WebSVN - shark - Blame - Rev 423 - /shark/trunk/drivers/linuxc26/include/linux/sunrpc/svcauth.h

Rev	Author	Line No.	Line
423	giacomo	1	/*
		2	* linux/include/linux/sunrpc/svcauth.h
		3	*
		4	* RPC server-side authentication stuff.
		5	*
		6	* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
		7	*/
		8
		9	#ifndef _LINUX_SUNRPC_SVCAUTH_H_
		10	#define _LINUX_SUNRPC_SVCAUTH_H_
		11
		12	#ifdef __KERNEL__
		13
		14	#include <linux/string.h>
		15	#include <linux/sunrpc/msg_prot.h>
		16	#include <linux/sunrpc/cache.h>
		17	#include <linux/hash.h>
		18
		19	struct svc_cred {
		20	uid_t cr_uid;
		21	gid_t cr_gid;
		22	gid_t cr_groups[NGROUPS];
		23	};
		24
		25	struct svc_rqst; /* forward decl */
		26
		27	/* Authentication is done in the context of a domain.
		28	* For a server, a domain represents a group of clients using
		29	* a common mechanism for authentication and having a common mapping
		30	* between local identity (uid) and network identity. All clients
		31	* in a domain have similar general access rights. Each domain can
		32	* contain multiple principals which will have different specific right
		33	* based on normal Discretionary Access Control.
		34	*
		35	* For a client, a domain represents a number of servers which all
		36	* use a common authentication mechanism and network identity name space.
		37	*
		38	* A domain is created by an authentication flavour module based on name
		39	* only. Userspace then fills in detail on demand.
		40	*
		41	* The creation of a domain typically implies creation of one or
		42	* more caches for storing domain specific information.
		43	*/
		44	struct auth_domain {
		45	struct cache_head h;
		46	char *name;
		47	int flavour;
		48	};
		49
		50	/*
		51	* Each authentication flavour registers an auth_ops
		52	* structure.
		53	* name is simply the name.
		54	* flavour gives the auth flavour. It determines where the flavour is registered
		55	* accept() is given a request and should verify it.
		56	* It should inspect the authenticator and verifier, and possibly the data.
		57	* If there is a problem with the authentication *authp should be set.
		58	* The return value of accept() can indicate:
		59	* OK - authorised. client and credential are set in rqstp.
		60	* reqbuf points to arguments
		61	* resbuf points to good place for results. verfier
		62	* is (probably) already in place. Certainly space is
		63	* reserved for it.
		64	* DROP - simply drop the request. It may have been deferred
		65	* GARBAGE - rpc garbage_args error
		66	* SYSERR - rpc system_err error
		67	* DENIED - authp holds reason for denial.
		68	*
		69	* accept is passed the proc number so that it can accept NULL rpc requests
		70	* even if it cannot authenticate the client (as is sometimes appropriate).
		71	*
		72	* release() is given a request after the procedure has been run.
		73	* It should sign/encrypt the results if needed
		74	* It should return:
		75	* OK - the resbuf is ready to be sent
		76	* DROP - the reply should be quitely dropped
		77	* DENIED - authp holds a reason for MSG_DENIED
		78	* SYSERR - rpc system_err
		79	*
		80	* domain_release()
		81	* This call releases a domain.
		82	*/
		83	struct auth_ops {
		84	char * name;
		85	int flavour;
		86	int (accept)(struct svc_rqst rq, u32 *authp);
		87	int (release)(struct svc_rqst rq);
		88	void (domain_release)(struct auth_domain );
		89	};
		90	extern struct auth_ops *authtab[RPC_AUTH_MAXFLAVOR];
		91
		92	#define SVC_GARBAGE 1
		93	#define SVC_SYSERR 2
		94	#define SVC_VALID 3
		95	#define SVC_NEGATIVE 4
		96	#define SVC_OK 5
		97	#define SVC_DROP 6
		98	#define SVC_DENIED 7
		99	#define SVC_PENDING 8
		100
		101
		102	extern int svc_authenticate(struct svc_rqst rqstp, u32 authp);
		103	extern int svc_authorise(struct svc_rqst *rqstp);
		104	extern int svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops);
		105	extern void svc_auth_unregister(rpc_authflavor_t flavor);
		106
		107	extern struct auth_domain unix_domain_find(char name);
		108	extern void auth_domain_put(struct auth_domain *item);
		109	extern int auth_unix_add_addr(struct in_addr addr, struct auth_domain *dom);
		110	extern struct auth_domain auth_domain_lookup(struct auth_domain item, int set);
		111	extern struct auth_domain auth_domain_find(char name);
		112	extern struct auth_domain *auth_unix_lookup(struct in_addr addr);
		113	extern int auth_unix_forget_old(struct auth_domain *dom);
		114	extern void svcauth_unix_purge(void);
		115
		116	static inline unsigned long hash_str(char *name, int bits)
		117	{
		118	unsigned long hash = 0;
		119	unsigned long l = 0;
		120	int len = 0;
		121	unsigned char c;
		122	do {
		123	if (unlikely(!(c = *name++))) {
		124	c = (char)len; len = -1;
		125	}
		126	l = (l << 8) \| c;
		127	len++;
		128	if ((len & (BITS_PER_LONG/8-1))==0)
		129	hash = hash_long(hash^l, BITS_PER_LONG);
		130	} while (len);
		131	return hash >> (BITS_PER_LONG - bits);
		132	}
		133
		134	static inline unsigned long hash_mem(char *buf, int length, int bits)
		135	{
		136	unsigned long hash = 0;
		137	unsigned long l = 0;
		138	int len = 0;
		139	unsigned char c;
		140	do {
		141	if (len == length) {
		142	c = (char)len; len = -1;
		143	} else
		144	c = *buf++;
		145	l = (l << 8) \| c;
		146	len++;
		147	if ((len & (BITS_PER_LONG/8-1))==0)
		148	hash = hash_long(hash^l, BITS_PER_LONG);
		149	} while (len);
		150	return hash >> (BITS_PER_LONG - bits);
		151	}
		152
		153	extern struct cache_detail auth_domain_cache, ip_map_cache;
		154
		155	#endif /* __KERNEL__ */
		156
		157	#endif /* _LINUX_SUNRPC_SVCAUTH_H_ */

Subversion Repositories shark

(root)/shark/trunk/drivers/linuxc26/include/linux/sunrpc/svcauth.h - Rev 423