xref: /linux/net/ceph/auth_x.h (revision ab52c59103002b49f2455371e4b9c56ba3ef1781)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _FS_CEPH_AUTH_X_H
3 #define _FS_CEPH_AUTH_X_H
4 
5 #include <linux/rbtree.h>
6 
7 #include <linux/ceph/auth.h>
8 
9 #include "crypto.h"
10 #include "auth_x_protocol.h"
11 
12 /*
13  * Handle ticket for a single service.
14  */
15 struct ceph_x_ticket_handler {
16 	struct rb_node node;
17 	unsigned int service;
18 
19 	struct ceph_crypto_key session_key;
20 	bool have_key;
21 
22 	u64 secret_id;
23 	struct ceph_buffer *ticket_blob;
24 
25 	time64_t renew_after, expires;
26 };
27 
28 #define CEPHX_AU_ENC_BUF_LEN	128  /* big enough for encrypted blob */
29 
30 struct ceph_x_authorizer {
31 	struct ceph_authorizer base;
32 	struct ceph_crypto_key session_key;
33 	struct ceph_buffer *buf;
34 	unsigned int service;
35 	u64 nonce;
36 	u64 secret_id;
37 	char enc_buf[CEPHX_AU_ENC_BUF_LEN] __aligned(8);
38 };
39 
40 struct ceph_x_info {
41 	struct ceph_crypto_key secret;
42 
43 	bool starting;
44 	u64 server_challenge;
45 
46 	unsigned int have_keys;
47 	struct rb_root ticket_handlers;
48 
49 	struct ceph_x_authorizer auth_authorizer;
50 };
51 
52 int ceph_x_init(struct ceph_auth_client *ac);
53 
54 #endif
55