--- /dev/null
+/* rxgk.h - External interfaces for RXGK */
+/*
+ * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * External interfaces for RXGK.
+ */
+
+#ifndef OPENAFS_RXGK_H
+#define OPENAFS_RXGK_H
+
+/* Pull in the com_err table */
+#include <rx/rxgk_errs.h>
+
+/* Pull in the protocol description */
+#include <rx/rxgk_int.h>
+
+/* rxgk_key is an opaque type to wrap our RFC3961 implementation's concept
+ * of a key. It has (at least) the keyblock and length, and enctype. */
+typedef void * rxgk_key;
+
+typedef afs_int32 (*rxgk_getkey_func)(void *rock, afs_int32 *kvno,
+ afs_int32 *enctype, rxgk_key *key);
+/* rxgk_server.c */
+struct rx_securityClass * rxgk_NewServerSecurityObject(void *getkey_rock,
+ rxgk_getkey_func getkey);
+/* rxgk_client.c */
+struct rx_securityClass *rxgk_NewClientSecurityObject(RXGK_Level level,
+ afs_int32 enctype,
+ rxgk_key k0,
+ RXGK_Data *token,
+ afsUUID *uuid);
+
+#endif /* OPENAFS_RXGK_H */
--- /dev/null
+/* rxgk/rxgk_client.c - Client-only security object routines */
+/*
+ * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Client-only security object routines.
+ */
+
+#include <afsconfig.h>
+#include <afs/param.h>
+#include <afs/stds.h>
+
+/* OS-specific system headers go here */
+
+#include <rx/rx.h>
+#include <rx/rx_packet.h>
+#include <rx/rxgk.h>
+
+#include "rxgk_private.h"
+
+/* Pre-declare the securityclass routines for the securityOps definition. */
+static int rxgk_ClientClose(struct rx_securityClass *aobj);
+static int rxgk_NewClientConnection(struct rx_securityClass *aobj,
+ struct rx_connection *aconn);
+static int rxgk_ClientPreparePacket(struct rx_securityClass *aobj,
+ struct rx_call *acall,
+ struct rx_packet *apacket);
+static int rxgk_GetResponse(struct rx_securityClass *aobj,
+ struct rx_connection *aconn,
+ struct rx_packet *apacket);
+static int rxgk_ClientCheckPacket(struct rx_securityClass *aobj,
+ struct rx_call *acall,
+ struct rx_packet *apacket);
+static int rxgk_DestroyClientConnection(struct rx_securityClass *aobj,
+ struct rx_connection *aconn);
+static int rxgk_ClientGetStats(struct rx_securityClass *aobj,
+ struct rx_connection *aconn,
+ struct rx_securityObjectStats *astats);
+
+static struct rx_securityOps rxgk_client_ops = {
+ rxgk_ClientClose,
+ rxgk_NewClientConnection, /* every new connection */
+ rxgk_ClientPreparePacket, /* once per packet creation */
+ 0, /* send packet (once per retrans) */
+ 0,
+ 0,
+ 0,
+ rxgk_GetResponse, /* respond to challenge packet */
+ 0,
+ rxgk_ClientCheckPacket, /* check data packet */
+ rxgk_DestroyClientConnection,
+ rxgk_ClientGetStats,
+ 0,
+ 0,
+ 0,
+};
+
+static struct rx_securityClass dummySC = {
+ &rxgk_client_ops,
+ NULL,
+ 0
+};
+
+struct rx_securityClass *
+rxgk_NewClientSecurityObject(RXGK_Level level, afs_int32 enctype, rxgk_key k0,
+ RXGK_Data *token, afsUUID *uuid)
+{
+ return &dummySC;
+}
+
+static int
+rxgk_ClientClose(struct rx_securityClass *aobj)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_NewClientConnection(struct rx_securityClass *aobj,
+ struct rx_connection *aconn)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_ClientPreparePacket(struct rx_securityClass *aobj, struct rx_call *acall,
+ struct rx_packet *apacket)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_GetResponse(struct rx_securityClass *aobj, struct rx_connection *aconn,
+ struct rx_packet *apacket)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_ClientCheckPacket(struct rx_securityClass *aobj, struct rx_call *acall,
+ struct rx_packet *apacket)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_DestroyClientConnection(struct rx_securityClass *aobj,
+ struct rx_connection *aconn)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_ClientGetStats(struct rx_securityClass *aobj, struct rx_connection *aconn,
+ struct rx_securityObjectStats *astats)
+{
+ return RXGK_INCONSISTENCY;
+}
--- /dev/null
+error_table RXGK
+ ec RXGK_INCONSISTENCY, "Security module structure inconsistent"
+ ec RXGK_PACKETSHORT, "Packet too short for security challenge"
+ ec RXGK_BADCHALLENGE, "Invalid security challenge"
+ ec RXGK_BADETYPE, "Invalid or impermissible encryption type"
+ ec RXGK_BADLEVEL, "Invalid or impermissible security level"
+ ec RXGK_BADKEYNO, "Key version number not found"
+ ec RXGK_EXPIRED, "Token has expired"
+ ec RXGK_NOTAUTH, "Caller not authorized"
+ ec RXGK_BAD_TOKEN, "Security object was passed a bad token"
+ ec RXGK_SEALED_INCON, "Sealed data inconsistent"
+ ec RXGK_DATA_LEN, "User data too long"
+ ec RXGK_BAD_QOP, "Inadequate quality of protection available"
+end
--- /dev/null
+/*
+ * Protocol descriptions for core RXGK structures and RPCs.
+ */
+
+package RXGK_
+prefix S
+
+/* constants for RXGK RPC numbers */
+#define RXGK_GSSNEGOTIATE 1
+#define RXGK_COMBINETOKENS 2
+#define RXGK_AFSCOMBINETOKENS 3
+
+/* RPC-L from draft-wilkinson-afs3-rxgk */
+
+/* General values */
+
+typedef afs_int64 rxgkTime;
+
+/* key usage values */
+const RXGK_CLIENT_ENC_PACKET = 1026;
+const RXGK_CLIENT_MIC_PACKET = 1027;
+const RXGK_SERVER_ENC_PACKET = 1028;
+const RXGK_SERVER_MIC_PACKET = 1029;
+const RXGK_CLIENT_ENC_RESPONSE = 1030;
+const RXGK_SERVER_ENC_TOKEN = 1036;
+
+/* Security levels */
+enum RXGK_Level {
+ RXGK_LEVEL_CLEAR = 0,
+ RXGK_LEVEL_AUTH = 1,
+ RXGK_LEVEL_CRYPT = 2
+};
+
+/* limits for variable-length arrays */
+const RXGK_MAXENCTYPES = 255;
+const RXGK_MAXLEVELS = 255;
+const RXGK_MAXMIC = 1024;
+const RXGK_MAXNONCE = 1024;
+const RXGK_MAXDATA = 1048576;
+
+typedef afs_int32 RXGK_Enctypes<RXGK_MAXENCTYPES>;
+typedef opaque RXGK_Data<RXGK_MAXDATA>;
+
+/* Begin definitions for RXGK_GSSNegotiate. */
+
+struct RXGK_StartParams {
+ RXGK_Enctypes enctypes;
+ RXGK_Level levels<RXGK_MAXLEVELS>;
+ afs_uint32 lifetime;
+ afs_uint32 bytelife;
+ opaque client_nonce<RXGK_MAXNONCE>;
+};
+
+struct RXGK_ClientInfo {
+ afs_int32 errorcode;
+ afs_int32 enctype;
+ RXGK_Level level;
+ afs_uint32 lifetime;
+ afs_uint32 bytelife;
+ rxgkTime expiration;
+ opaque mic<RXGK_MAXMIC>;
+ RXGK_Data token;
+ opaque server_nonce<RXGK_MAXNONCE>;
+};
+
+GSSNegotiate(IN RXGK_StartParams *client_start,
+ IN RXGK_Data *input_token_buffer,
+ IN RXGK_Data *opaque_in,
+ OUT RXGK_Data *output_token_buffer,
+ OUT RXGK_Data *opaque_out,
+ OUT afs_uint32 *gss_major_status,
+ OUT afs_uint32 *gss_minor_status,
+ OUT RXGK_Data *rxgk_info) = RXGK_GSSNEGOTIATE;
+
+/* Begin definitions for RXGK_CombineTokens. */
+
+struct RXGK_CombineOptions {
+ RXGK_Enctypes enctypes;
+ RXGK_Level levels<RXGK_MAXLEVELS>;
+};
+
+struct RXGK_TokenInfo {
+ afs_int32 enctype;
+ RXGK_Level level;
+ afs_uint32 lifetime;
+ afs_uint32 bytelife;
+ rxgkTime expiration;
+};
+
+CombineTokens(IN RXGK_Data *token0, IN RXGK_Data *token1,
+ IN RXGK_CombineOptions *options,
+ OUT RXGK_Data *new_token,
+ OUT RXGK_TokenInfo *info) = RXGK_COMBINETOKENS;
+
+/* Begin definitions for security class operation. */
+
+/* RX challenge and response structures */
+struct RXGK_Challenge {
+ opaque nonce[20];
+};
+const RXGK_MAXAUTHENTICATOR = 1416; /* better fit in a packet! */
+struct RXGK_Response {
+ rxgkTime start_time;
+ RXGK_Data token;
+ opaque authenticator<RXGK_MAXAUTHENTICATOR>;
+};
+
+struct RXGK_Authenticator {
+ opaque nonce[20];
+ opaque appdata<>;
+ RXGK_Level level;
+ afs_uint32 epoch;
+ afs_uint32 cid;
+ afs_uint32 call_numbers<>;
+};
+
+/* RPC-L from draft-brashear-afs3-pts-extended-names-09 (final). */
+
+#define AUTHDATAMAX 2048
+#define AUTHPRINTABLEMAX 2048
+struct PrAuthName {
+ afs_int32 kind;
+ opaque data<AUTHDATAMAX>;
+ opaque display<AUTHPRINTABLEMAX>;
+};
+
+/* RPC-L from draft-wilkinson-afs3-rxgk-afs. */
+
+/* Begin authenticator appdata definition. */
+
+struct RXGK_Authenticator_AFSAppData {
+ afsUUID client_uuid;
+ RXGK_Data cb_tok;
+ RXGK_Data cb_key;
+ afs_int32 enctype;
+ afsUUID target_uuid;
+};
+
+/* Begin token definitions. */
+
+struct RXGK_TokenContainer {
+ afs_int32 kvno;
+ afs_int32 enctype;
+ opaque encrypted_token<>;
+};
+struct RXGK_Token {
+ afs_int32 enctype;
+ opaque K0<>;
+ RXGK_Level level;
+ afs_uint32 lifetime;
+ afs_uint32 bytelife;
+ rxgkTime expirationtime;
+ struct PrAuthName identities<>;
+};
+
+/* Begin definitions for AFSCombineTokens. */
+
+AFSCombineTokens(IN RXGK_Data *user_tok,
+ IN RXGK_Data *cm_tok,
+ IN RXGK_CombineOptions *options,
+ IN afsUUID destination,
+ OUT RXGK_Data *new_token,
+ OUT RXGK_TokenInfo *token_info) = RXGK_AFSCOMBINETOKENS;
--- /dev/null
+/* src/rxgk/rxgk_private.h - Declarations of RXGK-internal routines */
+/*
+ * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Prototypes for routines internal to RXGK.
+ */
+
+#ifndef RXGK_PRIVATE_H
+#define RXGK_PRIVATE_H
+
+/* RX-internal headers we depend on. */
+#include <rx/rx_identity.h>
+
+/** Statistics about a connection. Bytes and packets sent/received. */
+struct rxgkStats {
+ afs_uint32 brecv;
+ afs_uint32 bsent;
+ afs_uint32 precv;
+ afs_uint32 psent;
+};
+
+/*
+ * rgxk_server.c
+ */
+
+/**
+ * Security Object private data for the server.
+ *
+ * Per-connection flags, and a way to get a decryption key for what the client
+ * sends us.
+ */
+struct rxgk_sprivate {
+ afs_int32 flags;
+ void *rock;
+ rxgk_getkey_func getkey;
+};
+/**
+ * Per-connection security data for the server.
+ *
+ * Security level, authentication state, expiration, the current challenge
+ * nonce, status, the connection start time and current key derivation key
+ * number. Cache both the user identity and callback identity presented
+ * in the token, for later use.
+ */
+struct rxgk_sconn {
+ RXGK_Level level;
+ unsigned char tried_auth;
+ unsigned char auth;
+ rxgkTime expiration;
+ unsigned char challenge[20];
+ struct rxgkStats stats;
+ rxgkTime start_time;
+ struct rx_identity *client;
+ afs_uint32 key_number;
+ rxgk_key k0;
+ RXGK_Data cb_tok;
+ rxgk_key cb_key;
+};
+
+/*
+ * rxgk_client.c
+ */
+
+/**
+ * Security Object private data for client.
+ *
+ * The session key ("token master key"), plust the enctype of the
+ * token and the token itself.
+ * UUIDs for both the client (cache manager) and target server. This is
+ * doable because the token is either a db server (the target has no UUID)
+ * or tied to a particular file server (which does have a UUID).
+ */
+struct rxgk_cprivate {
+ afs_int32 flags;
+ rxgk_key k0;
+ afs_int32 enctype;
+ RXGK_Level level;
+ RXGK_Data token;
+ afsUUID *client_uuid;
+ afsUUID *target_uuid;
+};
+/**
+ * Per-connection security data for client.
+ *
+ * The start time of the connection and connection key number are used
+ * for key derivation, information about the callback key to be presented in
+ * the authenticator for the connection, and the requisite connection
+ * statistics.
+ */
+struct rxgk_cconn {
+ rxgkTime start_time;
+ afs_uint32 key_number;
+ RXGK_Data cb_tok;
+ RXGK_Data cb_k0;
+ afs_int32 cb_enctype;
+ struct rxgkStats stats;
+};
+
+#endif /* RXGK_PRIVATE_H */
--- /dev/null
+/* rxgk/rxgk_procs.c - Server-side RPC procedures for RXGK */
+/*
+ * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Server-side RPC procedures for RXGK.
+ */
+
+#include <afsconfig.h>
+#include <afs/param.h>
+#include <afs/stds.h>
+
+#include <rx/rx.h>
+#include <rx/rx_identity.h>
+#include <rx/rxgk.h>
+
+#include "rxgk_private.h"
+
+afs_int32
+SRXGK_GSSNegotiate(struct rx_call *z_call, RXGK_StartParams *client_start,
+ RXGK_Data *input_token_buffer, RXGK_Data *opaque_in,
+ RXGK_Data *output_token_buffer, RXGK_Data *opaque_out,
+ afs_uint32 *gss_major_status, afs_uint32 *gss_minor_status,
+ RXGK_Data *rxgk_info)
+{
+ return RXGEN_OPCODE;
+}
+
+
+afs_int32
+SRXGK_CombineTokens(struct rx_call *z_call, RXGK_Data *token0,
+ RXGK_Data *token1, RXGK_CombineOptions *options,
+ RXGK_Data *new_token, RXGK_TokenInfo *info)
+{
+ return RXGEN_OPCODE;
+}
+
+afs_int32
+SRXGK_AFSCombineTokens(struct rx_call *z_call, RXGK_Data *user_tok,
+ RXGK_Data *cm_tok, RXGK_CombineOptions *options,
+ afsUUID destination, RXGK_Data *new_token,
+ RXGK_TokenInfo *info)
+{
+ return RXGEN_OPCODE;
+}
--- /dev/null
+/* rxgk/rxgk_server.c - server-specific security object routines */
+/*
+ * Copyright (C) 2013, 2014 by the Massachusetts Institute of Technology.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Server-specific security object routines.
+ */
+
+#include <afsconfig.h>
+#include <afs/param.h>
+#include <afs/stds.h>
+
+#include <afs/opr.h>
+#include <rx/rx.h>
+#include <rx/rx_packet.h>
+#include <rx/rxgk.h>
+
+#include "rxgk_private.h"
+
+/* Pre-declare the securityclass routines for the securityOps definition. */
+struct rx_securityClass *rxgk_NewServerSecurityObject(void *getkey_rock,
+ rxgk_getkey_func getkey);
+static int rxgk_ServerClose(struct rx_securityClass *aobj);
+static int rxgk_NewServerConnection(struct rx_securityClass *aobj,
+ struct rx_connection *aconn);
+static int rxgk_ServerPreparePacket(struct rx_securityClass *aobj,
+ struct rx_call *acall,
+ struct rx_packet *apacket);
+static int rxgk_CheckAuthentication(struct rx_securityClass *aobj,
+ struct rx_connection *aconn);
+static int rxgk_CreateChallenge(struct rx_securityClass *aobj,
+ struct rx_connection *aconn);
+static int rxgk_GetChallenge(struct rx_securityClass *aobj,
+ struct rx_connection *aconn,
+ struct rx_packet *apacket);
+static int rxgk_CheckResponse(struct rx_securityClass *aobj,
+ struct rx_connection *aconn,
+ struct rx_packet *apacket);
+static int rxgk_ServerCheckPacket(struct rx_securityClass *aobj,
+ struct rx_call *acall, struct rx_packet *apacket);
+static int rxgk_DestroyServerConnection(struct rx_securityClass *aobj,
+ struct rx_connection *aconn);
+static int rxgk_ServerGetStats(struct rx_securityClass *aobj,
+ struct rx_connection *aconn,
+ struct rx_securityObjectStats *astats);
+
+
+static struct rx_securityOps rxgk_server_ops = {
+ rxgk_ServerClose,
+ rxgk_NewServerConnection,
+ rxgk_ServerPreparePacket, /* once per packet creation */
+ 0, /* send packet (once per retrans) */
+ rxgk_CheckAuthentication,
+ rxgk_CreateChallenge,
+ rxgk_GetChallenge,
+ 0,
+ rxgk_CheckResponse,
+ rxgk_ServerCheckPacket, /* check data packet */
+ rxgk_DestroyServerConnection,
+ rxgk_ServerGetStats,
+ 0,
+ 0, /* spare 1 */
+ 0, /* spare 2 */
+};
+
+static struct rx_securityClass dummySC = {
+ &rxgk_server_ops,
+ NULL,
+ 0
+};
+
+struct rx_securityClass *
+rxgk_NewServerSecurityObject(void *getkey_rock, rxgk_getkey_func getkey)
+{
+ return &dummySC;
+}
+
+static int
+rxgk_ServerClose(struct rx_securityClass *aobj)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_NewServerConnection(struct rx_securityClass *aobj, struct rx_connection *aconn)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_ServerPreparePacket(struct rx_securityClass *aobj, struct rx_call *acall,
+ struct rx_packet *apacket)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_CheckAuthentication(struct rx_securityClass *aobj,
+ struct rx_connection *aconn)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_CreateChallenge(struct rx_securityClass *aobj,
+ struct rx_connection *aconn)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_GetChallenge(struct rx_securityClass *aobj, struct rx_connection *aconn,
+ struct rx_packet *apacket)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_CheckResponse(struct rx_securityClass *aobj,
+ struct rx_connection *aconn, struct rx_packet *apacket)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_ServerCheckPacket(struct rx_securityClass *aobj, struct rx_call *acall,
+ struct rx_packet *apacket)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_DestroyServerConnection(struct rx_securityClass *aobj,
+ struct rx_connection *aconn)
+{
+ return RXGK_INCONSISTENCY;
+}
+
+static int
+rxgk_ServerGetStats(struct rx_securityClass *aobj, struct rx_connection *aconn,
+ struct rx_securityObjectStats *astats)
+{
+ return RXGK_INCONSISTENCY;
+}
projects / packages / o / openafs.git / commitdiff