xref: /xnu-8792.81.2/bsd/nfs/nfs_gss.h (revision 19c3b8c28c31cb8130e034cfb5df6bf9ba342d90) 
1 /*
2  * Copyright (c) 2007-2015 Apple Inc. All rights reserved.
3  *
4  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5  *
6  * This file contains Original Code and/or Modifications of Original Code
7  * as defined in and that are subject to the Apple Public Source License
8  * Version 2.0 (the 'License'). You may not use this file except in
9  * compliance with the License. The rights granted to you under the License
10  * may not be used to create, or enable the creation or redistribution of,
11  * unlawful or unlicensed copies of an Apple operating system, or to
12  * circumvent, violate, or enable the circumvention or violation of, any
13  * terms of an Apple operating system software license agreement.
14  *
15  * Please obtain a copy of the License at
16  * http://www.opensource.apple.com/apsl/ and read it before using this file.
17  *
18  * The Original Code and all software distributed under the License are
19  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23  * Please see the License for the specific language governing rights and
24  * limitations under the License.
25  *
26  * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27  */
28 
29 #ifndef _NFS_NFS_GSS_H_
30 #define _NFS_NFS_GSS_H_
31 
32 #include "gss/gss_krb5_mech.h"
33 #include <gssd/gssd_mach.h>
34 #include <sys/param.h>
35 
36 #define RPCSEC_GSS                      6
37 #define RPCSEC_GSS_VERS_1               1
38 
39 enum rpcsec_gss_proc {
40 	RPCSEC_GSS_DATA                 = 0,
41 	RPCSEC_GSS_INIT                 = 1,
42 	RPCSEC_GSS_CONTINUE_INIT        = 2,
43 	RPCSEC_GSS_DESTROY              = 3
44 };
45 
46 enum rpcsec_gss_service {
47 	RPCSEC_GSS_SVC_NONE             = 1,    // sec=krb5
48 	RPCSEC_GSS_SVC_INTEGRITY        = 2,    // sec=krb5i
49 	RPCSEC_GSS_SVC_PRIVACY          = 3,    // sec=krb5p
50 };
51 
52 /*
53  * RFC 2203 and friends don't define maximums for token lengths
54  * and context handles. We try to pick reasonable values here.
55  *
56  * N.B. Kerberos mech tokens can be quite large from the output
57  * of a gss_init_sec_context if it includes a large PAC.
58  */
59 
60 #define GSS_MAX_TOKEN_LEN               64*1024
61 
62 /*
63  * Put a "reasonable" bound on MIC lengths
64  */
65 #define GSS_MAX_MIC_LEN                 2048
66 
67 #define GSS_MAXSEQ                      0x80000000      // The biggest sequence number
68 #define GSS_SVC_MAXCONTEXTS             500000          // Max contexts supported
69 #define GSS_SVC_SEQWINDOW               256             // Server's sequence window
70 
71 #define MAX_SKEYLEN     32
72 #define MAX_LUCIDLEN    (sizeof (lucid_context) + MAX_SKEYLEN)
73 
74 /*
75  * The server's RPCSEC_GSS context information
76  */
77 struct nfs_gss_svc_ctx {
78 	lck_mtx_t               gss_svc_mtx;
79 	LIST_ENTRY(nfs_gss_svc_ctx)     gss_svc_entries;
80 	uint32_t                gss_svc_handle;         // Identifies server context to client
81 	uint32_t                gss_svc_refcnt;         // Reference count
82 	uint32_t                gss_svc_proc;           // Current GSS proc from cred
83 	uid_t                   gss_svc_uid;            // UID of this user
84 	gid_t                   gss_svc_gids[NGROUPS];  // GIDs of this user
85 	uint32_t                gss_svc_ngroups;        // Count of gids
86 	uint64_t                gss_svc_incarnation;    // Delete ctx if we exceed this + ttl value
87 	uint32_t                gss_svc_seqmax;         // Current max GSS sequence number
88 	uint32_t                gss_svc_seqwin;         // GSS sequence number window
89 	uint32_t                *gss_svc_seqbits;       // Bitmap to track seq numbers
90 	gssd_cred               gss_svc_cred_handle;    // Opaque cred handle from gssd
91 	gssd_ctx                gss_svc_context;        // Opaque context handle from gssd
92 	gss_ctx_id_t            gss_svc_ctx_id;         // Underlying gss context
93 	u_char                  *gss_svc_token;         // GSS token exchanged via gssd & client
94 	uint32_t                gss_svc_tokenlen;       // Length of token
95 	uint32_t                gss_svc_major;          // GSS major result from gssd
96 	uint32_t                gss_svc_minor;          // GSS minor result from gssd
97 };
98 
99 #define SVC_CTX_HASHSZ  64
100 #define SVC_CTX_HASH(handle)    ((handle) % SVC_CTX_HASHSZ)
101 LIST_HEAD(nfs_gss_svc_ctx_hashhead, nfs_gss_svc_ctx);
102 
103 /*
104  * Macros to manipulate bits in the sequence window
105  */
106 #define win_getbit(bits, bit)      ((bits[(bit) / 32] &   (1 << (bit) % 32)) != 0)
107 #define win_setbit(bits, bit)   do { bits[(bit) / 32] |=  (1 << (bit) % 32); } while (0)
108 #define win_resetbit(bits, bit) do { bits[(bit) / 32] &= ~(1 << (bit) % 32); } while (0)
109 
110 /*
111  * Server context stale times
112  */
113 #define GSS_CTX_PEND            5               // seconds
114 #define GSS_CTX_EXPIRE          (8 * 3600)      // seconds
115 #define GSS_CTX_TTL_MIN         1               // seconds
116 #define GSS_TIMER_PERIOD        300             // seconds
117 #define MSECS_PER_SEC           1000
118 
119 __BEGIN_DECLS
120 
121 void    nfs_gss_svc_init(void);
122 int     nfs_gss_svc_cred_get(struct nfsrv_descript *, struct nfsm_chain *);
123 int     nfs_gss_svc_verf_put(struct nfsrv_descript *, struct nfsm_chain *);
124 int     nfs_gss_svc_ctx_init(struct nfsrv_descript *, struct nfsrv_sock *, mbuf_t *);
125 int     nfs_gss_svc_prepare_reply(struct nfsrv_descript *, struct nfsm_chain *);
126 int     nfs_gss_svc_protect_reply(struct nfsrv_descript *, mbuf_t);
127 void    nfs_gss_svc_ctx_deref(struct nfs_gss_svc_ctx *);
128 void    nfs_gss_svc_cleanup(void);
129 
130 __END_DECLS
131 #endif /* _NFS_NFS_GSS_H_ */
132