| Sage Weil | ec0994e | 2010-02-02 16:25:35 -0800 | [diff] [blame] | 1 | #ifndef __FS_CEPH_AUTH_X_PROTOCOL |
| 2 | #define __FS_CEPH_AUTH_X_PROTOCOL |
| 3 | |
| 4 | #define CEPHX_GET_AUTH_SESSION_KEY 0x0100 |
| 5 | #define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200 |
| 6 | #define CEPHX_GET_ROTATING_KEY 0x0400 |
| 7 | |
| 8 | /* common bits */ |
| 9 | struct ceph_x_ticket_blob { |
| 10 | __u8 struct_v; |
| 11 | __le64 secret_id; |
| 12 | __le32 blob_len; |
| 13 | char blob[]; |
| 14 | } __attribute__ ((packed)); |
| 15 | |
| 16 | |
| 17 | /* common request/reply headers */ |
| 18 | struct ceph_x_request_header { |
| 19 | __le16 op; |
| 20 | } __attribute__ ((packed)); |
| 21 | |
| 22 | struct ceph_x_reply_header { |
| 23 | __le16 op; |
| 24 | __le32 result; |
| 25 | } __attribute__ ((packed)); |
| 26 | |
| 27 | |
| 28 | /* authenticate handshake */ |
| 29 | |
| 30 | /* initial hello (no reply header) */ |
| 31 | struct ceph_x_server_challenge { |
| 32 | __u8 struct_v; |
| 33 | __le64 server_challenge; |
| 34 | } __attribute__ ((packed)); |
| 35 | |
| 36 | struct ceph_x_authenticate { |
| 37 | __u8 struct_v; |
| 38 | __le64 client_challenge; |
| 39 | __le64 key; |
| 40 | /* ticket blob */ |
| 41 | } __attribute__ ((packed)); |
| 42 | |
| 43 | struct ceph_x_service_ticket_request { |
| 44 | __u8 struct_v; |
| 45 | __le32 keys; |
| 46 | } __attribute__ ((packed)); |
| 47 | |
| 48 | struct ceph_x_challenge_blob { |
| 49 | __le64 server_challenge; |
| 50 | __le64 client_challenge; |
| 51 | } __attribute__ ((packed)); |
| 52 | |
| 53 | |
| 54 | |
| 55 | /* authorize handshake */ |
| 56 | |
| 57 | /* |
| 58 | * The authorizer consists of two pieces: |
| 59 | * a - service id, ticket blob |
| 60 | * b - encrypted with session key |
| 61 | */ |
| 62 | struct ceph_x_authorize_a { |
| 63 | __u8 struct_v; |
| 64 | __le64 global_id; |
| 65 | __le32 service_id; |
| 66 | struct ceph_x_ticket_blob ticket_blob; |
| 67 | } __attribute__ ((packed)); |
| 68 | |
| 69 | struct ceph_x_authorize_b { |
| 70 | __u8 struct_v; |
| 71 | __le64 nonce; |
| 72 | } __attribute__ ((packed)); |
| 73 | |
| 74 | struct ceph_x_authorize_reply { |
| 75 | __u8 struct_v; |
| 76 | __le64 nonce_plus_one; |
| 77 | } __attribute__ ((packed)); |
| 78 | |
| 79 | |
| 80 | /* |
| 81 | * encyption bundle |
| 82 | */ |
| 83 | #define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull |
| 84 | |
| 85 | struct ceph_x_encrypt_header { |
| 86 | __u8 struct_v; |
| 87 | __le64 magic; |
| 88 | } __attribute__ ((packed)); |
| 89 | |
| 90 | #endif |