Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/rpc/rpcsec_tls.h
39475 views
1
/*-

2
 * SPDX-License-Identifier: BSD-2-Clause

3
 *

4
 * Copyright (c) 2020 Rick Macklem

5
 *

6
 * Redistribution and use in source and binary forms, with or without

7
 * modification, are permitted provided that the following conditions

8
 * are met:

9
 * 1. Redistributions of source code must retain the above copyright

10
 *    notice, this list of conditions and the following disclaimer.

11
 * 2. Redistributions in binary form must reproduce the above copyright

12
 *    notice, this list of conditions and the following disclaimer in the

13
 *    documentation and/or other materials provided with the distribution.

14
 *

15
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

16
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

17
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

18
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

19
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

20
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

21
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

22
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

23
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

24
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

25
 * SUCH DAMAGE.

26
 */

27


28
#ifndef	_RPC_RPCSEC_TLS_H_

29
#define	_RPC_RPCSEC_TLS_H_

30


31
/* System call used by the rpc.tlsclntd(8), rpc.tlsservd(8) daemons. */

32
int	rpctls_syscall(uint64_t);

33


34
/* Flag bits to indicate certificate results. */

35
#define	RPCTLS_FLAGS_HANDSHAKE	0x01

36
#define	RPCTLS_FLAGS_GOTCERT	0x02

37
#define	RPCTLS_FLAGS_SELFSIGNED	0x04

38
#define	RPCTLS_FLAGS_VERIFIED	0x08

39
#define	RPCTLS_FLAGS_DISABLED	0x10

40
#define	RPCTLS_FLAGS_CERTUSER	0x20

41
#define	RPCTLS_FLAGS_HANDSHFAIL	0x40

42


43
/* Error return values for upcall rpcs. */

44
#define	RPCTLSERR_OK		0

45
#define	RPCTLSERR_NOCLOSE	1

46
#define	RPCTLSERR_NOSSL		2

47
#define	RPCTLSERR_NOSOCKET	3

48


49
#ifdef _KERNEL

50
/* Functions that perform upcalls to the rpctlsd daemon. */

51
enum clnt_stat	rpctls_connect(CLIENT *newclient, char *certname,

52
		    struct socket *so, uint32_t *reterr);

53
enum clnt_stat	rpctls_cl_handlerecord(void *socookie, uint32_t *reterr);

54
enum clnt_stat	rpctls_srv_handlerecord(void *socookie, uint32_t *reterr);

55
enum clnt_stat	rpctls_cl_disconnect(void *socookie, uint32_t *reterr);

56
enum clnt_stat	rpctls_srv_disconnect(void *socookie, uint32_t *reterr);

57


58
/* Initialization function for rpcsec_tls. */

59
int		rpctls_init(void);

60


61
/* Get TLS information function. */

62
bool		rpctls_getinfo(u_int *maxlen, bool rpctlscd_run,

63
		    bool rpctlssd_run);

64


65
/* String for AUTH_TLS reply verifier. */

66
#define	RPCTLS_START_STRING	"STARTTLS"

67


68
/* Macros for VIMAGE. */

69
/* Just define the KRPC_VNETxxx() macros as VNETxxx() macros. */

70
#define	KRPC_VNET_NAME(n)		VNET_NAME(n)

71
#define	KRPC_VNET_DECLARE(t, n)		VNET_DECLARE(t, n)

72
#define	KRPC_VNET_DEFINE(t, n)		VNET_DEFINE(t, n)

73
#define	KRPC_VNET_DEFINE_STATIC(t, n)	VNET_DEFINE_STATIC(t, n)

74
#define	KRPC_VNET(n)			VNET(n)

75


76
#define	CTLFLAG_KRPC_VNET		CTLFLAG_VNET

77


78
#define	KRPC_CURVNET_SET(n)		CURVNET_SET(n)

79
#define	KRPC_CURVNET_SET_QUIET(n)	CURVNET_SET_QUIET(n)

80
#define	KRPC_CURVNET_RESTORE()		CURVNET_RESTORE()

81
#define	KRPC_TD_TO_VNET(n)		TD_TO_VNET(n)

82


83
#endif	/* _KERNEL */

84


85
#endif	/* _RPC_RPCSEC_TLS_H_ */

86


87