Commit | Line | Data |
---|---|---|
2d21ac55 | 1 | /* |
b0d623f7 | 2 | * Copyright (c) 2007-2008 Apple Inc. All rights reserved. |
2d21ac55 A |
3 | * |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ | |
5 | * | |
6 | * This file contains Original Code and/or Modifications of Original Code | |
7 | * as defined in and that are subject to the Apple Public Source License | |
8 | * Version 2.0 (the 'License'). You may not use this file except in | |
9 | * compliance with the License. The rights granted to you under the License | |
10 | * may not be used to create, or enable the creation or redistribution of, | |
11 | * unlawful or unlicensed copies of an Apple operating system, or to | |
12 | * circumvent, violate, or enable the circumvention or violation of, any | |
13 | * terms of an Apple operating system software license agreement. | |
14 | * | |
15 | * Please obtain a copy of the License at | |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. | |
17 | * | |
18 | * The Original Code and all software distributed under the License are | |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
23 | * Please see the License for the specific language governing rights and | |
24 | * limitations under the License. | |
25 | * | |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ | |
27 | */ | |
28 | ||
29 | #ifndef _NFS_NFS_GSS_H_ | |
30 | #define _NFS_NFS_GSS_H_ | |
31 | ||
32 | #include <gssd/gssd_mach.h> | |
2d21ac55 | 33 | #include <sys/param.h> |
b0d623f7 | 34 | #include <crypto/des/des.h> |
2d21ac55 A |
35 | |
36 | #define RPCSEC_GSS 6 | |
37 | #define RPCSEC_GSS_VERS_1 1 | |
38 | ||
39 | enum rpcsec_gss_proc { | |
40 | RPCSEC_GSS_DATA = 0, | |
41 | RPCSEC_GSS_INIT = 1, | |
42 | RPCSEC_GSS_CONTINUE_INIT = 2, | |
43 | RPCSEC_GSS_DESTROY = 3 | |
44 | }; | |
45 | ||
46 | enum rpcsec_gss_service { | |
47 | RPCSEC_GSS_SVC_NONE = 1, // sec=krb5 | |
48 | RPCSEC_GSS_SVC_INTEGRITY = 2, // sec=krb5i | |
49 | RPCSEC_GSS_SVC_PRIVACY = 3, // sec=krb5p | |
50 | RPCSEC_GSS_SVC_SYS = 4 // sec=sys (fallback) | |
51 | }; | |
52 | ||
53 | /* | |
54 | * GSS-API things | |
55 | */ | |
56 | #define GSS_S_COMPLETE 0 | |
57 | #define GSS_S_CONTINUE_NEEDED 1 | |
58 | ||
59 | #define GSS_MAXSEQ 0x80000000 // The biggest sequence number | |
60 | #define GSS_SVC_MAXCONTEXTS 500000 // Max contexts supported | |
61 | #define GSS_SVC_SEQWINDOW 256 // Server's sequence window | |
62 | #define GSS_CLNT_SEQLISTMAX 32 // Max length of req seq num list | |
63 | #define GSS_CLNT_SYS_VALID 300 // Valid time (sec) for failover ctx | |
64 | ||
b0d623f7 | 65 | |
2d21ac55 | 66 | #define SKEYLEN 8 // length of DES key |
b0d623f7 A |
67 | #define SKEYLEN3 24 // length of DES3 keyboard |
68 | #define MAX_SKEYLEN SKEYLEN3 | |
69 | ||
70 | typedef struct { | |
71 | uint32_t type; // See defines below | |
72 | uint32_t keybytes; // Session key length bytes; | |
73 | uint32_t hash_len; | |
74 | u_char skey[MAX_SKEYLEN]; // Session key; | |
75 | union { | |
76 | struct { | |
77 | des_cblock *key; | |
78 | des_key_schedule gss_sched; | |
79 | des_key_schedule gss_sched_Ke; | |
80 | } des; | |
81 | struct { | |
82 | des_cblock (*key)[3]; | |
83 | des_cblock ckey[3]; | |
84 | des_key_schedule gss_sched[3]; | |
85 | } des3; | |
86 | } ks_u; | |
87 | } gss_key_info; | |
88 | ||
89 | #define NFS_GSS_0DES 0 // Not DES or uninitialized | |
90 | #define NFS_GSS_1DES 1 // Single DES with DES_MAC_MD5 | |
91 | #define NFS_GSS_3DES 2 // Triple EDE DES KD with SHA1 | |
2d21ac55 A |
92 | |
93 | /* | |
94 | * The client's RPCSEC_GSS context information | |
95 | */ | |
96 | struct nfs_gss_clnt_ctx { | |
97 | lck_mtx_t *gss_clnt_mtx; | |
98 | thread_t gss_clnt_thread; // Thread creating context | |
99 | TAILQ_ENTRY(nfs_gss_clnt_ctx) gss_clnt_entries; | |
100 | uint32_t gss_clnt_flags; // Flag bits - see below | |
101 | uint32_t gss_clnt_refcnt; // Reference count | |
102 | uid_t gss_clnt_uid; // Owner of this context | |
103 | uint32_t gss_clnt_proc; // Current GSS proc for cred | |
104 | uint32_t gss_clnt_seqnum; // GSS sequence number | |
105 | uint32_t gss_clnt_service; // Indicates krb5, krb5i or krb5p | |
106 | u_char *gss_clnt_handle; // Identifies server context | |
107 | uint32_t gss_clnt_handle_len; // Size of server's ctx handle | |
108 | time_t gss_clnt_ctime; // When context was created | |
109 | uint32_t gss_clnt_seqwin; // Server's seq num window | |
110 | uint32_t *gss_clnt_seqbits; // Bitmap to track seq numbers in use | |
111 | mach_port_t gss_clnt_mport; // Mach port for gssd upcall | |
112 | u_char *gss_clnt_verf; // RPC verifier from server | |
2d21ac55 | 113 | char *gss_clnt_svcname; // Service name e.g. "nfs/big.apple.com" |
b0d623f7 A |
114 | gss_cred gss_clnt_cred_handle; // Opaque cred handle from gssd |
115 | gss_ctx gss_clnt_context; // Opaque context handle from gssd | |
2d21ac55 A |
116 | u_char *gss_clnt_token; // GSS token exchanged via gssd & server |
117 | uint32_t gss_clnt_tokenlen; // Length of token | |
b0d623f7 A |
118 | gss_key_info gss_clnt_kinfo; // GSS key info |
119 | uint32_t gss_clnt_gssd_flags; // Special flag bits to gssd | |
2d21ac55 A |
120 | uint32_t gss_clnt_major; // GSS major result from gssd or server |
121 | uint32_t gss_clnt_minor; // GSS minor result from gssd or server | |
122 | }; | |
123 | ||
124 | /* | |
125 | * gss_clnt_flags | |
126 | */ | |
127 | #define GSS_CTX_COMPLETE 0x00000001 // Context is complete | |
128 | #define GSS_CTX_INVAL 0x00000002 // Context is invalid | |
129 | #define GSS_NEEDSEQ 0x00000004 // Need a sequence number | |
130 | #define GSS_NEEDCTX 0x00000008 // Need the context | |
131 | ||
132 | /* | |
133 | * The server's RPCSEC_GSS context information | |
134 | */ | |
135 | struct nfs_gss_svc_ctx { | |
136 | lck_mtx_t *gss_svc_mtx; | |
137 | LIST_ENTRY(nfs_gss_svc_ctx) gss_svc_entries; | |
138 | uint32_t gss_svc_handle; // Identifies server context to client | |
139 | uint32_t gss_svc_proc; // Current GSS proc from cred | |
140 | uid_t gss_svc_uid; // UID of this user | |
141 | gid_t gss_svc_gids[NGROUPS]; // GIDs of this user | |
142 | uint32_t gss_svc_ngroups; // Count of gids | |
b0d623f7 | 143 | uint64_t gss_svc_incarnation; // Delete ctx if we exceed this + ttl value |
2d21ac55 A |
144 | uint32_t gss_svc_seqmax; // Current max GSS sequence number |
145 | uint32_t gss_svc_seqwin; // GSS sequence number window | |
146 | uint32_t *gss_svc_seqbits; // Bitmap to track seq numbers | |
b0d623f7 A |
147 | gss_cred gss_svc_cred_handle; // Opaque cred handle from gssd |
148 | gss_ctx gss_svc_context; // Opaque context handle from gssd | |
2d21ac55 A |
149 | u_char *gss_svc_token; // GSS token exchanged via gssd & client |
150 | uint32_t gss_svc_tokenlen; // Length of token | |
b0d623f7 | 151 | gss_key_info gss_svc_kinfo; // Session key info |
2d21ac55 A |
152 | uint32_t gss_svc_major; // GSS major result from gssd |
153 | uint32_t gss_svc_minor; // GSS minor result from gssd | |
154 | }; | |
155 | ||
156 | #define SVC_CTX_HASHSZ 64 | |
157 | #define SVC_CTX_HASH(handle) ((handle) % SVC_CTX_HASHSZ) | |
158 | LIST_HEAD(nfs_gss_svc_ctx_hashhead, nfs_gss_svc_ctx); | |
159 | ||
160 | /* | |
161 | * Macros to manipulate bits in the sequence window | |
162 | */ | |
163 | #define win_getbit(bits, bit) ((bits[(bit) / 32] & (1 << (bit) % 32)) != 0) | |
164 | #define win_setbit(bits, bit) do { bits[(bit) / 32] |= (1 << (bit) % 32); } while (0) | |
165 | #define win_resetbit(bits, bit) do { bits[(bit) / 32] &= ~(1 << (bit) % 32); } while (0) | |
166 | ||
167 | /* | |
168 | * Server context stale times | |
169 | */ | |
170 | #define GSS_CTX_PEND 5 // seconds | |
171 | #define GSS_CTX_EXPIRE (8 * 3600) // seconds | |
b0d623f7 | 172 | #define GSS_CTX_TTL_MIN 1 // seconds |
2d21ac55 A |
173 | #define GSS_TIMER_PERIOD 300 // seconds |
174 | #define MSECS_PER_SEC 1000 | |
175 | ||
176 | __BEGIN_DECLS | |
177 | ||
178 | void nfs_gss_init(void); | |
179 | int nfs_gss_clnt_cred_put(struct nfsreq *, struct nfsm_chain *, mbuf_t); | |
180 | int nfs_gss_clnt_verf_get(struct nfsreq *, struct nfsm_chain *, | |
181 | uint32_t, uint32_t, uint32_t *); | |
182 | void nfs_gss_clnt_rpcdone(struct nfsreq *); | |
183 | int nfs_gss_clnt_args_restore(struct nfsreq *); | |
184 | int nfs_gss_clnt_ctx_renew(struct nfsreq *); | |
185 | void nfs_gss_clnt_ctx_ref(struct nfsreq *, struct nfs_gss_clnt_ctx *); | |
186 | void nfs_gss_clnt_ctx_unref(struct nfsreq *); | |
187 | void nfs_gss_clnt_ctx_unmount(struct nfsmount *, int); | |
188 | int nfs_gss_svc_cred_get(struct nfsrv_descript *, struct nfsm_chain *); | |
189 | int nfs_gss_svc_verf_put(struct nfsrv_descript *, struct nfsm_chain *); | |
190 | int nfs_gss_svc_ctx_init(struct nfsrv_descript *, struct nfsrv_sock *, mbuf_t *); | |
191 | int nfs_gss_svc_prepare_reply(struct nfsrv_descript *, struct nfsm_chain *); | |
192 | int nfs_gss_svc_protect_reply(struct nfsrv_descript *, mbuf_t); | |
193 | void nfs_gss_svc_cleanup(void); | |
194 | ||
195 | __END_DECLS | |
196 | #endif /* _NFS_NFS_GSS_H_ */ |