1 #ifndef __FS_CEPH_AUTH_X_PROTOCOL 2 #define __FS_CEPH_AUTH_X_PROTOCOL 3 4 #define CEPHX_GET_AUTH_SESSION_KEY 0x0100 5 #define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200 6 #define CEPHX_GET_ROTATING_KEY 0x0400 7 8 /* common bits */ 9 struct ceph_x_ticket_blob { 10 __u8 struct_v; 11 __le64 secret_id; 12 __le32 blob_len; 13 char blob[]; 14 } __attribute__ ((packed)); 15 16 17 /* common request/reply headers */ 18 struct ceph_x_request_header { 19 __le16 op; 20 } __attribute__ ((packed)); 21 22 struct ceph_x_reply_header { 23 __le16 op; 24 __le32 result; 25 } __attribute__ ((packed)); 26 27 28 /* authenticate handshake */ 29 30 /* initial hello (no reply header) */ 31 struct ceph_x_server_challenge { 32 __u8 struct_v; 33 __le64 server_challenge; 34 } __attribute__ ((packed)); 35 36 struct ceph_x_authenticate { 37 __u8 struct_v; 38 __le64 client_challenge; 39 __le64 key; 40 /* ticket blob */ 41 } __attribute__ ((packed)); 42 43 struct ceph_x_service_ticket_request { 44 __u8 struct_v; 45 __le32 keys; 46 } __attribute__ ((packed)); 47 48 struct ceph_x_challenge_blob { 49 __le64 server_challenge; 50 __le64 client_challenge; 51 } __attribute__ ((packed)); 52 53 54 55 /* authorize handshake */ 56 57 /* 58 * The authorizer consists of two pieces: 59 * a - service id, ticket blob 60 * b - encrypted with session key 61 */ 62 struct ceph_x_authorize_a { 63 __u8 struct_v; 64 __le64 global_id; 65 __le32 service_id; 66 struct ceph_x_ticket_blob ticket_blob; 67 } __attribute__ ((packed)); 68 69 struct ceph_x_authorize_b { 70 __u8 struct_v; 71 __le64 nonce; 72 } __attribute__ ((packed)); 73 74 struct ceph_x_authorize_reply { 75 __u8 struct_v; 76 __le64 nonce_plus_one; 77 } __attribute__ ((packed)); 78 79 80 /* 81 * encyption bundle 82 */ 83 #define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull 84 85 struct ceph_x_encrypt_header { 86 __u8 struct_v; 87 __le64 magic; 88 } __attribute__ ((packed)); 89 90 #endif 91