git://bbs.cooldavid.org / net-next-2.6.git / blame
| Commit | Line | Data |
|---|---|---|
| 4e7a5dcd SW |
1 | #ifndef _FS_CEPH_AUTH_H |
| 2 | #define _FS_CEPH_AUTH_H | |
| 3 | ||
| 4 | #include "types.h" | |
| 5 | #include "buffer.h" | |
| 6 | ||
| 7 | /* | |
| 8 | * Abstract interface for communicating with the authenticate module. | |
| 9 | * There is some handshake that takes place between us and the monitor | |
| 10 | * to acquire the necessary keys. These are used to generate an | |
| 11 | * 'authorizer' that we use when connecting to a service (mds, osd). | |
| 12 | */ | |
| 13 | ||
| 14 | struct ceph_auth_client; | |
| 15 | struct ceph_authorizer; | |
| 16 | ||
| 17 | struct ceph_auth_client_ops { | |
| 559c1e00 SW |
18 | const char *name; |
| 19 | ||
| 4e7a5dcd SW |
20 | /* |
| 21 | * true if we are authenticated and can connect to | |
| 22 | * services. | |
| 23 | */ | |
| 24 | int (*is_authenticated)(struct ceph_auth_client *ac); | |
| 25 | ||
| a41359fa SW |
26 | /* |
| 27 | * true if we should (re)authenticate, e.g., when our tickets | |
| 28 | * are getting old and crusty. | |
| 29 | */ | |
| 30 | int (*should_authenticate)(struct ceph_auth_client *ac); | |
| 31 | ||
| 4e7a5dcd SW |
32 | /* |
| 33 | * build requests and process replies during monitor | |
| 34 | * handshake. if handle_reply returns -EAGAIN, we build | |
| 35 | * another request. | |
| 36 | */ | |
| 37 | int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end); | |
| 38 | int (*handle_reply)(struct ceph_auth_client *ac, int result, | |
| 39 | void *buf, void *end); | |
| 40 | ||
| 41 | /* | |
| 42 | * Create authorizer for connecting to a service, and verify | |
| 43 | * the response to authenticate the service. | |
| 44 | */ | |
| 45 | int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type, | |
| 46 | struct ceph_authorizer **a, | |
| 47 | void **buf, size_t *len, | |
| 48 | void **reply_buf, size_t *reply_len); | |
| 49 | int (*verify_authorizer_reply)(struct ceph_auth_client *ac, | |
| 50 | struct ceph_authorizer *a, size_t len); | |
| 51 | void (*destroy_authorizer)(struct ceph_auth_client *ac, | |
| 52 | struct ceph_authorizer *a); | |
| 9bd2e6f8 SW |
53 | void (*invalidate_authorizer)(struct ceph_auth_client *ac, |
| 54 | int peer_type); | |
| 4e7a5dcd SW |
55 | |
| 56 | /* reset when we (re)connect to a monitor */ | |
| 57 | void (*reset)(struct ceph_auth_client *ac); | |
| 58 | ||
| 59 | void (*destroy)(struct ceph_auth_client *ac); | |
| 60 | }; | |
| 61 | ||
| 62 | struct ceph_auth_client { | |
| 63 | u32 protocol; /* CEPH_AUTH_* */ | |
| 64 | void *private; /* for use by protocol implementation */ | |
| 65 | const struct ceph_auth_client_ops *ops; /* null iff protocol==0 */ | |
| 66 | ||
| 67 | bool negotiating; /* true if negotiating protocol */ | |
| 68 | const char *name; /* entity name */ | |
| 69 | u64 global_id; /* our unique id in system */ | |
| 70 | const char *secret; /* our secret key */ | |
| 71 | unsigned want_keys; /* which services we want */ | |
| 72 | }; | |
| 73 | ||
| 74 | extern struct ceph_auth_client *ceph_auth_init(const char *name, | |
| 75 | const char *secret); | |
| 76 | extern void ceph_auth_destroy(struct ceph_auth_client *ac); | |
| 77 | ||
| 78 | extern void ceph_auth_reset(struct ceph_auth_client *ac); | |
| 79 | ||
| 80 | extern int ceph_auth_build_hello(struct ceph_auth_client *ac, | |
| 81 | void *buf, size_t len); | |
| 82 | extern int ceph_handle_auth_reply(struct ceph_auth_client *ac, | |
| 83 | void *buf, size_t len, | |
| 84 | void *reply_buf, size_t reply_len); | |
| 85 | extern int ceph_entity_name_encode(const char *name, void **p, void *end); | |
| 86 | ||
| 9bd2e6f8 SW |
87 | extern int ceph_build_auth(struct ceph_auth_client *ac, |
| 88 | void *msg_buf, size_t msg_len); | |
| 89 | ||
| 90 | extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac); | |
| 91 | ||
| 4e7a5dcd | 92 | #endif |