Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394...

[karo-tx-linux.git] / include / keys / rxrpc-type.h
diff --git a/include/keys/rxrpc-type.h b/include/keys/rxrpc-type.h

index c0d91218fdd308e05bd6d254c15060882831f7ad..5cb86c307f5d791298ae0add65bcd1f98dd781fb 100644 (file)
--- a/include/keys/rxrpc-type.h
+++ b/include/keys/rxrpc-type.h
@@ -35,6 +35,54 @@ struct rxkad_key {
         u8      ticket[0];              /* the encrypted ticket */
  };
  
+/*
+ * Kerberos 5 principal
+ *     name/name/name@realm
+ */
+struct krb5_principal {
+       u8      n_name_parts;           /* N of parts of the name part of the principal */
+       char    **name_parts;           /* parts of the name part of the principal */
+       char    *realm;                 /* parts of the realm part of the principal */
+};
+
+/*
+ * Kerberos 5 tagged data
+ */
+struct krb5_tagged_data {
+       /* for tag value, see /usr/include/krb5/krb5.h
+        * - KRB5_AUTHDATA_* for auth data
+        * - 
+        */
+       s32             tag;
+       u32             data_len;
+       u8              *data;
+};
+
+/*
+ * RxRPC key for Kerberos V (type-5 security)
+ */
+struct rxk5_key {
+       u64                     authtime;       /* time at which auth token generated */
+       u64                     starttime;      /* time at which auth token starts */
+       u64                     endtime;        /* time at which auth token expired */
+       u64                     renew_till;     /* time to which auth token can be renewed */
+       s32                     is_skey;        /* T if ticket is encrypted in another ticket's
+                                                * skey */
+       s32                     flags;          /* mask of TKT_FLG_* bits (krb5/krb5.h) */
+       struct krb5_principal   client;         /* client principal name */
+       struct krb5_principal   server;         /* server principal name */
+       u16                     ticket_len;     /* length of ticket */
+       u16                     ticket2_len;    /* length of second ticket */
+       u8                      n_authdata;     /* number of authorisation data elements */
+       u8                      n_addresses;    /* number of addresses */
+       struct krb5_tagged_data session;        /* session data; tag is enctype */
+       struct krb5_tagged_data *addresses;     /* addresses */
+       u8                      *ticket;        /* krb5 ticket */
+       u8                      *ticket2;       /* second krb5 ticket, if related to ticket (via
+                                                * DUPLICATE-SKEY or ENC-TKT-IN-SKEY) */
+       struct krb5_tagged_data *authdata;      /* authorisation data */
+};
+
  /*
   * list of tokens attached to an rxrpc key
   */
@@ -43,6 +91,7 @@ struct rxrpc_key_token {
         struct rxrpc_key_token *next;   /* the next token in the list */
         union {
                 struct rxkad_key *kad;
+               struct rxk5_key *k5;
         };
  };
  
@@ -64,8 +113,11 @@ struct rxrpc_key_data_v1 {
   * - based on openafs-1.4.10/src/auth/afs_token.xg
   */
  #define AFSTOKEN_LENGTH_MAX            16384   /* max payload size */
+#define AFSTOKEN_STRING_MAX            256     /* max small string length */
+#define AFSTOKEN_DATA_MAX              64      /* max small data length */
  #define AFSTOKEN_CELL_MAX              64      /* max cellname length */
  #define AFSTOKEN_MAX                   8       /* max tokens per payload */
+#define AFSTOKEN_BDATALN_MAX           16384   /* max big data length */
  #define AFSTOKEN_RK_TIX_MAX            12000   /* max RxKAD ticket size */
  #define AFSTOKEN_GK_KEY_MAX            64      /* max GSSAPI key size */
  #define AFSTOKEN_GK_TOKEN_MAX          16384   /* max GSSAPI token size */