diff options
author | Ilya Dryomov <idryomov@gmail.com> | 2020-10-26 16:47:20 +0100 |
---|---|---|
committer | Ilya Dryomov <idryomov@gmail.com> | 2020-12-14 23:21:50 +0100 |
commit | 285ea34fc876aa0a2c5e65d310c4a41269e2e5f2 (patch) | |
tree | f315fc65d18878d19f92848ae81c347315662ff9 /net/ceph/crypto.h | |
parent | libceph: safer en/decoding of cephx requests and replies (diff) | |
download | linux-285ea34fc876aa0a2c5e65d310c4a41269e2e5f2.tar.xz linux-285ea34fc876aa0a2c5e65d310c4a41269e2e5f2.zip |
libceph, ceph: incorporate nautilus cephx changes
- request service tickets together with auth ticket. Currently we get
auth ticket via CEPHX_GET_AUTH_SESSION_KEY op and then request service
tickets via CEPHX_GET_PRINCIPAL_SESSION_KEY op in a separate message.
Since nautilus, desired service tickets are shared togther with auth
ticket in CEPHX_GET_AUTH_SESSION_KEY reply.
- propagate session key and connection secret, if any. In preparation
for msgr2, update handle_reply() and verify_authorizer_reply() auth
ops to propagate session key and connection secret. Since nautilus,
if secure mode is negotiated, connection secret is shared either in
CEPHX_GET_AUTH_SESSION_KEY reply (for mons) or in a final authorizer
reply (for osds and mdses).
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Diffstat (limited to 'net/ceph/crypto.h')
-rw-r--r-- | net/ceph/crypto.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/ceph/crypto.h b/net/ceph/crypto.h index 96ef4d860bc9..13bd526349fa 100644 --- a/net/ceph/crypto.h +++ b/net/ceph/crypto.h @@ -5,6 +5,9 @@ #include <linux/ceph/types.h> #include <linux/ceph/buffer.h> +#define CEPH_KEY_LEN 16 +#define CEPH_MAX_CON_SECRET_LEN 64 + /* * cryptographic secret */ |