+${COMPILE_PART1} fsint ${COMPILE_GENERATED}
+${COMPILE_PART1} kauth ${COMPILE_GENERATED}
+${COMPILE_PART1} ptserver ${COMPILE_GENERATED}
- +${COMPILE_PART1} rxgk ${COMPILE_GENERATED}
+${COMPILE_PART1} rxkad ${COMPILE_GENERATED}
+${COMPILE_PART1} rxstat ${COMPILE_GENERATED}
+${COMPILE_PART1} sys ${COMPILE_GENERATED}
sys: cmd comerr afs hcrypto rx rxstat fsint sys_depinstall
+${COMPILE_PART1} sys ${COMPILE_PART2}
-rxgk: cmd comerr hcrypto rx rxgk_depinstall
- +${COMPILE_PART1} rxgk ${COMPILE_PART2}
-
rxkad: cmd comerr hcrypto rfc3961 rx rxkad_depinstall
+${COMPILE_PART1} rxkad ${COMPILE_PART2}
rx_depinstall: config
+${COMPILE_PART1} rx ${COMPILE_DEPINSTALL}
-rxgk_depinstall: config comerr
- +${COMPILE_PART1} rxgk ${COMPILE_DEPINSTALL}
-
rxkad_depinstall: config comerr
+${COMPILE_PART1} rxkad ${COMPILE_DEPINSTALL}
-${COMPILE_PART1} export ${COMPILE_CLEAN}
-${COMPILE_PART1} afs ${COMPILE_CLEAN}
-${COMPILE_PART1} sys ${COMPILE_CLEAN}
- -${COMPILE_PART1} rxgk ${COMPILE_CLEAN}
-${COMPILE_PART1} rxkad ${COMPILE_CLEAN}
-${COMPILE_PART1} auth ${COMPILE_CLEAN}
-${COMPILE_PART1} ubik ${COMPILE_CLEAN}
src/rx/test/Makefile \
src/rxdebug/Makefile \
src/rxgen/Makefile \
- src/rxgk/Makefile \
src/rxkad/Makefile \
src/rxkad/test/Makefile \
src/rxosd/Makefile \
BUILD_GSSAPI=no
AS_IF([test x"$GSSAPI_LIBS" != x],
[BUILD_GSSAPI=yes
- RRA_LIB_GSSAPI_SWITCH
- AC_CHECK_FUNCS([gss_pseudo_random \
- krb5_gss_register_acceptor_identity \
- gss_krb5_ccache_name \
- ])
-dnl We only need gssapi for rxgk (at this point). rxgk requires pseudo_random.
- AS_IF([test x"$ac_cv_func_gss_pseudo_random" != xyes],
- [BUILD_GSSAPI=no])
- RRA_LIB_GSSAPI_RESTORE
])
AC_SUBST([BUILD_GSSAPI])
src/rx/test/Makefile
src/rxdebug/Makefile
src/rxgen/Makefile
- src/rxgk/Makefile
src/rxkad/Makefile
src/rxkad/test/Makefile
src/rxosd/Makefile
+++ /dev/null
-/rxgk_errs.h
-/rxgk_errs.c
-/rxgk_int.h
+++ /dev/null
-srcdir=@srcdir@
-include @TOP_OBJDIR@/src/config/Makefile.config
-include @TOP_OBJDIR@/src/config/Makefile.pthread
-include @TOP_OBJDIR@/src/config/Makefile.libtool
-
-INCLS= ${TOP_INCDIR}/rx/rx.h ${TOP_INCDIR}/rx/rxgk.h ${TOP_INCDIR}/rx/rxgk_errs.h \
- ${TOP_INCDIR}/rx/rxgk_int.h
-
-LT_objs = rxgk_client.lo rxgk_server.lo rxgk_errs.lo rxgk_int.cs.lo \
- rxgk_int.xdr.lo rxgk_int.ss.lo rxgk_procs.lo
-
-LT_deps = $(top_builddir)/src/opr/liboafs_opr.la \
- $(top_builddir)/src/comerr/liboafs_comerr.la \
- $(top_builddir)/src/rx/liboafs_rx.la
-
-LT_libs = # gssapi will go here
-
-all: depinstall rxgk_int.cs.c rxgk_int.ss.c rxgk_int.xdr.c rxgk_int.h \
- ${LT_objs} liboafs_rxgk.la librxgk_pic.la
-
-generated: \
- rxgk_errs.h rxgk_errs.c rxgk_int.h rxgk_int.cs.c rxgk_int.xdr.c \
- rxgk_int.ss.c
-
-depinstall: \
- ${TOP_INCDIR}/rx/rxgk.h \
- ${TOP_INCDIR}/rx/rxgk_errs.h \
- ${TOP_INCDIR}/rx/rxgk_int.h
-
-${TOP_INCDIR}/rx/rxgk.h: ${srcdir}/rxgk.h ${TOP_INCDIR}/rx/rxgk_errs.h \
- ${TOP_INCDIR}/rx/rxgk_int.h
- ${INSTALL_DATA} ${srcdir}/rxgk.h $@
-
-${TOP_INCDIR}/rx/rxgk_errs.h: rxgk_errs.h
- ${INSTALL_DATA} $? $@
-
-${TOP_INCDIR}/rx/rxgk_int.h: rxgk_int.h
- ${INSTALL_DATA} $? $@
-
-rxgk_int.cs.c: rxgk_int.xg
- ${RXGEN} -b -A -x -C -o $@ ${srcdir}/rxgk_int.xg
-
-rxgk_int.ss.c: rxgk_int.xg
- ${RXGEN} -b -A -x -S -o $@ ${srcdir}/rxgk_int.xg
-
-rxgk_int.xdr.c: rxgk_int.xg
- ${RXGEN} -b -A -x -c -o $@ ${srcdir}/rxgk_int.xg
-
-rxgk_int.h: rxgk_int.xg
- ${RXGEN} -b -A -x -h -o $@ ${srcdir}/rxgk_int.xg
-
-rxgk_int.ss.o: rxgk_int.ss.c rxgk_int.xdr.c rxgk_int.h
-rxgk_int.cs.o: rxgk_int.cs.c rxgk_int.xdr.c rxgk_int.h
-rxgk_int.xdr.o: rxgk_int.xdr.c rxgk_int.h
-
-liboafs_rxgk.la: liboafs_rxgk.la.sym ${LT_objs} ${LT_deps}
- $(LT_LDLIB_shlib) $(LT_objs) $(LT_deps) $(LT_libs)
-
-librxgk_pic.la: $(LT_objs)
- $(LT_LDLIB_pic) $(LT_objs)
-
-$(LT_objs): $(INCLS)
-
-rxgk_errs.h: rxgk_errs.c
-rxgk_errs.c: rxgk_errs.et
- $(RM) -f rxgk_errs.h rxgk_errs.c
- ${COMPILE_ET} -p ${srcdir} rxgk_errs
-
-#
-# Installation targets
-#
-test: all
-
-install: liboafs_rxgk.la
-
-dest: liboafs_rxgk.la
-
-#
-# Misc. targets
-#
-clean:
- $(LT_CLEAN)
- $(RM) -f *.o *.a *.cs.c *.ss.c *.xdr.c rxgk_int.h core
-
-include ../config/Makefile.version
+++ /dev/null
-RXGK_CombineTokens
-RXGK_GSSNegotiate
-rxgk_NewClientSecurityObject
-rxgk_NewServerSecurityObject
+++ /dev/null
-/* rxgk.h - External interfaces for RXGK */
-/*
- * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * External interfaces for RXGK.
- */
-
-#ifndef OPENAFS_RXGK_H
-#define OPENAFS_RXGK_H
-
-/* Pull in the com_err table */
-#include <rx/rxgk_errs.h>
-
-/* Pull in the protocol description */
-#include <rx/rxgk_int.h>
-
-/* rxgk_key is an opaque type to wrap our RFC3961 implementation's concept
- * of a key. It has (at least) the keyblock and length, and enctype. */
-typedef void * rxgk_key;
-
-typedef afs_int32 (*rxgk_getkey_func)(void *rock, afs_int32 *kvno,
- afs_int32 *enctype, rxgk_key *key);
-/* rxgk_server.c */
-struct rx_securityClass * rxgk_NewServerSecurityObject(void *getkey_rock,
- rxgk_getkey_func getkey);
-/* rxgk_client.c */
-struct rx_securityClass *rxgk_NewClientSecurityObject(RXGK_Level level,
- afs_int32 enctype,
- rxgk_key k0,
- RXGK_Data *token,
- afsUUID *uuid);
-
-#endif /* OPENAFS_RXGK_H */
+++ /dev/null
-/* rxgk/rxgk_client.c - Client-only security object routines */
-/*
- * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * Client-only security object routines.
- */
-
-#include <afsconfig.h>
-#include <afs/param.h>
-#include <afs/stds.h>
-
-/* OS-specific system headers go here */
-
-#include <rx/rx.h>
-#include <rx/rx_packet.h>
-#include <rx/rxgk.h>
-
-#include "rxgk_private.h"
-
-/* Pre-declare the securityclass routines for the securityOps definition. */
-static int rxgk_ClientClose(struct rx_securityClass *aobj);
-static int rxgk_NewClientConnection(struct rx_securityClass *aobj,
- struct rx_connection *aconn);
-static int rxgk_ClientPreparePacket(struct rx_securityClass *aobj,
- struct rx_call *acall,
- struct rx_packet *apacket);
-static int rxgk_GetResponse(struct rx_securityClass *aobj,
- struct rx_connection *aconn,
- struct rx_packet *apacket);
-static int rxgk_ClientCheckPacket(struct rx_securityClass *aobj,
- struct rx_call *acall,
- struct rx_packet *apacket);
-static int rxgk_DestroyClientConnection(struct rx_securityClass *aobj,
- struct rx_connection *aconn);
-static int rxgk_ClientGetStats(struct rx_securityClass *aobj,
- struct rx_connection *aconn,
- struct rx_securityObjectStats *astats);
-
-static struct rx_securityOps rxgk_client_ops = {
- rxgk_ClientClose,
- rxgk_NewClientConnection, /* every new connection */
- rxgk_ClientPreparePacket, /* once per packet creation */
- 0, /* send packet (once per retrans) */
- 0,
- 0,
- 0,
- rxgk_GetResponse, /* respond to challenge packet */
- 0,
- rxgk_ClientCheckPacket, /* check data packet */
- rxgk_DestroyClientConnection,
- rxgk_ClientGetStats,
- 0,
- 0,
- 0,
-};
-
-static struct rx_securityClass dummySC = {
- &rxgk_client_ops,
- NULL,
- 0
-};
-
-struct rx_securityClass *
-rxgk_NewClientSecurityObject(RXGK_Level level, afs_int32 enctype, rxgk_key k0,
- RXGK_Data *token, afsUUID *uuid)
-{
- return &dummySC;
-}
-
-static int
-rxgk_ClientClose(struct rx_securityClass *aobj)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_NewClientConnection(struct rx_securityClass *aobj,
- struct rx_connection *aconn)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_ClientPreparePacket(struct rx_securityClass *aobj, struct rx_call *acall,
- struct rx_packet *apacket)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_GetResponse(struct rx_securityClass *aobj, struct rx_connection *aconn,
- struct rx_packet *apacket)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_ClientCheckPacket(struct rx_securityClass *aobj, struct rx_call *acall,
- struct rx_packet *apacket)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_DestroyClientConnection(struct rx_securityClass *aobj,
- struct rx_connection *aconn)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_ClientGetStats(struct rx_securityClass *aobj, struct rx_connection *aconn,
- struct rx_securityObjectStats *astats)
-{
- return RXGK_INCONSISTENCY;
-}
+++ /dev/null
-error_table RXGK
- ec RXGK_INCONSISTENCY, "Security module structure inconsistent"
- ec RXGK_PACKETSHORT, "Packet too short for security challenge"
- ec RXGK_BADCHALLENGE, "Invalid security challenge"
- ec RXGK_BADETYPE, "Invalid or impermissible encryption type"
- ec RXGK_BADLEVEL, "Invalid or impermissible security level"
- ec RXGK_BADKEYNO, "Key version number not found"
- ec RXGK_EXPIRED, "Token has expired"
- ec RXGK_NOTAUTH, "Caller not authorized"
- ec RXGK_BAD_TOKEN, "Security object was passed a bad token"
- ec RXGK_SEALED_INCON, "Sealed data inconsistent"
- ec RXGK_DATA_LEN, "User data too long"
- ec RXGK_BAD_QOP, "Inadequate quality of protection available"
-end
+++ /dev/null
-/*
- * Protocol descriptions for core RXGK structures and RPCs.
- */
-
-package RXGK_
-prefix S
-
-/* constants for RXGK RPC numbers */
-#define RXGK_GSSNEGOTIATE 1
-#define RXGK_COMBINETOKENS 2
-#define RXGK_AFSCOMBINETOKENS 3
-
-/* RPC-L from draft-wilkinson-afs3-rxgk */
-
-/* General values */
-
-typedef afs_int64 rxgkTime;
-
-/* key usage values */
-const RXGK_CLIENT_ENC_PACKET = 1026;
-const RXGK_CLIENT_MIC_PACKET = 1027;
-const RXGK_SERVER_ENC_PACKET = 1028;
-const RXGK_SERVER_MIC_PACKET = 1029;
-const RXGK_CLIENT_ENC_RESPONSE = 1030;
-const RXGK_SERVER_ENC_TOKEN = 1036;
-
-/* Security levels */
-enum RXGK_Level {
- RXGK_LEVEL_CLEAR = 0,
- RXGK_LEVEL_AUTH = 1,
- RXGK_LEVEL_CRYPT = 2
-};
-
-/* limits for variable-length arrays */
-const RXGK_MAXENCTYPES = 255;
-const RXGK_MAXLEVELS = 255;
-const RXGK_MAXMIC = 1024;
-const RXGK_MAXNONCE = 1024;
-const RXGK_MAXDATA = 1048576;
-
-typedef afs_int32 RXGK_Enctypes<RXGK_MAXENCTYPES>;
-typedef opaque RXGK_Data<RXGK_MAXDATA>;
-
-/* Begin definitions for RXGK_GSSNegotiate. */
-
-struct RXGK_StartParams {
- RXGK_Enctypes enctypes;
- RXGK_Level levels<RXGK_MAXLEVELS>;
- afs_uint32 lifetime;
- afs_uint32 bytelife;
- opaque client_nonce<RXGK_MAXNONCE>;
-};
-
-struct RXGK_ClientInfo {
- afs_int32 errorcode;
- afs_int32 enctype;
- RXGK_Level level;
- afs_uint32 lifetime;
- afs_uint32 bytelife;
- rxgkTime expiration;
- opaque mic<RXGK_MAXMIC>;
- RXGK_Data token;
- opaque server_nonce<RXGK_MAXNONCE>;
-};
-
-GSSNegotiate(IN RXGK_StartParams *client_start,
- IN RXGK_Data *input_token_buffer,
- IN RXGK_Data *opaque_in,
- OUT RXGK_Data *output_token_buffer,
- OUT RXGK_Data *opaque_out,
- OUT afs_uint32 *gss_major_status,
- OUT afs_uint32 *gss_minor_status,
- OUT RXGK_Data *rxgk_info) = RXGK_GSSNEGOTIATE;
-
-/* Begin definitions for RXGK_CombineTokens. */
-
-struct RXGK_CombineOptions {
- RXGK_Enctypes enctypes;
- RXGK_Level levels<RXGK_MAXLEVELS>;
-};
-
-struct RXGK_TokenInfo {
- afs_int32 enctype;
- RXGK_Level level;
- afs_uint32 lifetime;
- afs_uint32 bytelife;
- rxgkTime expiration;
-};
-
-CombineTokens(IN RXGK_Data *token0, IN RXGK_Data *token1,
- IN RXGK_CombineOptions *options,
- OUT RXGK_Data *new_token,
- OUT RXGK_TokenInfo *info) = RXGK_COMBINETOKENS;
-
-/* Begin definitions for security class operation. */
-
-/* RX challenge and response structures */
-struct RXGK_Challenge {
- opaque nonce[20];
-};
-const RXGK_MAXAUTHENTICATOR = 1416; /* better fit in a packet! */
-struct RXGK_Response {
- rxgkTime start_time;
- RXGK_Data token;
- opaque authenticator<RXGK_MAXAUTHENTICATOR>;
-};
-
-struct RXGK_Authenticator {
- opaque nonce[20];
- opaque appdata<>;
- RXGK_Level level;
- afs_uint32 epoch;
- afs_uint32 cid;
- afs_uint32 call_numbers<>;
-};
-
-/* RPC-L from draft-brashear-afs3-pts-extended-names-09 (final). */
-
-#define AUTHDATAMAX 2048
-#define AUTHPRINTABLEMAX 2048
-struct PrAuthName {
- afs_int32 kind;
- opaque data<AUTHDATAMAX>;
- opaque display<AUTHPRINTABLEMAX>;
-};
-
-/* RPC-L from draft-wilkinson-afs3-rxgk-afs. */
-
-/* Begin authenticator appdata definition. */
-
-struct RXGK_Authenticator_AFSAppData {
- afsUUID client_uuid;
- RXGK_Data cb_tok;
- RXGK_Data cb_key;
- afs_int32 enctype;
- afsUUID target_uuid;
-};
-
-/* Begin token definitions. */
-
-struct RXGK_TokenContainer {
- afs_int32 kvno;
- afs_int32 enctype;
- opaque encrypted_token<>;
-};
-struct RXGK_Token {
- afs_int32 enctype;
- opaque K0<>;
- RXGK_Level level;
- afs_uint32 lifetime;
- afs_uint32 bytelife;
- rxgkTime expirationtime;
- struct PrAuthName identities<>;
-};
-
-/* Begin definitions for AFSCombineTokens. */
-
-AFSCombineTokens(IN RXGK_Data *user_tok,
- IN RXGK_Data *cm_tok,
- IN RXGK_CombineOptions *options,
- IN afsUUID destination,
- OUT RXGK_Data *new_token,
- OUT RXGK_TokenInfo *token_info) = RXGK_AFSCOMBINETOKENS;
+++ /dev/null
-/* src/rxgk/rxgk_private.h - Declarations of RXGK-internal routines */
-/*
- * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * Prototypes for routines internal to RXGK.
- */
-
-#ifndef RXGK_PRIVATE_H
-#define RXGK_PRIVATE_H
-
-/* RX-internal headers we depend on. */
-#include <rx/rx_identity.h>
-
-/** Statistics about a connection. Bytes and packets sent/received. */
-struct rxgkStats {
- afs_uint32 brecv;
- afs_uint32 bsent;
- afs_uint32 precv;
- afs_uint32 psent;
-};
-
-/*
- * rgxk_server.c
- */
-
-/**
- * Security Object private data for the server.
- *
- * Per-connection flags, and a way to get a decryption key for what the client
- * sends us.
- */
-struct rxgk_sprivate {
- afs_int32 flags;
- void *rock;
- rxgk_getkey_func getkey;
-};
-/**
- * Per-connection security data for the server.
- *
- * Security level, authentication state, expiration, the current challenge
- * nonce, status, the connection start time and current key derivation key
- * number. Cache both the user identity and callback identity presented
- * in the token, for later use.
- */
-struct rxgk_sconn {
- RXGK_Level level;
- unsigned char tried_auth;
- unsigned char auth;
- rxgkTime expiration;
- unsigned char challenge[20];
- struct rxgkStats stats;
- rxgkTime start_time;
- struct rx_identity *client;
- afs_uint32 key_number;
- rxgk_key k0;
- RXGK_Data cb_tok;
- rxgk_key cb_key;
-};
-
-/*
- * rxgk_client.c
- */
-
-/**
- * Security Object private data for client.
- *
- * The session key ("token master key"), plust the enctype of the
- * token and the token itself.
- * UUIDs for both the client (cache manager) and target server. This is
- * doable because the token is either a db server (the target has no UUID)
- * or tied to a particular file server (which does have a UUID).
- */
-struct rxgk_cprivate {
- afs_int32 flags;
- rxgk_key k0;
- afs_int32 enctype;
- RXGK_Level level;
- RXGK_Data token;
- afsUUID *client_uuid;
- afsUUID *target_uuid;
-};
-/**
- * Per-connection security data for client.
- *
- * The start time of the connection and connection key number are used
- * for key derivation, information about the callback key to be presented in
- * the authenticator for the connection, and the requisite connection
- * statistics.
- */
-struct rxgk_cconn {
- rxgkTime start_time;
- afs_uint32 key_number;
- RXGK_Data cb_tok;
- RXGK_Data cb_k0;
- afs_int32 cb_enctype;
- struct rxgkStats stats;
-};
-
-#endif /* RXGK_PRIVATE_H */
+++ /dev/null
-/* rxgk/rxgk_procs.c - Server-side RPC procedures for RXGK */
-/*
- * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * Server-side RPC procedures for RXGK.
- */
-
-#include <afsconfig.h>
-#include <afs/param.h>
-#include <afs/stds.h>
-
-#include <rx/rx.h>
-#include <rx/rx_identity.h>
-#include <rx/rxgk.h>
-
-#include "rxgk_private.h"
-
-afs_int32
-SRXGK_GSSNegotiate(struct rx_call *z_call, RXGK_StartParams *client_start,
- RXGK_Data *input_token_buffer, RXGK_Data *opaque_in,
- RXGK_Data *output_token_buffer, RXGK_Data *opaque_out,
- afs_uint32 *gss_major_status, afs_uint32 *gss_minor_status,
- RXGK_Data *rxgk_info)
-{
- return RXGEN_OPCODE;
-}
-
-
-afs_int32
-SRXGK_CombineTokens(struct rx_call *z_call, RXGK_Data *token0,
- RXGK_Data *token1, RXGK_CombineOptions *options,
- RXGK_Data *new_token, RXGK_TokenInfo *info)
-{
- return RXGEN_OPCODE;
-}
-
-afs_int32
-SRXGK_AFSCombineTokens(struct rx_call *z_call, RXGK_Data *user_tok,
- RXGK_Data *cm_tok, RXGK_CombineOptions *options,
- afsUUID destination, RXGK_Data *new_token,
- RXGK_TokenInfo *info)
-{
- return RXGEN_OPCODE;
-}
+++ /dev/null
-/* rxgk/rxgk_server.c - server-specific security object routines */
-/*
- * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * Server-specific security object routines.
- */
-
-#include <afsconfig.h>
-#include <afs/param.h>
-#include <afs/stds.h>
-
-#include <afs/opr.h>
-#include <rx/rx.h>
-#include <rx/rx_packet.h>
-#include <rx/rxgk.h>
-
-#include "rxgk_private.h"
-
-/* Pre-declare the securityclass routines for the securityOps definition. */
-struct rx_securityClass *rxgk_NewServerSecurityObject(void *getkey_rock,
- rxgk_getkey_func getkey);
-static int rxgk_ServerClose(struct rx_securityClass *aobj);
-static int rxgk_NewServerConnection(struct rx_securityClass *aobj,
- struct rx_connection *aconn);
-static int rxgk_ServerPreparePacket(struct rx_securityClass *aobj,
- struct rx_call *acall,
- struct rx_packet *apacket);
-static int rxgk_CheckAuthentication(struct rx_securityClass *aobj,
- struct rx_connection *aconn);
-static int rxgk_CreateChallenge(struct rx_securityClass *aobj,
- struct rx_connection *aconn);
-static int rxgk_GetChallenge(struct rx_securityClass *aobj,
- struct rx_connection *aconn,
- struct rx_packet *apacket);
-static int rxgk_CheckResponse(struct rx_securityClass *aobj,
- struct rx_connection *aconn,
- struct rx_packet *apacket);
-static int rxgk_ServerCheckPacket(struct rx_securityClass *aobj,
- struct rx_call *acall, struct rx_packet *apacket);
-static int rxgk_DestroyServerConnection(struct rx_securityClass *aobj,
- struct rx_connection *aconn);
-static int rxgk_ServerGetStats(struct rx_securityClass *aobj,
- struct rx_connection *aconn,
- struct rx_securityObjectStats *astats);
-
-
-static struct rx_securityOps rxgk_server_ops = {
- rxgk_ServerClose,
- rxgk_NewServerConnection,
- rxgk_ServerPreparePacket, /* once per packet creation */
- 0, /* send packet (once per retrans) */
- rxgk_CheckAuthentication,
- rxgk_CreateChallenge,
- rxgk_GetChallenge,
- 0,
- rxgk_CheckResponse,
- rxgk_ServerCheckPacket, /* check data packet */
- rxgk_DestroyServerConnection,
- rxgk_ServerGetStats,
- 0,
- 0, /* spare 1 */
- 0, /* spare 2 */
-};
-
-static struct rx_securityClass dummySC = {
- &rxgk_server_ops,
- NULL,
- 0
-};
-
-struct rx_securityClass *
-rxgk_NewServerSecurityObject(void *getkey_rock, rxgk_getkey_func getkey)
-{
- return &dummySC;
-}
-
-static int
-rxgk_ServerClose(struct rx_securityClass *aobj)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_NewServerConnection(struct rx_securityClass *aobj, struct rx_connection *aconn)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_ServerPreparePacket(struct rx_securityClass *aobj, struct rx_call *acall,
- struct rx_packet *apacket)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_CheckAuthentication(struct rx_securityClass *aobj,
- struct rx_connection *aconn)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_CreateChallenge(struct rx_securityClass *aobj,
- struct rx_connection *aconn)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_GetChallenge(struct rx_securityClass *aobj, struct rx_connection *aconn,
- struct rx_packet *apacket)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_CheckResponse(struct rx_securityClass *aobj,
- struct rx_connection *aconn, struct rx_packet *apacket)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_ServerCheckPacket(struct rx_securityClass *aobj, struct rx_call *acall,
- struct rx_packet *apacket)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_DestroyServerConnection(struct rx_securityClass *aobj,
- struct rx_connection *aconn)
-{
- return RXGK_INCONSISTENCY;
-}
-
-static int
-rxgk_ServerGetStats(struct rx_securityClass *aobj, struct rx_connection *aconn,
- struct rx_securityObjectStats *astats)
-{
- return RXGK_INCONSISTENCY;
-}
projects / packages / o / openafs.git / commitdiff