diff options
Diffstat (limited to 'src/include/gpxe')
-rw-r--r-- | src/include/gpxe/chap.h | 16 | ||||
-rw-r--r-- | src/include/gpxe/dhcp.h | 18 | ||||
-rw-r--r-- | src/include/gpxe/iscsi.h | 30 |
3 files changed, 49 insertions, 15 deletions
diff --git a/src/include/gpxe/chap.h b/src/include/gpxe/chap.h index 0ea7ac5c..a7059cdb 100644 --- a/src/include/gpxe/chap.h +++ b/src/include/gpxe/chap.h @@ -12,8 +12,8 @@ struct crypto_algorithm; -/** A CHAP challenge/response */ -struct chap_challenge { +/** A CHAP response */ +struct chap_response { /** Digest algorithm used for the response */ struct crypto_algorithm *digest; /** Context used by the digest algorithm */ @@ -24,24 +24,24 @@ struct chap_challenge { size_t response_len; }; -extern int chap_init ( struct chap_challenge *chap, +extern int chap_init ( struct chap_response *chap, struct crypto_algorithm *digest ); -extern void chap_update ( struct chap_challenge *chap, const void *data, +extern void chap_update ( struct chap_response *chap, const void *data, size_t len ); -extern void chap_respond ( struct chap_challenge *chap ); -extern void chap_finish ( struct chap_challenge *chap ); +extern void chap_respond ( struct chap_response *chap ); +extern void chap_finish ( struct chap_response *chap ); /** * Add identifier data to the CHAP challenge * - * @v chap CHAP challenge/response + * @v chap CHAP response * @v identifier CHAP identifier * * The CHAP identifier is the first byte of the CHAP challenge. This * function is a notational convenience for calling chap_update() for * the identifier byte. */ -static inline void chap_set_identifier ( struct chap_challenge *chap, +static inline void chap_set_identifier ( struct chap_response *chap, unsigned int identifier ) { uint8_t ident_byte = identifier; diff --git a/src/include/gpxe/dhcp.h b/src/include/gpxe/dhcp.h index 1c9c49fa..7ce65399 100644 --- a/src/include/gpxe/dhcp.h +++ b/src/include/gpxe/dhcp.h @@ -241,6 +241,24 @@ struct dhcp_packet; */ #define DHCP_EB_PASSWORD DHCP_ENCAP_OPT ( DHCP_EB_ENCAP, 0xbf ) +/** Reverse username + * + * This will be used as the reverse username (i.e. the username + * provided by the server) for any required authentication. It is + * expected that this option's value will be held in non-volatile + * storage, rather than transmitted as part of a DHCP packet. + */ +#define DHCP_EB_REVERSE_USERNAME DHCP_ENCAP_OPT ( DHCP_EB_ENCAP, 0xc0 ) + +/** Reverse password + * + * This will be used as the reverse password (i.e. the password + * provided by the server) for any required authentication. It is + * expected that this option's value will be held in non-volatile + * storage, rather than transmitted as part of a DHCP packet. + */ +#define DHCP_EB_REVERSE_PASSWORD DHCP_ENCAP_OPT ( DHCP_EB_ENCAP, 0xc1 ) + /** iSCSI primary target IQN */ #define DHCP_ISCSI_PRIMARY_TARGET_IQN 201 diff --git a/src/include/gpxe/iscsi.h b/src/include/gpxe/iscsi.h index 5c446757..fd96fdfe 100644 --- a/src/include/gpxe/iscsi.h +++ b/src/include/gpxe/iscsi.h @@ -522,12 +522,25 @@ struct iscsi_session { */ int retry_count; - /** Username (if any) */ - char *username; - /** Password (if any) */ - char *password; - /** CHAP challenge/response */ - struct chap_challenge chap; + /** Initiator username (if any) */ + char *initiator_username; + /** Initiator password (if any) */ + char *initiator_password; + /** Target username (if any) */ + char *target_username; + /** Target password (if any) */ + char *target_password; + /** Target has authenticated acceptably */ + int target_auth_ok; + /** CHAP challenge (for target auth only) + * + * This is a block of random data; the first byte is used as + * the CHAP identifier (CHAP_I) and the remainder as the CHAP + * challenge (CHAP_C). + */ + unsigned char chap_challenge[17]; + /** CHAP response (used for both initiator and target auth) */ + struct chap_response chap; /** Target session identifying handle * @@ -642,8 +655,11 @@ struct iscsi_session { /** iSCSI session needs to send the CHAP response */ #define ISCSI_STATUS_STRINGS_CHAP_RESPONSE 0x0400 +/** iSCSI session needs to send the mutual CHAP challenge */ +#define ISCSI_STATUS_STRINGS_CHAP_CHALLENGE 0x0800 + /** iSCSI session needs to send the operational negotiation strings */ -#define ISCSI_STATUS_STRINGS_OPERATIONAL 0x0800 +#define ISCSI_STATUS_STRINGS_OPERATIONAL 0x1000 /** Mask for all iSCSI "needs to send" flags */ #define ISCSI_STATUS_STRINGS_MASK 0xff00 |