1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | #ifndef __FS_CEPH_AUTH_X_PROTOCOL |
3 | #define __FS_CEPH_AUTH_X_PROTOCOL |
4 | |
5 | #define CEPHX_GET_AUTH_SESSION_KEY 0x0100 |
6 | #define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200 |
7 | #define CEPHX_GET_ROTATING_KEY 0x0400 |
8 | |
9 | /* common bits */ |
10 | struct ceph_x_ticket_blob { |
11 | __u8 struct_v; |
12 | __le64 secret_id; |
13 | __le32 blob_len; |
14 | char blob[]; |
15 | } __attribute__ ((packed)); |
16 | |
17 | |
18 | /* common request/reply headers */ |
19 | struct { |
20 | __le16 ; |
21 | } __attribute__ ((packed)); |
22 | |
23 | struct { |
24 | __le16 ; |
25 | __le32 ; |
26 | } __attribute__ ((packed)); |
27 | |
28 | |
29 | /* authenticate handshake */ |
30 | |
31 | /* initial hello (no reply header) */ |
32 | struct ceph_x_server_challenge { |
33 | __u8 struct_v; |
34 | __le64 server_challenge; |
35 | } __attribute__ ((packed)); |
36 | |
37 | struct ceph_x_authenticate { |
38 | __u8 struct_v; |
39 | __le64 client_challenge; |
40 | __le64 key; |
41 | /* old_ticket blob */ |
42 | /* nautilus+: other_keys */ |
43 | } __attribute__ ((packed)); |
44 | |
45 | struct ceph_x_service_ticket_request { |
46 | __u8 struct_v; |
47 | __le32 keys; |
48 | } __attribute__ ((packed)); |
49 | |
50 | struct ceph_x_challenge_blob { |
51 | __le64 server_challenge; |
52 | __le64 client_challenge; |
53 | } __attribute__ ((packed)); |
54 | |
55 | |
56 | |
57 | /* authorize handshake */ |
58 | |
59 | /* |
60 | * The authorizer consists of two pieces: |
61 | * a - service id, ticket blob |
62 | * b - encrypted with session key |
63 | */ |
64 | struct ceph_x_authorize_a { |
65 | __u8 struct_v; |
66 | __le64 global_id; |
67 | __le32 service_id; |
68 | struct ceph_x_ticket_blob ticket_blob; |
69 | } __attribute__ ((packed)); |
70 | |
71 | struct ceph_x_authorize_b { |
72 | __u8 struct_v; |
73 | __le64 nonce; |
74 | __u8 have_challenge; |
75 | __le64 server_challenge_plus_one; |
76 | } __attribute__ ((packed)); |
77 | |
78 | struct ceph_x_authorize_challenge { |
79 | __u8 struct_v; |
80 | __le64 server_challenge; |
81 | } __attribute__ ((packed)); |
82 | |
83 | struct ceph_x_authorize_reply { |
84 | __u8 struct_v; |
85 | __le64 nonce_plus_one; |
86 | } __attribute__ ((packed)); |
87 | |
88 | |
89 | /* |
90 | * encryption bundle |
91 | */ |
92 | #define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull |
93 | |
94 | struct { |
95 | __u8 ; |
96 | __le64 ; |
97 | } __attribute__ ((packed)); |
98 | |
99 | #endif |
100 | |