net/ceph/auth_x_protocol.h

   1 /* SPDX-License-Identifier: GPL-2.0 */
   2 #ifndef __FS_CEPH_AUTH_X_PROTOCOL
   3 #define __FS_CEPH_AUTH_X_PROTOCOL
   4
   5 #define CEPHX_GET_AUTH_SESSION_KEY      0x0100
   6 #define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200
   7 #define CEPHX_GET_ROTATING_KEY          0x0400
   8
   9 /* common bits */
  10 struct ceph_x_ticket_blob {
  11         __u8 struct_v;
  12         __le64 secret_id;
  13         __le32 blob_len;
  14         char blob[];
  15 } __attribute__ ((packed));
  16
  17
  18 /* common request/reply headers */
  19 struct ceph_x_request_header {
  20         __le16 op;
  21 } __attribute__ ((packed));
  22
  23 struct ceph_x_reply_header {
  24         __le16 op;
  25         __le32 result;
  26 } __attribute__ ((packed));
  27
  28
  29 /* authenticate handshake */
  30
  31 /* initial hello (no reply header) */
  32 struct ceph_x_server_challenge {
  33         __u8 struct_v;
  34         __le64 server_challenge;
  35 } __attribute__ ((packed));
  36
  37 struct ceph_x_authenticate {
  38         __u8 struct_v;
  39         __le64 client_challenge;
  40         __le64 key;
  41         /* ticket blob */
  42 } __attribute__ ((packed));
  43
  44 struct ceph_x_service_ticket_request {
  45         __u8 struct_v;
  46         __le32 keys;
  47 } __attribute__ ((packed));
  48
  49 struct ceph_x_challenge_blob {
  50         __le64 server_challenge;
  51         __le64 client_challenge;
  52 } __attribute__ ((packed));
  53
  54
  55
  56 /* authorize handshake */
  57
  58 /*
  59  * The authorizer consists of two pieces:
  60  *  a - service id, ticket blob
  61  *  b - encrypted with session key
  62  */
  63 struct ceph_x_authorize_a {
  64         __u8 struct_v;
  65         __le64 global_id;
  66         __le32 service_id;
  67         struct ceph_x_ticket_blob ticket_blob;
  68 } __attribute__ ((packed));
  69
  70 struct ceph_x_authorize_b {
  71         __u8 struct_v;
  72         __le64 nonce;
  73         __u8 have_challenge;
  74         __le64 server_challenge_plus_one;
  75 } __attribute__ ((packed));
  76
  77 struct ceph_x_authorize_challenge {
  78         __u8 struct_v;
  79         __le64 server_challenge;
  80 } __attribute__ ((packed));
  81
  82 struct ceph_x_authorize_reply {
  83         __u8 struct_v;
  84         __le64 nonce_plus_one;
  85 } __attribute__ ((packed));
  86
  87
  88 /*
  89  * encyption bundle
  90  */
  91 #define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull
  92
  93 struct ceph_x_encrypt_header {
  94         __u8 struct_v;
  95         __le64 magic;
  96 } __attribute__ ((packed));
  97
  98 #endif