_H
2#define _FS_CEPH_AUTH_H
3
4#include <linux/ceph/types.h>
5#include <linux/ceph/buffer.h>
6
7
8
9
10
11
12
13
14struct ceph_auth_client;
15struct ceph_msg;
16
17struct ceph_authorizer {
18 void (*destroy)(struct ceph_authorizer *);
19};
20
21struct ceph_auth_handshake {
22 struct ceph_authorizer *authorizer;
23 void *authorizer_buf;
24 size_t authorizer_buf_len;
25 void *authorizer_reply_buf;
26 size_t authorizer_reply_buf_len;
27 int (*sign_message)(struct ceph_auth_handshake *auth,
28 struct ceph_msg *msg);
29 int (*check_message_signature)(struct ceph_auth_handshake *auth,
30 struct ceph_msg *msg);
31};
32
33struct ceph_auth_client_ops {
34 const char *name;
35
36
37
38
39
40 int (*is_authenticated)(struct ceph_auth_client *ac);
41
42
43
44
45
46 int (*should_authenticate)(struct ceph_auth_client *ac);
47
48
49
50
51
52
53 int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end);
54 int (*handle_reply)(struct ceph_auth_client *ac, int result,
55 void *buf, void *end);
56
57
58
59
60
61 int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
62 struct ceph_auth_handshake *auth);
63
64 int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
65 struct ceph_auth_handshake *auth);
66 int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
67 struct ceph_authorizer *a);
68 void (*invalidate_authorizer)(struct ceph_auth_client *ac,
69 int peer_type);
70
71
72 void (*reset)(struct ceph_auth_client *ac);
73
74 void (*destroy)(struct ceph_auth_client *ac);
75
76 int (*sign_message)(struct ceph_auth_handshake *auth,
77 struct ceph_msg *msg);
78 int (*check_message_signature)(struct ceph_auth_handshake *auth,
79 struct ceph_msg *msg);
80};
81
82struct ceph_auth_client {
83 u32 protocol;
84 void *private;
85 const struct ceph_auth_client_ops *ops;
86
87 bool negotiating;
88 const char *name;
89 u64 global_id;
90 const struct ceph_crypto_key *key;
91 unsigned want_keys;
92
93 struct mutex mutex;
94};
95
96extern struct ceph_auth_client *ceph_auth_init(const char *name,
97 const struct ceph_crypto_key *key);
98extern void ceph_auth_destroy(struct ceph_auth_client *ac);
99
100extern void ceph_auth_reset(struct ceph_auth_client *ac);
101
102extern int ceph_auth_build_hello(struct ceph_auth_client *ac,
103 void *buf, size_t len);
104extern int ceph_handle_auth_reply(struct ceph_auth_client *ac,
105 void *buf, size_t len,
106 void *reply_buf, size_t reply_len);
107int ceph_auth_entity_name_encode(const char *name, void **p, void *end);
108
109extern int ceph_build_auth(struct ceph_auth_client *ac,
110 void *msg_buf, size_t msg_len);
111
112extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac);
113extern int ceph_auth_create_authorizer(struct ceph_auth_client *ac,
114 int peer_type,
115 struct ceph_auth_handshake *auth);
116void ceph_auth_destroy_authorizer(struct ceph_authorizer *a);
117extern int ceph_auth_update_authorizer(struct ceph_auth_client *ac,
118 int peer_type,
119 struct ceph_auth_handshake *a);
120extern int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac,
121 struct ceph_authorizer *a);
122extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac,
123 int peer_type);
124
125static inline int ceph_auth_sign_message(struct ceph_auth_handshake *auth,
126 struct ceph_msg *msg)
127{
128 if (auth->sign_message)
129 return auth->sign_message(auth, msg);
130 return 0;
131}
132
133static inline
134int ceph_auth_check_message_signature(struct ceph_auth_handshake *auth,
135 struct ceph_msg *msg)
136{
137 if (auth->check_message_signature)
138 return auth->check_message_signature(auth, msg);
139 return 0;
140}
141#endif
142