Greg Kroah-Hartman | b244131 | 2017-11-01 15:07:57 +0100 | [diff] [blame] | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
Sage Weil | ec0994e | 2010-02-02 16:25:35 -0800 | [diff] [blame] | 2 | #ifndef __FS_CEPH_AUTH_X_PROTOCOL |
| 3 | #define __FS_CEPH_AUTH_X_PROTOCOL |
| 4 | |
| 5 | #define CEPHX_GET_AUTH_SESSION_KEY 0x0100 |
| 6 | #define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200 |
| 7 | #define CEPHX_GET_ROTATING_KEY 0x0400 |
| 8 | |
| 9 | /* common bits */ |
| 10 | struct ceph_x_ticket_blob { |
| 11 | __u8 struct_v; |
| 12 | __le64 secret_id; |
| 13 | __le32 blob_len; |
| 14 | char blob[]; |
| 15 | } __attribute__ ((packed)); |
| 16 | |
| 17 | |
| 18 | /* common request/reply headers */ |
| 19 | struct ceph_x_request_header { |
| 20 | __le16 op; |
| 21 | } __attribute__ ((packed)); |
| 22 | |
| 23 | struct ceph_x_reply_header { |
| 24 | __le16 op; |
| 25 | __le32 result; |
| 26 | } __attribute__ ((packed)); |
| 27 | |
| 28 | |
| 29 | /* authenticate handshake */ |
| 30 | |
| 31 | /* initial hello (no reply header) */ |
| 32 | struct ceph_x_server_challenge { |
| 33 | __u8 struct_v; |
| 34 | __le64 server_challenge; |
| 35 | } __attribute__ ((packed)); |
| 36 | |
| 37 | struct ceph_x_authenticate { |
| 38 | __u8 struct_v; |
| 39 | __le64 client_challenge; |
| 40 | __le64 key; |
Ilya Dryomov | 285ea34 | 2020-10-26 16:47:20 +0100 | [diff] [blame] | 41 | /* old_ticket blob */ |
| 42 | /* nautilus+: other_keys */ |
Sage Weil | ec0994e | 2010-02-02 16:25:35 -0800 | [diff] [blame] | 43 | } __attribute__ ((packed)); |
| 44 | |
| 45 | struct ceph_x_service_ticket_request { |
| 46 | __u8 struct_v; |
| 47 | __le32 keys; |
| 48 | } __attribute__ ((packed)); |
| 49 | |
| 50 | struct ceph_x_challenge_blob { |
| 51 | __le64 server_challenge; |
| 52 | __le64 client_challenge; |
| 53 | } __attribute__ ((packed)); |
| 54 | |
| 55 | |
| 56 | |
| 57 | /* authorize handshake */ |
| 58 | |
| 59 | /* |
| 60 | * The authorizer consists of two pieces: |
| 61 | * a - service id, ticket blob |
| 62 | * b - encrypted with session key |
| 63 | */ |
| 64 | struct ceph_x_authorize_a { |
| 65 | __u8 struct_v; |
| 66 | __le64 global_id; |
| 67 | __le32 service_id; |
| 68 | struct ceph_x_ticket_blob ticket_blob; |
| 69 | } __attribute__ ((packed)); |
| 70 | |
| 71 | struct ceph_x_authorize_b { |
| 72 | __u8 struct_v; |
| 73 | __le64 nonce; |
Ilya Dryomov | 6daca13 | 2018-07-27 19:18:34 +0200 | [diff] [blame] | 74 | __u8 have_challenge; |
| 75 | __le64 server_challenge_plus_one; |
| 76 | } __attribute__ ((packed)); |
| 77 | |
| 78 | struct ceph_x_authorize_challenge { |
| 79 | __u8 struct_v; |
| 80 | __le64 server_challenge; |
Sage Weil | ec0994e | 2010-02-02 16:25:35 -0800 | [diff] [blame] | 81 | } __attribute__ ((packed)); |
| 82 | |
| 83 | struct ceph_x_authorize_reply { |
| 84 | __u8 struct_v; |
| 85 | __le64 nonce_plus_one; |
| 86 | } __attribute__ ((packed)); |
| 87 | |
| 88 | |
| 89 | /* |
| 90 | * encyption bundle |
| 91 | */ |
| 92 | #define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull |
| 93 | |
| 94 | struct ceph_x_encrypt_header { |
| 95 | __u8 struct_v; |
| 96 | __le64 magic; |
| 97 | } __attribute__ ((packed)); |
| 98 | |
| 99 | #endif |