iscsi_authglue.c revision 36c5fee33fa8b822175d410202aebcf592c8d342
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2000 by Cisco Systems, Inc. All rights reserved.
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*
* iSCSI Pseudo HBA Driver
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <fcntl.h>
#include <netdb.h>
#include <string.h>
#include <strings.h>
#include <unistd.h>
#include <sys/iscsi_protocol.h>
#include <sys/iscsi_authclient.h>
#include "radius.h"
#include "queue.h"
#include "iscsi_sess.h"
#include "xml.h"
#include "target.h"
#define DEFAULT_RADIUS_PORT 1812
{
char *szRadiusServer = NULL;
char *szRadiusSecret = NULL;
char *szRadiusPort = NULL;
int ret = 0;
&bRadiusAccess) == False) {
return (B_FALSE);
}
if (bRadiusAccess == False) {
return (B_FALSE);
}
/* Load RADIUS server: ipaddr[:port] */
&szRadiusServer) == False) {
return (B_FALSE);
}
if (szRadiusPort == NULL) {
} else {
}
*szRadiusPort = '\0';
}
if (ret != 0) {
return (B_FALSE);
}
struct sockaddr_in sa_tmp;
}
/*
* We don't handle IPV6 currently.
*/
/* Load RADIUS shared secret */
&szRadiusSecret) == False) {
return (B_FALSE);
}
/* Set RADIUS config flag */
return (B_TRUE);
}
/*
* Authenticate a target's CHAP response.
*
* username - Incoming username from the the target.
* responseData - Incoming response data from the target.
*/
int
unsigned int responseLength)
{
char debug[128];
return (iscsiAuthStatusFail);
}
/*
* the expected credentials are in the session
*/
"SES%x iscsi session(%u) failed authentication, "
"no incoming username configured to authenticate initiator",
return (iscsiAuthStatusFail);
}
"SES%x iscsi session(%u) failed authentication, "
"received incorrect username from initiator",
return (iscsiAuthStatusFail);
}
/* Check if RADIUS access is enabled */
int authStatus;
/*
* Radius enabled but configuration invalid -
* invalid condition
*/
return (iscsiAuthStatusFail);
}
/* Use RADIUS server to authentication target */
/* IPv4 */
= sizeof (in_addr_t);
/* IPv6 */
16);
} else {
return (iscsiAuthStatusFail);
}
id,
switch (chap_valid_status) {
case CHAP_VALIDATION_PASSED:
break;
break;
break;
break;
break;
default:
break;
}
return (authStatus);
} else {
/* Use target secret (if defined) to authenticate target */
/* No target secret defined - invalid condition */
return (iscsiAuthStatusFail);
}
/*
* challenge length is I->T, and shouldn't need to
* be checked
*/
if (responseLength != sizeof (verifyData)) {
"SES%x iscsi session(%u) failed "
"authentication, received incorrect CHAP response "
return (iscsiAuthStatusFail);
}
/*
* id byte
*/
verifyData[0] = id;
/*
* shared secret
*/
/*
* challenge value
*/
(uchar_t *)challengeData,
sizeof (verifyData)) == 0) {
return (iscsiAuthStatusPass);
}
"SES%x iscsi session(%u) failed authentication, "
"received incorrect CHAP response from initiator",
}
return (iscsiAuthStatusFail);
}
int
{
char *pEnd;
unsigned long number;
return (0); /* No error */
} else {
return (1); /* Error */
}
}
/* ARGSUSED */
void
unsigned int length)
{
}
void
{
int fd;
if (fd == -1)
return;
}
void
{
}
void
unsigned int length)
{
}
void
{
}
int
{
return (1); /* error */
}
return (0); /* no error */
}