Commit | Line | Data |
---|---|---|
b2441318 | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
ec0994e4 SW |
2 | #ifndef __FS_CEPH_AUTH_X_PROTOCOL |
3 | #define __FS_CEPH_AUTH_X_PROTOCOL | |
4 | ||
5 | #define CEPHX_GET_AUTH_SESSION_KEY 0x0100 | |
6 | #define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200 | |
7 | #define CEPHX_GET_ROTATING_KEY 0x0400 | |
8 | ||
9 | /* common bits */ | |
10 | struct ceph_x_ticket_blob { | |
11 | __u8 struct_v; | |
12 | __le64 secret_id; | |
13 | __le32 blob_len; | |
14 | char blob[]; | |
15 | } __attribute__ ((packed)); | |
16 | ||
17 | ||
18 | /* common request/reply headers */ | |
19 | struct ceph_x_request_header { | |
20 | __le16 op; | |
21 | } __attribute__ ((packed)); | |
22 | ||
23 | struct ceph_x_reply_header { | |
24 | __le16 op; | |
25 | __le32 result; | |
26 | } __attribute__ ((packed)); | |
27 | ||
28 | ||
29 | /* authenticate handshake */ | |
30 | ||
31 | /* initial hello (no reply header) */ | |
32 | struct ceph_x_server_challenge { | |
33 | __u8 struct_v; | |
34 | __le64 server_challenge; | |
35 | } __attribute__ ((packed)); | |
36 | ||
37 | struct ceph_x_authenticate { | |
38 | __u8 struct_v; | |
39 | __le64 client_challenge; | |
40 | __le64 key; | |
285ea34f ID |
41 | /* old_ticket blob */ |
42 | /* nautilus+: other_keys */ | |
ec0994e4 SW |
43 | } __attribute__ ((packed)); |
44 | ||
45 | struct ceph_x_service_ticket_request { | |
46 | __u8 struct_v; | |
47 | __le32 keys; | |
48 | } __attribute__ ((packed)); | |
49 | ||
50 | struct ceph_x_challenge_blob { | |
51 | __le64 server_challenge; | |
52 | __le64 client_challenge; | |
53 | } __attribute__ ((packed)); | |
54 | ||
55 | ||
56 | ||
57 | /* authorize handshake */ | |
58 | ||
59 | /* | |
60 | * The authorizer consists of two pieces: | |
61 | * a - service id, ticket blob | |
62 | * b - encrypted with session key | |
63 | */ | |
64 | struct ceph_x_authorize_a { | |
65 | __u8 struct_v; | |
66 | __le64 global_id; | |
67 | __le32 service_id; | |
68 | struct ceph_x_ticket_blob ticket_blob; | |
69 | } __attribute__ ((packed)); | |
70 | ||
71 | struct ceph_x_authorize_b { | |
72 | __u8 struct_v; | |
73 | __le64 nonce; | |
6daca13d ID |
74 | __u8 have_challenge; |
75 | __le64 server_challenge_plus_one; | |
76 | } __attribute__ ((packed)); | |
77 | ||
78 | struct ceph_x_authorize_challenge { | |
79 | __u8 struct_v; | |
80 | __le64 server_challenge; | |
ec0994e4 SW |
81 | } __attribute__ ((packed)); |
82 | ||
83 | struct ceph_x_authorize_reply { | |
84 | __u8 struct_v; | |
85 | __le64 nonce_plus_one; | |
86 | } __attribute__ ((packed)); | |
87 | ||
88 | ||
89 | /* | |
dd0d91b9 | 90 | * encryption bundle |
ec0994e4 SW |
91 | */ |
92 | #define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull | |
93 | ||
94 | struct ceph_x_encrypt_header { | |
95 | __u8 struct_v; | |
96 | __le64 magic; | |
97 | } __attribute__ ((packed)); | |
98 | ||
99 | #endif |