1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef	_CHAP_H
27 #define	_CHAP_H
28 
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32 
33 #include <netinet/in.h>
34 #include <sys/int_types.h>
35 
36 #include <sys/scsi/adapters/iscsi_if.h>
37 #include <radius_protocol.h>
38 
39 typedef enum chap_validation_status_type {
40 	CHAP_VALIDATION_PASSED,			/* CHAP validation passed */
41 	CHAP_VALIDATION_INVALID_RESPONSE,	/* Invalid CHAP response */
42 	CHAP_VALIDATION_DUP_SECRET,		/* Same CHAP secret used */
43 						/* for authentication in the */
44 						/* other direction */
45 	CHAP_VALIDATION_UNKNOWN_AUTH_METHOD,	/* Unknown authentication */
46 						/*   method */
47 	CHAP_VALIDATION_INTERNAL_ERROR,		/* MISC internal error */
48 	CHAP_VALIDATION_RADIUS_ACCESS_ERROR,	/* Problem accessing RADIUS */
49 	CHAP_VALIDATION_BAD_RADIUS_SECRET,	/* Invalid RADIUS shared */
50 						/*   secret */
51 	CHAP_VALIDATION_UNKNOWN_RADIUS_CODE	/* Irrelevant or unknown */
52 						/*   RADIUS packet code */
53 						/*   returned */
54 } chap_validation_status_type;
55 
56 typedef enum authentication_method_type {
57 	RADIUS_AUTHENTICATION,
58 	DIRECT_AUTHENTICATION
59 } authentication_method_type;
60 
61 typedef struct radius_config {
62 	iscsi_ipaddr_t	rad_svr_addr;	/* IPv6 enabled */
63 	uint32_t	rad_svr_port;
64 	uint8_t		rad_svr_shared_secret[MAX_RAD_SHARED_SECRET_LEN];
65 	uint32_t	rad_svr_shared_secret_len;
66 } RADIUS_CONFIG;
67 
68 /*
69  * To validate a target CHAP response given the associated challenge.
70  *
71  * target_chap_name - The CHAP name of the target being authenticated.
72  * initiator_chap_name - The CHAP name of the authenticating initiator.
73  * challenge - The CHAP challenge to which the target responded.
74  * challeng_length - The length of CHAP challenge.
75  * target_response - The target's CHAP response to be validated.
76  * response_length - The length of target's CHAP response.
77  * identifier - The identifier associated with the CHAP challenge.
78  * auth_method - The authentication method to be used.
79  * auth_config_data - Any required configuration data to support the
80  *                    specified authentication method.
81  */
82 chap_validation_status_type
83 chap_validate_tgt(
84 	char *target_chap_name,
85 	char *initiator_chap_name,
86 	uint8_t *challenge,
87 	uint32_t challenge_length,
88 	uint8_t *target_response,
89 	uint32_t response_length,
90 	uint8_t identifier,
91 	authentication_method_type auth_method,
92 	void *auth_config_data);
93 
94 #ifdef __cplusplus
95 }
96 #endif
97 
98 #endif /* _CHAP_H */
99