| 1 | /* |
|---|---|
| 2 | * Copyright (c) 2007-2015 Apple Inc. All rights reserved. |
| 3 | * |
| 4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
| 5 | * |
| 6 | * This file contains Original Code and/or Modifications of Original Code |
| 7 | * as defined in and that are subject to the Apple Public Source License |
| 8 | * Version 2.0 (the 'License'). You may not use this file except in |
| 9 | * compliance with the License. The rights granted to you under the License |
| 10 | * may not be used to create, or enable the creation or redistribution of, |
| 11 | * unlawful or unlicensed copies of an Apple operating system, or to |
| 12 | * circumvent, violate, or enable the circumvention or violation of, any |
| 13 | * terms of an Apple operating system software license agreement. |
| 14 | * |
| 15 | * Please obtain a copy of the License at |
| 16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. |
| 17 | * |
| 18 | * The Original Code and all software distributed under the License are |
| 19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
| 20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
| 21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
| 22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
| 23 | * Please see the License for the specific language governing rights and |
| 24 | * limitations under the License. |
| 25 | * |
| 26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
| 27 | */ |
| 28 | |
| 29 | #ifndef _NFS_NFS_GSS_H_ |
| 30 | #define _NFS_NFS_GSS_H_ |
| 31 | |
| 32 | #include "gss/gss_krb5_mech.h" |
| 33 | #include <gssd/gssd_mach.h> |
| 34 | #include <sys/param.h> |
| 35 | |
| 36 | #define RPCSEC_GSS 6 |
| 37 | #define RPCSEC_GSS_VERS_1 1 |
| 38 | |
| 39 | enum rpcsec_gss_proc { |
| 40 | RPCSEC_GSS_DATA = 0, |
| 41 | RPCSEC_GSS_INIT = 1, |
| 42 | RPCSEC_GSS_CONTINUE_INIT = 2, |
| 43 | RPCSEC_GSS_DESTROY = 3 |
| 44 | }; |
| 45 | |
| 46 | enum rpcsec_gss_service { |
| 47 | RPCSEC_GSS_SVC_NONE = 1, // sec=krb5 |
| 48 | RPCSEC_GSS_SVC_INTEGRITY = 2, // sec=krb5i |
| 49 | RPCSEC_GSS_SVC_PRIVACY = 3, // sec=krb5p |
| 50 | }; |
| 51 | |
| 52 | /* |
| 53 | * RFC 2203 and friends don't define maximums for token lengths |
| 54 | * and context handles. We try to pick reasonable values here. |
| 55 | * |
| 56 | * N.B. Kerberos mech tokens can be quite large from the output |
| 57 | * of a gss_init_sec_context if it includes a large PAC. |
| 58 | */ |
| 59 | |
| 60 | #define GSS_MAX_TOKEN_LEN 64*1024 |
| 61 | |
| 62 | /* |
| 63 | * Put a "reasonable" bound on MIC lengths |
| 64 | */ |
| 65 | #define GSS_MAX_MIC_LEN 2048 |
| 66 | |
| 67 | #define GSS_MAXSEQ 0x80000000 // The biggest sequence number |
| 68 | #define GSS_SVC_MAXCONTEXTS 500000 // Max contexts supported |
| 69 | #define GSS_SVC_SEQWINDOW 256 // Server's sequence window |
| 70 | |
| 71 | #define MAX_SKEYLEN 32 |
| 72 | #define MAX_LUCIDLEN (sizeof (lucid_context) + MAX_SKEYLEN) |
| 73 | |
| 74 | /* |
| 75 | * The server's RPCSEC_GSS context information |
| 76 | */ |
| 77 | struct nfs_gss_svc_ctx { |
| 78 | lck_mtx_t gss_svc_mtx; |
| 79 | LIST_ENTRY(nfs_gss_svc_ctx) gss_svc_entries; |
| 80 | uint32_t gss_svc_handle; // Identifies server context to client |
| 81 | uint32_t gss_svc_refcnt; // Reference count |
| 82 | uint32_t gss_svc_proc; // Current GSS proc from cred |
| 83 | uid_t gss_svc_uid; // UID of this user |
| 84 | gid_t gss_svc_gids[NGROUPS]; // GIDs of this user |
| 85 | uint32_t gss_svc_ngroups; // Count of gids |
| 86 | uint64_t gss_svc_incarnation; // Delete ctx if we exceed this + ttl value |
| 87 | uint32_t gss_svc_seqmax; // Current max GSS sequence number |
| 88 | uint32_t gss_svc_seqwin; // GSS sequence number window |
| 89 | uint32_t *gss_svc_seqbits; // Bitmap to track seq numbers |
| 90 | gssd_cred gss_svc_cred_handle; // Opaque cred handle from gssd |
| 91 | gssd_ctx gss_svc_context; // Opaque context handle from gssd |
| 92 | gss_ctx_id_t gss_svc_ctx_id; // Underlying gss context |
| 93 | u_char *gss_svc_token; // GSS token exchanged via gssd & client |
| 94 | uint32_t gss_svc_tokenlen; // Length of token |
| 95 | uint32_t gss_svc_major; // GSS major result from gssd |
| 96 | uint32_t gss_svc_minor; // GSS minor result from gssd |
| 97 | }; |
| 98 | |
| 99 | #define SVC_CTX_HASHSZ 64 |
| 100 | #define SVC_CTX_HASH(handle) ((handle) % SVC_CTX_HASHSZ) |
| 101 | LIST_HEAD(nfs_gss_svc_ctx_hashhead, nfs_gss_svc_ctx); |
| 102 | |
| 103 | /* |
| 104 | * Macros to manipulate bits in the sequence window |
| 105 | */ |
| 106 | #define win_getbit(bits, bit) ((bits[(bit) / 32] & (1 << (bit) % 32)) != 0) |
| 107 | #define win_setbit(bits, bit) do { bits[(bit) / 32] |= (1 << (bit) % 32); } while (0) |
| 108 | #define win_resetbit(bits, bit) do { bits[(bit) / 32] &= ~(1 << (bit) % 32); } while (0) |
| 109 | |
| 110 | /* |
| 111 | * Server context stale times |
| 112 | */ |
| 113 | #define GSS_CTX_PEND 5 // seconds |
| 114 | #define GSS_CTX_EXPIRE (8 * 3600) // seconds |
| 115 | #define GSS_CTX_TTL_MIN 1 // seconds |
| 116 | #define GSS_TIMER_PERIOD 300 // seconds |
| 117 | #define MSECS_PER_SEC 1000 |
| 118 | |
| 119 | __BEGIN_DECLS |
| 120 | |
| 121 | void nfs_gss_svc_init(void); |
| 122 | int nfs_gss_svc_cred_get(struct nfsrv_descript *, struct nfsm_chain *); |
| 123 | int nfs_gss_svc_verf_put(struct nfsrv_descript *, struct nfsm_chain *); |
| 124 | int nfs_gss_svc_ctx_init(struct nfsrv_descript *, struct nfsrv_sock *, mbuf_t *); |
| 125 | int nfs_gss_svc_prepare_reply(struct nfsrv_descript *, struct nfsm_chain *); |
| 126 | int nfs_gss_svc_protect_reply(struct nfsrv_descript *, mbuf_t); |
| 127 | void nfs_gss_svc_ctx_deref(struct nfs_gss_svc_ctx *); |
| 128 | void nfs_gss_svc_cleanup(void); |
| 129 | |
| 130 | __END_DECLS |
| 131 | #endif /* _NFS_NFS_GSS_H_ */ |
| 132 |
Generated while processing xnu/bsd/nfs/nfs_gss.c
Generated on 2024-Jun-06 from project xnu revision 10063.121.3
Powered by 
Code Browser 2.1
Generator usage only permitted with license.