xref: /OK3568_Linux_fs/kernel/net/ceph/auth_x.h (revision 4882a59341e53eb6f0b4789bf948001014eff981)

/* SPDX-License-Identifier: GPL-2.0 */
#ifndef _FS_CEPH_AUTH_X_H
#define _FS_CEPH_AUTH_X_H

#include <linux/rbtree.h>

#include <linux/ceph/auth.h>

#include "crypto.h"
#include "auth_x_protocol.h"

/*
 * Handle ticket for a single service.
 */
struct ceph_x_ticket_handler {
	struct rb_node node;
	unsigned int service;

	struct ceph_crypto_key session_key;
	bool have_key;

	u64 secret_id;
	struct ceph_buffer *ticket_blob;

	time64_t renew_after, expires;
};

#define CEPHX_AU_ENC_BUF_LEN	128  /* big enough for encrypted blob */

struct ceph_x_authorizer {
	struct ceph_authorizer base;
	struct ceph_crypto_key session_key;
	struct ceph_buffer *buf;
	unsigned int service;
	u64 nonce;
	u64 secret_id;
	char enc_buf[CEPHX_AU_ENC_BUF_LEN] __aligned(8);
};

struct ceph_x_info {
	struct ceph_crypto_key secret;

	bool starting;
	u64 server_challenge;

	unsigned int have_keys;
	struct rb_root ticket_handlers;

	struct ceph_x_authorizer auth_authorizer;
};

int ceph_x_init(struct ceph_auth_client *ac);

#endif