1 /* 2 * Copyright (c) 2007-2015 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29 #ifndef _NFS_NFS_GSS_H_ 30 #define _NFS_NFS_GSS_H_ 31 32 #include "gss/gss_krb5_mech.h" 33 #include <gssd/gssd_mach.h> 34 #include <sys/param.h> 35 36 #define RPCSEC_GSS 6 37 #define RPCSEC_GSS_VERS_1 1 38 39 enum rpcsec_gss_proc { 40 RPCSEC_GSS_DATA = 0, 41 RPCSEC_GSS_INIT = 1, 42 RPCSEC_GSS_CONTINUE_INIT = 2, 43 RPCSEC_GSS_DESTROY = 3 44 }; 45 46 enum rpcsec_gss_service { 47 RPCSEC_GSS_SVC_NONE = 1, // sec=krb5 48 RPCSEC_GSS_SVC_INTEGRITY = 2, // sec=krb5i 49 RPCSEC_GSS_SVC_PRIVACY = 3, // sec=krb5p 50 }; 51 52 /* 53 * RFC 2203 and friends don't define maximums for token lengths 54 * and context handles. We try to pick reasonable values here. 55 * 56 * N.B. Kerberos mech tokens can be quite large from the output 57 * of a gss_init_sec_context if it includes a large PAC. 58 */ 59 60 #define GSS_MAX_TOKEN_LEN 64*1024 61 62 /* 63 * Put a "reasonable" bound on MIC lengths 64 */ 65 #define GSS_MAX_MIC_LEN 2048 66 67 #define GSS_MAXSEQ 0x80000000 // The biggest sequence number 68 #define GSS_SVC_MAXCONTEXTS 500000 // Max contexts supported 69 #define GSS_SVC_SEQWINDOW 256 // Server's sequence window 70 71 #define MAX_SKEYLEN 32 72 #define MAX_LUCIDLEN (sizeof (lucid_context) + MAX_SKEYLEN) 73 74 /* 75 * The server's RPCSEC_GSS context information 76 */ 77 struct nfs_gss_svc_ctx { 78 lck_mtx_t gss_svc_mtx; 79 LIST_ENTRY(nfs_gss_svc_ctx) gss_svc_entries; 80 uint32_t gss_svc_handle; // Identifies server context to client 81 uint32_t gss_svc_refcnt; // Reference count 82 uint32_t gss_svc_proc; // Current GSS proc from cred 83 uid_t gss_svc_uid; // UID of this user 84 gid_t gss_svc_gids[NGROUPS]; // GIDs of this user 85 uint32_t gss_svc_ngroups; // Count of gids 86 uint64_t gss_svc_incarnation; // Delete ctx if we exceed this + ttl value 87 uint32_t gss_svc_seqmax; // Current max GSS sequence number 88 uint32_t gss_svc_seqwin; // GSS sequence number window 89 uint32_t *gss_svc_seqbits; // Bitmap to track seq numbers 90 gssd_cred gss_svc_cred_handle; // Opaque cred handle from gssd 91 gssd_ctx gss_svc_context; // Opaque context handle from gssd 92 gss_ctx_id_t gss_svc_ctx_id; // Underlying gss context 93 u_char *gss_svc_token; // GSS token exchanged via gssd & client 94 uint32_t gss_svc_tokenlen; // Length of token 95 uint32_t gss_svc_major; // GSS major result from gssd 96 uint32_t gss_svc_minor; // GSS minor result from gssd 97 }; 98 99 #define SVC_CTX_HASHSZ 64 100 #define SVC_CTX_HASH(handle) ((handle) % SVC_CTX_HASHSZ) 101 LIST_HEAD(nfs_gss_svc_ctx_hashhead, nfs_gss_svc_ctx); 102 103 /* 104 * Macros to manipulate bits in the sequence window 105 */ 106 #define win_getbit(bits, bit) ((bits[(bit) / 32] & (1 << (bit) % 32)) != 0) 107 #define win_setbit(bits, bit) do { bits[(bit) / 32] |= (1 << (bit) % 32); } while (0) 108 #define win_resetbit(bits, bit) do { bits[(bit) / 32] &= ~(1 << (bit) % 32); } while (0) 109 110 /* 111 * Server context stale times 112 */ 113 #define GSS_CTX_PEND 5 // seconds 114 #define GSS_CTX_EXPIRE (8 * 3600) // seconds 115 #define GSS_CTX_TTL_MIN 1 // seconds 116 #define GSS_TIMER_PERIOD 300 // seconds 117 #define MSECS_PER_SEC 1000 118 119 __BEGIN_DECLS 120 121 void nfs_gss_svc_init(void); 122 int nfs_gss_svc_cred_get(struct nfsrv_descript *, struct nfsm_chain *); 123 int nfs_gss_svc_verf_put(struct nfsrv_descript *, struct nfsm_chain *); 124 int nfs_gss_svc_ctx_init(struct nfsrv_descript *, struct nfsrv_sock *, mbuf_t *); 125 int nfs_gss_svc_prepare_reply(struct nfsrv_descript *, struct nfsm_chain *); 126 int nfs_gss_svc_protect_reply(struct nfsrv_descript *, mbuf_t); 127 void nfs_gss_svc_ctx_deref(struct nfs_gss_svc_ctx *); 128 void nfs_gss_svc_cleanup(void); 129 130 __END_DECLS 131 #endif /* _NFS_NFS_GSS_H_ */ 132