1fcf3ce44SJohn Forte /*
2fcf3ce44SJohn Forte  * CDDL HEADER START
3fcf3ce44SJohn Forte  *
4fcf3ce44SJohn Forte  * The contents of this file are subject to the terms of the
5fcf3ce44SJohn Forte  * Common Development and Distribution License (the "License").
6fcf3ce44SJohn Forte  * You may not use this file except in compliance with the License.
7fcf3ce44SJohn Forte  *
8fcf3ce44SJohn Forte  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9fcf3ce44SJohn Forte  * or http://www.opensolaris.org/os/licensing.
10fcf3ce44SJohn Forte  * See the License for the specific language governing permissions
11fcf3ce44SJohn Forte  * and limitations under the License.
12fcf3ce44SJohn Forte  *
13fcf3ce44SJohn Forte  * When distributing Covered Code, include this CDDL HEADER in each
14fcf3ce44SJohn Forte  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15fcf3ce44SJohn Forte  * If applicable, add the following below this CDDL HEADER, with the
16fcf3ce44SJohn Forte  * fields enclosed by brackets "[]" replaced with your own identifying
17fcf3ce44SJohn Forte  * information: Portions Copyright [yyyy] [name of copyright owner]
18fcf3ce44SJohn Forte  *
19fcf3ce44SJohn Forte  * CDDL HEADER END
20fcf3ce44SJohn Forte  */
21fcf3ce44SJohn Forte /*
22*5df5713fSbing zhao - Sun Microsystems - Beijing China  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23fcf3ce44SJohn Forte  * Use is subject to license terms.
24fcf3ce44SJohn Forte  */
25fcf3ce44SJohn Forte 
26fcf3ce44SJohn Forte #ifndef	_CHAP_H
27fcf3ce44SJohn Forte #define	_CHAP_H
28fcf3ce44SJohn Forte 
29fcf3ce44SJohn Forte #ifdef __cplusplus
30fcf3ce44SJohn Forte extern "C" {
31fcf3ce44SJohn Forte #endif
32fcf3ce44SJohn Forte 
33fcf3ce44SJohn Forte #include <netinet/in.h>
34fcf3ce44SJohn Forte #include <sys/int_types.h>
35fcf3ce44SJohn Forte 
36fcf3ce44SJohn Forte #include <sys/scsi/adapters/iscsi_if.h>
37fcf3ce44SJohn Forte #include <radius_protocol.h>
38fcf3ce44SJohn Forte 
39fcf3ce44SJohn Forte typedef enum chap_validation_status_type {
40fcf3ce44SJohn Forte 	CHAP_VALIDATION_PASSED,			/* CHAP validation passed */
41fcf3ce44SJohn Forte 	CHAP_VALIDATION_INVALID_RESPONSE,	/* Invalid CHAP response */
42fcf3ce44SJohn Forte 	CHAP_VALIDATION_DUP_SECRET,		/* Same CHAP secret used */
43fcf3ce44SJohn Forte 						/* for authentication in the */
44fcf3ce44SJohn Forte 						/* other direction */
45fcf3ce44SJohn Forte 	CHAP_VALIDATION_UNKNOWN_AUTH_METHOD,	/* Unknown authentication */
46fcf3ce44SJohn Forte 						/*   method */
47fcf3ce44SJohn Forte 	CHAP_VALIDATION_INTERNAL_ERROR,		/* MISC internal error */
48fcf3ce44SJohn Forte 	CHAP_VALIDATION_RADIUS_ACCESS_ERROR,	/* Problem accessing RADIUS */
49fcf3ce44SJohn Forte 	CHAP_VALIDATION_BAD_RADIUS_SECRET,	/* Invalid RADIUS shared */
50fcf3ce44SJohn Forte 						/*   secret */
51fcf3ce44SJohn Forte 	CHAP_VALIDATION_UNKNOWN_RADIUS_CODE	/* Irrelevant or unknown */
52fcf3ce44SJohn Forte 						/*   RADIUS packet code */
53fcf3ce44SJohn Forte 						/*   returned */
54fcf3ce44SJohn Forte } chap_validation_status_type;
55fcf3ce44SJohn Forte 
56fcf3ce44SJohn Forte typedef enum authentication_method_type {
57fcf3ce44SJohn Forte 	RADIUS_AUTHENTICATION,
58fcf3ce44SJohn Forte 	DIRECT_AUTHENTICATION
59fcf3ce44SJohn Forte } authentication_method_type;
60fcf3ce44SJohn Forte 
61fcf3ce44SJohn Forte typedef struct radius_config {
62fcf3ce44SJohn Forte 	iscsi_ipaddr_t	rad_svr_addr;	/* IPv6 enabled */
63fcf3ce44SJohn Forte 	uint32_t	rad_svr_port;
64fcf3ce44SJohn Forte 	uint8_t		rad_svr_shared_secret[MAX_RAD_SHARED_SECRET_LEN];
65fcf3ce44SJohn Forte 	uint32_t	rad_svr_shared_secret_len;
66fcf3ce44SJohn Forte } RADIUS_CONFIG;
67fcf3ce44SJohn Forte 
68fcf3ce44SJohn Forte /*
69fcf3ce44SJohn Forte  * To validate a target CHAP response given the associated challenge.
70fcf3ce44SJohn Forte  *
71fcf3ce44SJohn Forte  * target_chap_name - The CHAP name of the target being authenticated.
72fcf3ce44SJohn Forte  * initiator_chap_name - The CHAP name of the authenticating initiator.
73fcf3ce44SJohn Forte  * challenge - The CHAP challenge to which the target responded.
74*5df5713fSbing zhao - Sun Microsystems - Beijing China  * challeng_length - The length of CHAP challenge.
75fcf3ce44SJohn Forte  * target_response - The target's CHAP response to be validated.
76*5df5713fSbing zhao - Sun Microsystems - Beijing China  * response_length - The length of target's CHAP response.
77fcf3ce44SJohn Forte  * identifier - The identifier associated with the CHAP challenge.
78fcf3ce44SJohn Forte  * auth_method - The authentication method to be used.
79fcf3ce44SJohn Forte  * auth_config_data - Any required configuration data to support the
80fcf3ce44SJohn Forte  *                    specified authentication method.
81fcf3ce44SJohn Forte  */
82fcf3ce44SJohn Forte chap_validation_status_type
83*5df5713fSbing zhao - Sun Microsystems - Beijing China chap_validate_tgt(
84fcf3ce44SJohn Forte 	char *target_chap_name,
85fcf3ce44SJohn Forte 	char *initiator_chap_name,
86fcf3ce44SJohn Forte 	uint8_t *challenge,
87*5df5713fSbing zhao - Sun Microsystems - Beijing China 	uint32_t challenge_length,
88fcf3ce44SJohn Forte 	uint8_t *target_response,
89*5df5713fSbing zhao - Sun Microsystems - Beijing China 	uint32_t response_length,
90fcf3ce44SJohn Forte 	uint8_t identifier,
91fcf3ce44SJohn Forte 	authentication_method_type auth_method,
92fcf3ce44SJohn Forte 	void *auth_config_data);
93fcf3ce44SJohn Forte 
94fcf3ce44SJohn Forte #ifdef __cplusplus
95fcf3ce44SJohn Forte }
96fcf3ce44SJohn Forte #endif
97fcf3ce44SJohn Forte 
98fcf3ce44SJohn Forte #endif /* _CHAP_H */
99