Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
auth.h
Go to the documentation of this file.
1 #ifndef _FS_CEPH_AUTH_H
2 #define _FS_CEPH_AUTH_H
3 
4 #include <linux/ceph/types.h>
5 #include <linux/ceph/buffer.h>
6 
7 /*
8  * Abstract interface for communicating with the authenticate module.
9  * There is some handshake that takes place between us and the monitor
10  * to acquire the necessary keys. These are used to generate an
11  * 'authorizer' that we use when connecting to a service (mds, osd).
12  */
13 
14 struct ceph_auth_client;
15 struct ceph_authorizer;
16 
17 struct ceph_auth_handshake {
18  struct ceph_authorizer *authorizer;
19  void *authorizer_buf;
20  size_t authorizer_buf_len;
21  void *authorizer_reply_buf;
22  size_t authorizer_reply_buf_len;
23 };
24 
25 struct ceph_auth_client_ops {
26  const char *name;
27 
28  /*
29  * true if we are authenticated and can connect to
30  * services.
31  */
32  int (*is_authenticated)(struct ceph_auth_client *ac);
33 
34  /*
35  * true if we should (re)authenticate, e.g., when our tickets
36  * are getting old and crusty.
37  */
38  int (*should_authenticate)(struct ceph_auth_client *ac);
39 
40  /*
41  * build requests and process replies during monitor
42  * handshake. if handle_reply returns -EAGAIN, we build
43  * another request.
44  */
45  int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end);
46  int (*handle_reply)(struct ceph_auth_client *ac, int result,
47  void *buf, void *end);
48 
49  /*
50  * Create authorizer for connecting to a service, and verify
51  * the response to authenticate the service.
52  */
53  int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
54  struct ceph_auth_handshake *auth);
55  int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
56  struct ceph_authorizer *a, size_t len);
57  void (*destroy_authorizer)(struct ceph_auth_client *ac,
58  struct ceph_authorizer *a);
59  void (*invalidate_authorizer)(struct ceph_auth_client *ac,
60  int peer_type);
61 
62  /* reset when we (re)connect to a monitor */
63  void (*reset)(struct ceph_auth_client *ac);
64 
65  void (*destroy)(struct ceph_auth_client *ac);
66 };
67 
68 struct ceph_auth_client {
69  u32 protocol; /* CEPH_AUTH_* */
70  void *private; /* for use by protocol implementation */
71  const struct ceph_auth_client_ops *ops; /* null iff protocol==0 */
72 
73  bool negotiating; /* true if negotiating protocol */
74  const char *name; /* entity name */
75  u64 global_id; /* our unique id in system */
76  const struct ceph_crypto_key *key; /* our secret key */
77  unsigned want_keys; /* which services we want */
78 };
79 
80 extern struct ceph_auth_client *ceph_auth_init(const char *name,
81  const struct ceph_crypto_key *key);
82 extern void ceph_auth_destroy(struct ceph_auth_client *ac);
83 
84 extern void ceph_auth_reset(struct ceph_auth_client *ac);
85 
86 extern int ceph_auth_build_hello(struct ceph_auth_client *ac,
87  void *buf, size_t len);
88 extern int ceph_handle_auth_reply(struct ceph_auth_client *ac,
89  void *buf, size_t len,
90  void *reply_buf, size_t reply_len);
91 extern int ceph_entity_name_encode(const char *name, void **p, void *end);
92 
93 extern int ceph_build_auth(struct ceph_auth_client *ac,
94  void *msg_buf, size_t msg_len);
95 
96 extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac);
97 
98 #endif
Generated on Thu Jan 10 2013 14:48:49 for Linux Kernel by   doxygen 1.8.2