#include <emlxs.h>
#ifdef DHCHAP_SUPPORT
#include <md5.h>
#include <sha1.h>
#include <sys/sha1_consts.h>
#include <bignum.h>
#include <sys/time.h>
#define RAND
#ifndef ENABLE
#define ENABLE 1
#endif
#ifndef DISABLE
#define DISABLE 0
#endif
EMLXS_MSG_DEF(EMLXS_DHCHAP_C);
static char *emlxs_dhc_pstate_xlate(uint32_t state);
static char *emlxs_dhc_nstate_xlate(uint32_t state);
static uint32_t emlxs_check_dhgp(emlxs_port_t *port, NODELIST *ndlp,
uint32_t *dh_id, uint16_t cnt, uint32_t *dhgp_id);
static void emlxs_dhc_set_reauth_time(emlxs_port_t *port,
emlxs_node_t *ndlp, uint32_t status);
static void emlxs_auth_cfg_init(emlxs_hba_t *hba);
static void emlxs_auth_cfg_fini(emlxs_hba_t *hba);
static void emlxs_auth_cfg_read(emlxs_hba_t *hba);
static uint32_t emlxs_auth_cfg_parse(emlxs_hba_t *hba,
emlxs_auth_cfg_t *config, char *prop_str);
static emlxs_auth_cfg_t *emlxs_auth_cfg_get(emlxs_hba_t *hba,
uint8_t *lwwpn, uint8_t *rwwpn);
static emlxs_auth_cfg_t *emlxs_auth_cfg_create(emlxs_hba_t *hba,
uint8_t *lwwpn, uint8_t *rwwpn);
static void emlxs_auth_cfg_destroy(emlxs_hba_t *hba,
emlxs_auth_cfg_t *auth_cfg);
static void emlxs_auth_cfg_print(emlxs_hba_t *hba,
emlxs_auth_cfg_t *auth_cfg);
static void emlxs_auth_key_init(emlxs_hba_t *hba);
static void emlxs_auth_key_fini(emlxs_hba_t *hba);
static void emlxs_auth_key_read(emlxs_hba_t *hba);
static uint32_t emlxs_auth_key_parse(emlxs_hba_t *hba,
emlxs_auth_key_t *auth_key, char *prop_str);
static emlxs_auth_key_t *emlxs_auth_key_get(emlxs_hba_t *hba,
uint8_t *lwwpn, uint8_t *rwwpn);
static emlxs_auth_key_t *emlxs_auth_key_create(emlxs_hba_t *hba,
uint8_t *lwwpn, uint8_t *rwwpn);
static void emlxs_auth_key_destroy(emlxs_hba_t *hba,
emlxs_auth_key_t *auth_key);
static void emlxs_auth_key_print(emlxs_hba_t *hba,
emlxs_auth_key_t *auth_key);
static void emlxs_get_random_bytes(NODELIST *ndlp, uint8_t *rdn,
uint32_t len);
static emlxs_auth_cfg_t *emlxs_auth_cfg_find(emlxs_port_t *port,
uint8_t *rwwpn);
static emlxs_auth_key_t *emlxs_auth_key_find(emlxs_port_t *port,
uint8_t *rwwpn);
static void emlxs_dhc_auth_complete(emlxs_port_t *port,
emlxs_node_t *ndlp, uint32_t status);
static void emlxs_log_auth_event(emlxs_port_t *port, NODELIST *ndlp,
char *subclass, char *info);
static int emlxs_issue_auth_negotiate(emlxs_port_t *port,
emlxs_node_t *ndlp, uint8_t retry);
static void emlxs_cmpl_auth_negotiate_issue(fc_packet_t *pkt);
static uint32_t *emlxs_hash_rsp(emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc, NODELIST *ndlp, uint32_t tran_id,
union challenge_val un_cval, uint8_t *dhval, uint32_t dhvallen);
static fc_packet_t *emlxs_prep_els_fc_pkt(emlxs_port_t *port,
uint32_t d_id, uint32_t cmd_size, uint32_t rsp_size,
uint32_t datalen, int32_t sleepflag);
static uint32_t *emlxs_hash_vrf(emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc, NODELIST *ndlp, uint32_t tran_id,
union challenge_val un_cval);
static BIG_ERR_CODE
emlxs_interm_hash(emlxs_port_t *port, emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp, void *hash_val, uint32_t tran_id,
union challenge_val un_cval, uint8_t *dhval, uint32_t *);
static BIG_ERR_CODE
emlxs_BIGNUM_get_pubkey(emlxs_port_t *port, emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp, uint8_t *dhval, uint32_t *dhvallen,
uint32_t hash_size, uint32_t dhgp_id);
static BIG_ERR_CODE
emlxs_BIGNUM_get_dhval(emlxs_port_t *port, emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp, uint8_t *dhval, uint32_t *dhval_len,
uint32_t dhgp_id, uint8_t *priv_key, uint32_t privkey_len);
static uint32_t *
emlxs_hash_verification(emlxs_port_t *port, emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp, uint32_t tran_id, uint8_t *dhval,
uint32_t dhval_len, uint32_t flag, uint8_t *bi_cval);
static uint32_t *
emlxs_hash_get_R2(emlxs_port_t *port, emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp, uint32_t tran_id, uint8_t *dhval,
uint32_t dhval_len, uint32_t flag, uint8_t *bi_cval);
static uint32_t emlxs_issue_auth_reject(emlxs_port_t *port,
NODELIST *ndlp, int retry, uint32_t *arg, uint8_t ReasonCode,
uint8_t ReasonCodeExplanation);
static uint32_t emlxs_disc_neverdev(emlxs_port_t *port, void *arg1,
void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_rcv_auth_msg_unmapped_node(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_rcv_auth_msg_npr_node(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_cmpl_auth_msg_npr_node(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_rcv_auth_msg_auth_negotiate_issue(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_cmpl_auth_msg_auth_negotiate_issue(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_rcv_auth_msg_auth_negotiate_rcv(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_cmpl_auth_msg_auth_negotiate_rcv(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_rcv_auth_msg_auth_negotiate_cmpl_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_cmpl_auth_msg_auth_negotiate_cmpl_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_rcv_auth_msg_dhchap_challenge_issue(emlxs_port_t *port, void *arg1,
void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_cmpl_auth_msg_dhchap_challenge_issue(emlxs_port_t *port, void *arg1,
void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_rcv_auth_msg_dhchap_reply_issue(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_cmpl_auth_msg_dhchap_reply_issue(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_rcv_auth_msg_dhchap_challenge_cmpl_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_cmpl_auth_msg_dhchap_challenge_cmpl_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_rcv_auth_msg_dhchap_reply_cmpl_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_cmpl_auth_msg_dhchap_reply_cmpl_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_rcv_auth_msg_dhchap_success_issue(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_cmpl_auth_msg_dhchap_success_issue(emlxs_port_t *port, void *arg1,
void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_rcv_auth_msg_dhchap_success_issue_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_cmpl_auth_msg_dhchap_success_issue_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_rcv_auth_msg_dhchap_success_cmpl_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t
emlxs_cmpl_auth_msg_dhchap_success_cmpl_wait4next(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_device_recov_unmapped_node(emlxs_port_t *port,
void *arg1, void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_device_rm_npr_node(emlxs_port_t *port, void *arg1,
void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_device_recov_npr_node(emlxs_port_t *port, void *arg1,
void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_device_rem_auth(emlxs_port_t *port, void *arg1,
void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint32_t emlxs_device_recov_auth(emlxs_port_t *port, void *arg1,
void *arg2, void *arg3, void *arg4, uint32_t evt);
static uint8_t emlxs_null_wwn[8] =
{0, 0, 0, 0, 0, 0, 0, 0};
static uint8_t emlxs_fabric_wwn[8] =
{0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
unsigned char dhgp1_pVal[] =
{0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6, 0x9C, 0x33, 0xF8, 0x0A, 0xFA,
0x8F, 0xC5, 0xE8,
0x60, 0x72, 0x61, 0x87, 0x75, 0xFF, 0x3C, 0x0B, 0x9E, 0xA2, 0x31, 0x4C, 0x9C,
0x25, 0x65, 0x76,
0xD6, 0x74, 0xDF, 0x74, 0x96, 0xEA, 0x81, 0xD3, 0x38, 0x3B, 0x48, 0x13, 0xD6,
0x92, 0xC6, 0xE0,
0xE0, 0xD5, 0xD8, 0xE2, 0x50, 0xB9, 0x8B, 0xE4, 0x8E, 0x49, 0x5C, 0x1D, 0x60,
0x89, 0xDA, 0xD1,
0x5D, 0xC7, 0xD7, 0xB4, 0x61, 0x54, 0xD6, 0xB6, 0xCE, 0x8E, 0xF4, 0xAD, 0x69,
0xB1, 0x5D, 0x49,
0x82, 0x55, 0x9B, 0x29, 0x7B, 0xCF, 0x18, 0x85, 0xC5, 0x29, 0xF5, 0x66, 0x66,
0x0E, 0x57, 0xEC,
0x68, 0xED, 0xBC, 0x3C, 0x05, 0x72, 0x6C, 0xC0, 0x2F, 0xD4, 0xCB, 0xF4, 0x97,
0x6E, 0xAA, 0x9A,
0xFD, 0x51, 0x38, 0xFE, 0x83, 0x76, 0x43, 0x5B, 0x9F, 0xC6, 0x1D, 0x2F, 0xC0,
0xEB, 0x06, 0xE3,
};
unsigned char dhgp2_pVal[] =
{0xD7, 0x79, 0x46, 0x82, 0x6E, 0x81, 0x19, 0x14, 0xB3, 0x94, 0x01, 0xD5, 0x6A,
0x0A, 0x78, 0x43,
0xA8, 0xE7, 0x57, 0x5D, 0x73, 0x8C, 0x67, 0x2A, 0x09, 0x0A, 0xB1, 0x18, 0x7D,
0x69, 0x0D, 0xC4,
0x38, 0x72, 0xFC, 0x06, 0xA7, 0xB6, 0xA4, 0x3F, 0x3B, 0x95, 0xBE, 0xAE, 0xC7,
0xDF, 0x04, 0xB9,
0xD2, 0x42, 0xEB, 0xDC, 0x48, 0x11, 0x11, 0x28, 0x32, 0x16, 0xCE, 0x81, 0x6E,
0x00, 0x4B, 0x78,
0x6C, 0x5F, 0xCE, 0x85, 0x67, 0x80, 0xD4, 0x18, 0x37, 0xD9, 0x5A, 0xD7, 0x87,
0xA5, 0x0B, 0xBE,
0x90, 0xBD, 0x3A, 0x9C, 0x98, 0xAC, 0x0F, 0x5F, 0xC0, 0xDE, 0x74, 0x4B, 0x1C,
0xDE, 0x18, 0x91,
0x69, 0x08, 0x94, 0xBC, 0x1F, 0x65, 0xE0, 0x0D, 0xE1, 0x5B, 0x4B, 0x2A, 0xA6,
0xD8, 0x71, 0x00,
0xC9, 0xEC, 0xC2, 0x52, 0x7E, 0x45, 0xEB, 0x84, 0x9D, 0xEB, 0x14, 0xBB, 0x20,
0x49, 0xB1, 0x63,
0xEA, 0x04, 0x18, 0x7F, 0xD2, 0x7C, 0x1B, 0xD9, 0xC7, 0x95, 0x8C, 0xD4, 0x0C,
0xE7, 0x06, 0x7A,
0x9C, 0x02, 0x4F, 0x9B, 0x7C, 0x5A, 0x0B, 0x4F, 0x50, 0x03, 0x68, 0x61, 0x61,
0xF0, 0x60, 0x5B
};
unsigned char dhgp3_pVal[] =
{0x9D, 0xEF, 0x3C, 0xAF, 0xB9, 0x39, 0x27, 0x7A, 0xB1, 0xF1, 0x2A, 0x86, 0x17,
0xA4, 0x7B, 0xBB,
0xDB, 0xA5, 0x1D, 0xF4, 0x99, 0xAC, 0x4C, 0x80, 0xBE, 0xEE, 0xA9, 0x61, 0x4B,
0x19, 0xCC, 0x4D,
0x5F, 0x4F, 0x5F, 0x55, 0x6E, 0x27, 0xCB, 0xDE, 0x51, 0xC6, 0xA9, 0x4B, 0xE4,
0x60, 0x7A, 0x29,
0x15, 0x58, 0x90, 0x3B, 0xA0, 0xD0, 0xF8, 0x43, 0x80, 0xB6, 0x55, 0xBB, 0x9A,
0x22, 0xE8, 0xDC,
0xDF, 0x02, 0x8A, 0x7C, 0xEC, 0x67, 0xF0, 0xD0, 0x81, 0x34, 0xB1, 0xC8, 0xB9,
0x79, 0x89, 0x14,
0x9B, 0x60, 0x9E, 0x0B, 0xE3, 0xBA, 0xB6, 0x3D, 0x47, 0x54, 0x83, 0x81, 0xDB,
0xC5, 0xB1, 0xFC,
0x76, 0x4E, 0x3F, 0x4B, 0x53, 0xDD, 0x9D, 0xA1, 0x15, 0x8B, 0xFD, 0x3E, 0x2B,
0x9C, 0x8C, 0xF5,
0x6E, 0xDF, 0x01, 0x95, 0x39, 0x34, 0x96, 0x27, 0xDB, 0x2F, 0xD5, 0x3D, 0x24,
0xB7, 0xC4, 0x86,
0x65, 0x77, 0x2E, 0x43, 0x7D, 0x6C, 0x7F, 0x8C, 0xE4, 0x42, 0x73, 0x4A, 0xF7,
0xCC, 0xB7, 0xAE,
0x83, 0x7C, 0x26, 0x4A, 0xE3, 0xA9, 0xBE, 0xB8, 0x7F, 0x8A, 0x2F, 0xE9, 0xB8,
0xB5, 0x29, 0x2E,
0x5A, 0x02, 0x1F, 0xFF, 0x5E, 0x91, 0x47, 0x9E, 0x8C, 0xE7, 0xA2, 0x8C, 0x24,
0x42, 0xC6, 0xF3,
0x15, 0x18, 0x0F, 0x93, 0x49, 0x9A, 0x23, 0x4D, 0xCF, 0x76, 0xE3, 0xFE, 0xD1,
0x35, 0xF9, 0xBB
};
unsigned char dhgp4_pVal[] =
{0xAC, 0x6B, 0xDB, 0x41, 0x32, 0x4A, 0x9A, 0x9B, 0xF1, 0x66, 0xDE, 0x5E, 0x13,
0x89, 0x58, 0x2F,
0xAF, 0x72, 0xB6, 0x65, 0x19, 0x87, 0xEE, 0x07, 0xFC, 0x31, 0x92, 0x94, 0x3D,
0xB5, 0x60, 0x50,
0xA3, 0x73, 0x29, 0xCB, 0xB4, 0xA0, 0x99, 0xED, 0x81, 0x93, 0xE0, 0x75, 0x77,
0x67, 0xA1, 0x3D,
0xD5, 0x23, 0x12, 0xAB, 0x4B, 0x03, 0x31, 0x0D, 0xCD, 0x7F, 0x48, 0xA9, 0xDA,
0x04, 0xFD, 0x50,
0xE8, 0x08, 0x39, 0x69, 0xED, 0xB7, 0x67, 0xB0, 0xCF, 0x60, 0x95, 0x17, 0x9A,
0x16, 0x3A, 0xB3,
0x66, 0x1A, 0x05, 0xFB, 0xD5, 0xFA, 0xAA, 0xE8, 0x29, 0x18, 0xA9, 0x96, 0x2F,
0x0B, 0x93, 0xB8,
0x55, 0xF9, 0x79, 0x93, 0xEC, 0x97, 0x5E, 0xEA, 0xA8, 0x0D, 0x74, 0x0A, 0xDB,
0xF4, 0xFF, 0x74,
0x73, 0x59, 0xD0, 0x41, 0xD5, 0xC3, 0x3E, 0xA7, 0x1D, 0x28, 0x1E, 0x44, 0x6B,
0x14, 0x77, 0x3B,
0xCA, 0x97, 0xB4, 0x3A, 0x23, 0xFB, 0x80, 0x16, 0x76, 0xBD, 0x20, 0x7A, 0x43,
0x6C, 0x64, 0x81,
0xF1, 0xD2, 0xB9, 0x07, 0x87, 0x17, 0x46, 0x1A, 0x5B, 0x9D, 0x32, 0xE6, 0x88,
0xF8, 0x77, 0x48,
0x54, 0x45, 0x23, 0xB5, 0x24, 0xB0, 0xD5, 0x7D, 0x5E, 0xA7, 0x7A, 0x27, 0x75,
0xD2, 0xEC, 0xFA,
0x03, 0x2C, 0xFB, 0xDB, 0xF5, 0x2F, 0xB3, 0x78, 0x61, 0x60, 0x27, 0x90, 0x04,
0xE5, 0x7A, 0xE6,
0xAF, 0x87, 0x4E, 0x73, 0x03, 0xCE, 0x53, 0x29, 0x9C, 0xCC, 0x04, 0x1C, 0x7B,
0xC3, 0x08, 0xD8,
0x2A, 0x56, 0x98, 0xF3, 0xA8, 0xD0, 0xC3, 0x82, 0x71, 0xAE, 0x35, 0xF8, 0xE9,
0xDB, 0xFB, 0xB6,
0x94, 0xB5, 0xC8, 0x03, 0xD8, 0x9F, 0x7A, 0xE4, 0x35, 0xDE, 0x23, 0x6D, 0x52,
0x5F, 0x54, 0x75,
0x9B, 0x65, 0xE3, 0x72, 0xFC, 0xD6, 0x8E, 0xF2, 0x0F, 0xA7, 0x11, 0x1F, 0x9E,
0x4A, 0xFF, 0x73
};
#ifdef MYRAND
unsigned char myrand[] =
{0x11, 0x11, 0x22, 0x22,
0x33, 0x33, 0x44, 0x44,
0x55, 0x55, 0x66, 0x66,
0x77, 0x77, 0x88, 0x88,
0x99, 0x99, 0x00, 0x00};
#endif
#define NODE_EVENT_DEVICE_RM 0x0
#define NODE_EVENT_DEVICE_RECOVERY 0x1
#define NODE_EVENT_RCV_AUTH_MSG 0x2
#define NODE_EVENT_CMPL_AUTH_MSG 0x3
#define NODE_EVENT_MAX_EVENT 0x4
emlxs_table_t emlxs_event_table[] =
{
{NODE_EVENT_DEVICE_RM, "DEVICE_REMOVE"},
{NODE_EVENT_DEVICE_RECOVERY, "DEVICE_RECOVERY"},
{NODE_EVENT_RCV_AUTH_MSG, "AUTH_MSG_RCVD"},
{NODE_EVENT_CMPL_AUTH_MSG, "AUTH_MSG_CMPL"},
};
emlxs_table_t emlxs_pstate_table[] =
{
{ELX_FABRIC_STATE_UNKNOWN, "FABRIC_STATE_UNKNOWN"},
{ELX_FABRIC_AUTH_DISABLED, "FABRIC_AUTH_DISABLED"},
{ELX_FABRIC_AUTH_FAILED, "FABRIC_AUTH_FAILED"},
{ELX_FABRIC_AUTH_SUCCESS, "FABRIC_AUTH_SUCCESS"},
{ELX_FABRIC_IN_AUTH, "FABRIC_IN_AUTH"},
{ELX_FABRIC_IN_REAUTH, "FABRIC_IN_REAUTH"},
};
emlxs_table_t emlxs_nstate_table[] =
{
{NODE_STATE_UNKNOWN, "STATE_UNKNOWN"},
{NODE_STATE_AUTH_DISABLED, "AUTH_DISABLED"},
{NODE_STATE_AUTH_FAILED, "AUTH_FAILED"},
{NODE_STATE_AUTH_SUCCESS, "AUTH_SUCCESS"},
{NODE_STATE_AUTH_NEGOTIATE_ISSUE, "NEGOTIATE_ISSUE"},
{NODE_STATE_AUTH_NEGOTIATE_RCV, "NEGOTIATE_RCV"},
{NODE_STATE_AUTH_NEGOTIATE_CMPL_WAIT4NEXT, "NEGOTIATE_CMPL"},
{NODE_STATE_DHCHAP_CHALLENGE_ISSUE, "DHCHAP_CHALLENGE_ISSUE"},
{NODE_STATE_DHCHAP_REPLY_ISSUE, "DHCHAP_REPLY_ISSUE"},
{NODE_STATE_DHCHAP_CHALLENGE_CMPL_WAIT4NEXT, "DHCHAP_CHALLENGE_CMPL"},
{NODE_STATE_DHCHAP_REPLY_CMPL_WAIT4NEXT, "DHCHAP_REPLY_CMPL"},
{NODE_STATE_DHCHAP_SUCCESS_ISSUE, "DHCHAP_SUCCESS_ISSUE"},
{NODE_STATE_DHCHAP_SUCCESS_ISSUE_WAIT4NEXT, "DHCHAP_SUCCESS_ISSUE_WAIT"},
{NODE_STATE_DHCHAP_SUCCESS_CMPL_WAIT4NEXT, "DHCHAP_SUCCESS_CMPL"},
};
extern char *
emlxs_dhc_event_xlate(uint32_t state)
{
static char buffer[32];
uint32_t i;
uint32_t count;
count = sizeof (emlxs_event_table) / sizeof (emlxs_table_t);
for (i = 0; i < count; i++) {
if (state == emlxs_event_table[i].code) {
return (emlxs_event_table[i].string);
}
}
(void) snprintf(buffer, sizeof (buffer), "event=0x%x", state);
return (buffer);
}
extern void
emlxs_dhc_state(emlxs_port_t *port, emlxs_node_t *ndlp, uint32_t state,
uint32_t reason, uint32_t explaination)
{
emlxs_hba_t *hba = HBA;
emlxs_port_dhc_t *port_dhc = &port->port_dhc;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t pstate;
if ((state != NODE_STATE_NOCHANGE) && (node_dhc->state != state)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_state_msg,
"Node:0x%x %s --> %s", ndlp->nlp_DID,
emlxs_dhc_nstate_xlate(node_dhc->state),
emlxs_dhc_nstate_xlate(state));
node_dhc->prev_state = node_dhc->state;
node_dhc->state = (uint16_t)state;
switch (state) {
case NODE_STATE_UNKNOWN:
case NODE_STATE_AUTH_DISABLED:
node_dhc->nlp_authrsp_tmo = 0;
node_dhc->nlp_authrsp_tmocnt = 0;
emlxs_dhc_set_reauth_time(port, ndlp, DISABLE);
break;
case NODE_STATE_AUTH_SUCCESS:
if (ndlp->nlp_DID == FABRIC_DID) {
port_dhc->auth_time = DRV_TIME;
} else if (node_dhc->parent_auth_cfg) {
node_dhc->parent_auth_cfg->auth_time = DRV_TIME;
}
hba->rdn_flag = 0;
node_dhc->nlp_authrsp_tmo = 0;
if (node_dhc->flag & NLP_SET_REAUTH_TIME) {
emlxs_dhc_set_reauth_time(port, ndlp, ENABLE);
}
break;
default:
break;
}
if (ndlp->nlp_DID == FABRIC_DID) {
switch (state) {
case NODE_STATE_UNKNOWN:
pstate = ELX_FABRIC_STATE_UNKNOWN;
break;
case NODE_STATE_AUTH_DISABLED:
pstate = ELX_FABRIC_AUTH_DISABLED;
break;
case NODE_STATE_AUTH_FAILED:
pstate = ELX_FABRIC_AUTH_FAILED;
break;
case NODE_STATE_AUTH_SUCCESS:
pstate = ELX_FABRIC_AUTH_SUCCESS;
break;
default:
if (port_dhc->state ==
ELX_FABRIC_AUTH_SUCCESS) {
pstate = ELX_FABRIC_IN_REAUTH;
} else if (port_dhc->state !=
ELX_FABRIC_IN_REAUTH) {
pstate = ELX_FABRIC_IN_AUTH;
}
break;
}
if (port_dhc->state != pstate) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_state_msg,
"Port: %s --> %s",
emlxs_dhc_pstate_xlate(port_dhc->state),
emlxs_dhc_pstate_xlate(pstate));
port_dhc->state = pstate;
}
}
}
mutex_enter(&hba->auth_lock);
emlxs_dhc_status(port, ndlp, reason, explaination);
mutex_exit(&hba->auth_lock);
return;
}
extern void
emlxs_dhc_status(emlxs_port_t *port, emlxs_node_t *ndlp, uint32_t reason,
uint32_t explaination)
{
emlxs_port_dhc_t *port_dhc;
emlxs_node_dhc_t *node_dhc;
dfc_auth_status_t *auth_status;
uint32_t drv_time;
if (!ndlp || !ndlp->nlp_active || ndlp->node_dhc.state ==
NODE_STATE_UNKNOWN) {
return;
}
port_dhc = &port->port_dhc;
node_dhc = &ndlp->node_dhc;
if (ndlp->nlp_DID == FABRIC_DID) {
auth_status = &port_dhc->auth_status;
} else if (node_dhc->parent_auth_cfg) {
auth_status = &node_dhc->parent_auth_cfg->auth_status;
} else {
return;
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_status_msg,
"Node:0x%x state=%s rsn=0x%x exp=0x%x (%x,%x)",
ndlp->nlp_DID, emlxs_dhc_nstate_xlate(node_dhc->state), reason,
explaination, auth_status->auth_state,
auth_status->auth_failReason);
switch (node_dhc->state) {
case NODE_STATE_UNKNOWN:
if (auth_status->auth_state != DFC_AUTH_STATE_FAILED) {
auth_status->auth_state = DFC_AUTH_STATE_OFF;
auth_status->auth_failReason = 0;
}
break;
case NODE_STATE_AUTH_DISABLED:
auth_status->auth_state = DFC_AUTH_STATE_OFF;
auth_status->auth_failReason = 0;
break;
case NODE_STATE_AUTH_FAILED:
switch (reason) {
case AUTHRJT_FAILURE:
case AUTHRJT_LOGIC_ERR:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason = DFC_AUTH_FAIL_REJECTED;
break;
case LSRJT_AUTH_REQUIRED:
switch (explaination) {
case LSEXP_AUTH_REQUIRED:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason =
DFC_AUTH_FAIL_LS_RJT;
break;
default:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason =
DFC_AUTH_FAIL_REJECTED;
}
break;
case LSRJT_AUTH_LOGICAL_BSY:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason = DFC_AUTH_FAIL_BSY_LS_RJT;
break;
case LSRJT_AUTH_ELS_NOT_SUPPORTED:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason = DFC_AUTH_FAIL_LS_RJT;
break;
case LSRJT_AUTH_NOT_LOGGED_IN:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason = DFC_AUTH_FAIL_BSY_LS_RJT;
break;
}
if (auth_status->auth_state != DFC_AUTH_STATE_FAILED) {
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason = DFC_AUTH_FAIL_GENERIC;
}
break;
case NODE_STATE_AUTH_SUCCESS:
auth_status->auth_state = DFC_AUTH_STATE_ON;
auth_status->auth_failReason = 0;
break;
default:
auth_status->auth_state = DFC_AUTH_STATE_INP;
auth_status->auth_failReason = 0;
switch (reason) {
case AUTHRJT_FAILURE:
switch (explaination) {
case AUTHEXP_AUTH_FAILED:
case AUTHEXP_BAD_PAYLOAD:
case AUTHEXP_BAD_PROTOCOL:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason =
DFC_AUTH_FAIL_REJECTED;
break;
}
break;
case AUTHRJT_LOGIC_ERR:
switch (explaination) {
case AUTHEXP_MECH_UNUSABLE:
case AUTHEXP_DHGROUP_UNUSABLE:
case AUTHEXP_HASHFUNC_UNUSABLE:
case AUTHEXP_CONCAT_UNSUPP:
case AUTHEXP_BAD_PROTOVERS:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason =
DFC_AUTH_FAIL_REJECTED;
break;
}
break;
case LSRJT_AUTH_REQUIRED:
switch (explaination) {
case LSEXP_AUTH_REQUIRED:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason =
DFC_AUTH_FAIL_LS_RJT;
break;
}
break;
case LSRJT_AUTH_LOGICAL_BSY:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason = DFC_AUTH_FAIL_BSY_LS_RJT;
break;
case LSRJT_AUTH_ELS_NOT_SUPPORTED:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason = DFC_AUTH_FAIL_LS_RJT;
break;
case LSRJT_AUTH_NOT_LOGGED_IN:
auth_status->auth_state = DFC_AUTH_STATE_FAILED;
auth_status->auth_failReason = DFC_AUTH_FAIL_BSY_LS_RJT;
break;
}
break;
}
if (auth_status->auth_state != DFC_AUTH_STATE_ON) {
auth_status->time_until_next_auth = 0;
auth_status->localAuth = 0;
auth_status->remoteAuth = 0;
auth_status->group_priority = 0;
auth_status->hash_priority = 0;
auth_status->type_priority = 0;
} else {
switch (node_dhc->nlp_reauth_status) {
case NLP_HOST_REAUTH_ENABLED:
case NLP_HOST_REAUTH_IN_PROGRESS:
drv_time = DRV_TIME;
if (node_dhc->nlp_reauth_tmo > drv_time) {
auth_status->time_until_next_auth =
node_dhc->nlp_reauth_tmo - drv_time;
} else {
auth_status->time_until_next_auth = 0;
}
break;
case NLP_HOST_REAUTH_DISABLED:
default:
auth_status->time_until_next_auth = 0;
break;
}
if (node_dhc->flag & NLP_REMOTE_AUTH) {
auth_status->localAuth = 0;
auth_status->remoteAuth = 1;
} else {
auth_status->localAuth = 1;
auth_status->remoteAuth = 0;
}
auth_status->type_priority = DFC_AUTH_TYPE_DHCHAP;
switch (node_dhc->nlp_auth_dhgpid) {
case GROUP_NULL:
auth_status->group_priority = ELX_GROUP_NULL;
break;
case GROUP_1024:
auth_status->group_priority = ELX_GROUP_1024;
break;
case GROUP_1280:
auth_status->group_priority = ELX_GROUP_1280;
break;
case GROUP_1536:
auth_status->group_priority = ELX_GROUP_1536;
break;
case GROUP_2048:
auth_status->group_priority = ELX_GROUP_2048;
break;
}
switch (node_dhc->nlp_auth_hashid) {
case 0:
auth_status->hash_priority = 0;
break;
case AUTH_SHA1:
auth_status->hash_priority = ELX_SHA1;
break;
case AUTH_MD5:
auth_status->hash_priority = ELX_MD5;
break;
}
}
return;
}
static char *
emlxs_dhc_pstate_xlate(uint32_t state)
{
static char buffer[32];
uint32_t i;
uint32_t count;
count = sizeof (emlxs_pstate_table) / sizeof (emlxs_table_t);
for (i = 0; i < count; i++) {
if (state == emlxs_pstate_table[i].code) {
return (emlxs_pstate_table[i].string);
}
}
(void) snprintf(buffer, sizeof (buffer), "state=0x%x", state);
return (buffer);
}
static char *
emlxs_dhc_nstate_xlate(uint32_t state)
{
static char buffer[32];
uint32_t i;
uint32_t count;
count = sizeof (emlxs_nstate_table) / sizeof (emlxs_table_t);
for (i = 0; i < count; i++) {
if (state == emlxs_nstate_table[i].code) {
return (emlxs_nstate_table[i].string);
}
}
(void) snprintf(buffer, sizeof (buffer), "state=0x%x", state);
return (buffer);
}
static uint32_t
emlxs_check_dhgp(
emlxs_port_t *port,
NODELIST *ndlp,
uint32_t *dh_id,
uint16_t cnt,
uint32_t *dhgp_id)
{
uint32_t i, j, rc = 1;
uint32_t wnt;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"dhgp: 0x%x, id[0..4]=0x%x 0x%x 0x%x 0x%x 0x%x pri[1]=0x%x",
cnt, dh_id[0], dh_id[1], dh_id[2], dh_id[3], dh_id[4],
node_dhc->auth_cfg.dh_group_priority[1]);
if (cnt >= 2) {
for (i = 0; i <= cnt - 2; i++) {
for (j = i + 1; j <= cnt - 1; j++) {
if (dh_id[i] == dh_id[j]) {
rc = 2;
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_detail_msg,
":Rpt dhid[%x]=%x dhid[%x]=%x",
i, dh_id[i], j, dh_id[j]);
break;
}
}
if (rc == 2) {
break;
}
}
if ((i == cnt - 1) && (j == cnt)) {
rc = 1;
}
if (rc == 2) {
return (rc);
}
}
wnt = 0;
while (node_dhc->auth_cfg.dh_group_priority[wnt] != 0xF) {
wnt++;
}
for (i = 0; i < wnt; i++) {
for (j = 0; j < cnt; j++) {
if (node_dhc->auth_cfg.dh_group_priority[i] ==
dh_id[j]) {
rc = 0;
*dhgp_id =
node_dhc->auth_cfg.dh_group_priority[i];
break;
}
}
if (rc == 0) {
break;
}
}
if (i == wnt) {
rc = 1;
return (1);
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"check_dhgp: dhgp_id=0x%x", *dhgp_id);
return (rc);
}
static void
emlxs_get_random_bytes(
NODELIST *ndlp,
uint8_t *rdn,
uint32_t len)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
hrtime_t now;
uint8_t sha1_digest[20];
SHA1_CTX sha1ctx;
now = gethrtime();
bzero(&sha1ctx, sizeof (SHA1_CTX));
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *) &node_dhc->auth_cfg.local_entity,
sizeof (NAME_TYPE));
SHA1Update(&sha1ctx, (void *) &now, sizeof (hrtime_t));
SHA1Final((void *) sha1_digest, &sha1ctx);
bcopy((void *) &sha1_digest[0], (void *) &rdn[0], len);
return;
}
static void *emlxs_dhchap_action[] =
{
(void *) emlxs_disc_neverdev,
(void *) emlxs_disc_neverdev,
(void *) emlxs_disc_neverdev,
(void *) emlxs_disc_neverdev,
(void *) emlxs_disc_neverdev,
(void *) emlxs_disc_neverdev,
(void *) emlxs_disc_neverdev,
(void *) emlxs_disc_neverdev,
(void *) emlxs_device_rm_npr_node,
(void *) emlxs_device_recov_npr_node,
(void *) emlxs_rcv_auth_msg_npr_node,
(void *) emlxs_cmpl_auth_msg_npr_node,
(void *) emlxs_disc_neverdev,
(void *) emlxs_device_recov_unmapped_node,
(void *) emlxs_rcv_auth_msg_unmapped_node,
(void *) emlxs_disc_neverdev,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_auth_negotiate_issue,
(void *) emlxs_cmpl_auth_msg_auth_negotiate_issue,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_auth_negotiate_rcv,
(void *) emlxs_cmpl_auth_msg_auth_negotiate_rcv,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_auth_negotiate_cmpl_wait4next,
(void *) emlxs_cmpl_auth_msg_auth_negotiate_cmpl_wait4next,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_dhchap_challenge_issue,
(void *) emlxs_cmpl_auth_msg_dhchap_challenge_issue,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_dhchap_reply_issue,
(void *) emlxs_cmpl_auth_msg_dhchap_reply_issue,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_dhchap_challenge_cmpl_wait4next,
(void *) emlxs_cmpl_auth_msg_dhchap_challenge_cmpl_wait4next,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_dhchap_reply_cmpl_wait4next,
(void *) emlxs_cmpl_auth_msg_dhchap_reply_cmpl_wait4next,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_dhchap_success_issue,
(void *) emlxs_cmpl_auth_msg_dhchap_success_issue,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_dhchap_success_issue_wait4next,
(void *) emlxs_cmpl_auth_msg_dhchap_success_issue_wait4next,
(void *) emlxs_device_rem_auth,
(void *) emlxs_device_recov_auth,
(void *) emlxs_rcv_auth_msg_dhchap_success_cmpl_wait4next,
(void *) emlxs_cmpl_auth_msg_dhchap_success_cmpl_wait4next,
};
extern int
emlxs_dhchap_state_machine(emlxs_port_t *port, CHANNEL *cp,
IOCBQ *iocbq, MATCHMAP *mp,
NODELIST *ndlp, int evt)
{
emlxs_hba_t *hba = HBA;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t rc;
uint32_t(*func) (emlxs_port_t *, CHANNEL *, IOCBQ *, MATCHMAP *,
NODELIST *, uint32_t);
mutex_enter(&hba->dhc_lock);
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_event_msg,
"%s: did=0x%x",
emlxs_dhc_event_xlate(evt), ndlp->nlp_DID);
node_dhc->disc_refcnt++;
func = (uint32_t(*) (emlxs_port_t *, CHANNEL *, IOCBQ *, MATCHMAP *,
NODELIST *, uint32_t))
emlxs_dhchap_action[(node_dhc->state * NODE_EVENT_MAX_EVENT) + evt];
rc = (func) (port, cp, iocbq, mp, ndlp, evt);
node_dhc->disc_refcnt--;
mutex_exit(&hba->dhc_lock);
return (rc);
}
static uint32_t
emlxs_disc_neverdev(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *) arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"disc_neverdev: did=0x%x.",
ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_UNKNOWN, 0, 0);
return (node_dhc->state);
}
static void
emlxs_cmpl_dhchap_challenge_issue(fc_packet_t *pkt)
{
emlxs_port_t *port = pkt->pkt_ulp_private;
emlxs_buf_t *sbp;
NODELIST *ndlp;
uint32_t did;
did = pkt->pkt_cmd_fhdr.d_id;
sbp = (emlxs_buf_t *)pkt->pkt_fca_private;
ndlp = sbp->node;
if (!ndlp) {
ndlp = emlxs_node_find_did(port, did, 1);
}
if (pkt->pkt_state != FC_PKT_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_dhchap_challenge_issue: did=0x%x state=%x",
did, pkt->pkt_state);
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_dhchap_challenge_issue: did=0x%x. Succcess.",
did);
}
if (ndlp) {
if (pkt->pkt_state == FC_PKT_SUCCESS) {
(void) emlxs_dhchap_state_machine(port, NULL, NULL,
NULL, ndlp, NODE_EVENT_CMPL_AUTH_MSG);
}
}
emlxs_pkt_free(pkt);
return;
}
static void
emlxs_cmpl_dhchap_success_issue(fc_packet_t *pkt)
{
emlxs_port_t *port = pkt->pkt_ulp_private;
NODELIST *ndlp;
uint32_t did;
emlxs_buf_t *sbp;
did = pkt->pkt_cmd_fhdr.d_id;
sbp = (emlxs_buf_t *)pkt->pkt_fca_private;
ndlp = sbp->node;
if (!ndlp) {
ndlp = emlxs_node_find_did(port, did, 1);
}
if (pkt->pkt_state != FC_PKT_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_dhchap_success_issue: 0x%x %x. No retry.",
did, pkt->pkt_state);
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_dhchap_success_issue: did=0x%x. Succcess.",
did);
}
if (ndlp) {
if (pkt->pkt_state == FC_PKT_SUCCESS) {
(void) emlxs_dhchap_state_machine(port, NULL, NULL,
NULL, ndlp, NODE_EVENT_CMPL_AUTH_MSG);
}
}
emlxs_pkt_free(pkt);
return;
}
uint32_t
emlxs_issue_dhchap_success(
emlxs_port_t *port,
NODELIST *ndlp,
int retry,
uint8_t *rsp)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
fc_packet_t *pkt;
uint32_t cmd_size;
uint32_t rsp_size;
uint8_t *pCmd;
uint16_t cmdsize;
DHCHAP_SUCCESS_HDR *ap;
uint8_t *tmp;
uint32_t len;
uint32_t ret;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_success: did=0x%x", ndlp->nlp_DID);
if (ndlp->nlp_DID == FABRIC_DID) {
if (node_dhc->nlp_auth_hashid == AUTH_MD5)
len = MD5_LEN;
else
len = SHA1_LEN;
} else {
len = (node_dhc->nlp_auth_hashid == AUTH_MD5) ?
MD5_LEN : SHA1_LEN;
}
if (rsp == NULL) {
cmdsize = sizeof (DHCHAP_SUCCESS_HDR);
} else {
cmdsize = sizeof (DHCHAP_SUCCESS_HDR) + len;
}
cmd_size = cmdsize;
rsp_size = 4;
if ((pkt = emlxs_prep_els_fc_pkt(port, ndlp->nlp_DID, cmd_size,
rsp_size, 0, KM_NOSLEEP)) == NULL) {
return (1);
}
pCmd = (uint8_t *)pkt->pkt_cmd;
ap = (DHCHAP_SUCCESS_HDR *)pCmd;
tmp = (uint8_t *)pCmd;
ap->auth_els_code = ELS_CMD_AUTH_CODE;
ap->auth_els_flags = 0x0;
ap->auth_msg_code = DHCHAP_SUCCESS;
ap->proto_version = 0x01;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_success: 0x%x 0x%x 0x%x 0x%x 0x%x %p",
ndlp->nlp_DID, node_dhc->nlp_auth_hashid,
node_dhc->nlp_auth_tranid_rsp,
node_dhc->nlp_auth_tranid_ini, cmdsize, rsp);
if (rsp == NULL) {
ap->msg_len = LE_SWAP32(0x00000004);
ap->RspVal_len = 0x0;
node_dhc->fc_dhchap_success_expected = 0;
} else {
node_dhc->fc_dhchap_success_expected = 1;
ap->msg_len = LE_SWAP32(4 + len);
tmp += sizeof (DHCHAP_SUCCESS_HDR) - sizeof (uint32_t);
*(uint32_t *)tmp = LE_SWAP32(len);
tmp += sizeof (uint32_t);
bcopy((void *)rsp, (void *)tmp, len);
}
if (node_dhc->nlp_reauth_status == NLP_HOST_REAUTH_IN_PROGRESS) {
ap->tran_id = LE_SWAP32(node_dhc->nlp_auth_tranid_rsp);
} else {
if (node_dhc->nlp_auth_flag == 2) {
ap->tran_id =
LE_SWAP32(node_dhc->nlp_auth_tranid_rsp);
} else if (node_dhc->nlp_auth_flag == 1) {
ap->tran_id =
LE_SWAP32(node_dhc->nlp_auth_tranid_ini);
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_debug_msg,
"is_dhch_success: (1) 0x%x 0x%x 0x%x 0x%x",
ndlp->nlp_DID, node_dhc->nlp_auth_flag,
node_dhc->nlp_auth_tranid_rsp,
node_dhc->nlp_auth_tranid_ini);
return (1);
}
}
pkt->pkt_comp = emlxs_cmpl_dhchap_success_issue;
ret = emlxs_pkt_send(pkt, 1);
if (ret != FC_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_success: Unable to send packet. 0x%x",
ret);
emlxs_pkt_free(pkt);
return (1);
}
return (0);
}
static void
emlxs_cmpl_auth_reject_issue(fc_packet_t *pkt)
{
emlxs_port_t *port = pkt->pkt_ulp_private;
emlxs_buf_t *sbp;
NODELIST *ndlp;
uint32_t did;
did = pkt->pkt_cmd_fhdr.d_id;
sbp = (emlxs_buf_t *)pkt->pkt_fca_private;
ndlp = sbp->node;
if (!ndlp) {
ndlp = emlxs_node_find_did(port, did, 1);
}
if (pkt->pkt_state != FC_PKT_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_auth_reject_issue: 0x%x %x. No retry.",
did, pkt->pkt_state);
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_auth_reject_issue: did=0x%x. Succcess.",
did);
}
if (ndlp) {
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED, 0, 0);
if (pkt->pkt_state == FC_PKT_SUCCESS) {
(void) emlxs_dhchap_state_machine(port, NULL, NULL,
NULL, ndlp, NODE_EVENT_CMPL_AUTH_MSG);
}
}
emlxs_pkt_free(pkt);
return;
}
static uint32_t
emlxs_issue_auth_reject(
emlxs_port_t *port,
NODELIST *ndlp,
int retry,
uint32_t *arg,
uint8_t ReasonCode,
uint8_t ReasonCodeExplanation)
{
fc_packet_t *pkt;
uint32_t cmd_size;
uint32_t rsp_size;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint16_t cmdsize;
AUTH_RJT *ap;
char info[64];
if (node_dhc->nlp_authrsp_tmo) {
node_dhc->nlp_authrsp_tmo = 0;
}
cmdsize = sizeof (AUTH_RJT);
cmd_size = cmdsize;
rsp_size = 4;
if ((pkt = emlxs_prep_els_fc_pkt(port, ndlp->nlp_DID, cmd_size,
rsp_size, 0, KM_NOSLEEP)) == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"Auth reject failed: Unable to allocate pkt. 0x%x %x %x",
ndlp->nlp_DID, ReasonCode, ReasonCodeExplanation);
return (1);
}
ap = (AUTH_RJT *) pkt->pkt_cmd;
ap->auth_els_code = ELS_CMD_AUTH_CODE;
ap->auth_els_flags = 0x0;
ap->auth_msg_code = AUTH_REJECT;
ap->proto_version = 0x01;
ap->msg_len = LE_SWAP32(4);
if (node_dhc->nlp_auth_flag == 2) {
ap->tran_id = LE_SWAP32(node_dhc->nlp_auth_tranid_rsp);
} else if (node_dhc->nlp_auth_flag == 1) {
ap->tran_id = LE_SWAP32(node_dhc->nlp_auth_tranid_ini);
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"Auth reject failed.Invalid flag=%d. 0x%x %x expl=%x",
ndlp->nlp_DID, node_dhc->nlp_auth_flag, ReasonCode,
ReasonCodeExplanation);
emlxs_pkt_free(pkt);
return (1);
}
ap->ReasonCode = ReasonCode;
ap->ReasonCodeExplanation = ReasonCodeExplanation;
pkt->pkt_comp = emlxs_cmpl_auth_reject_issue;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_debug_msg,
"Auth reject: did=0x%x reason=%x expl=%x",
ndlp->nlp_DID, ReasonCode, ReasonCodeExplanation);
if (emlxs_pkt_send(pkt, 1) != FC_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"Auth reject failed. Unable to send pkt. 0x%x %x expl=%x",
ndlp->nlp_DID, node_dhc->nlp_auth_flag, ReasonCode,
ReasonCodeExplanation);
emlxs_pkt_free(pkt);
return (1);
}
(void) snprintf(info, sizeof (info),
"Auth-Reject: ReasonCode=0x%x, ReasonCodeExplanation=0x%x",
ReasonCode, ReasonCodeExplanation);
emlxs_log_auth_event(port, ndlp, "issue_auth_reject", info);
return (0);
}
static fc_packet_t *
emlxs_prep_els_fc_pkt(
emlxs_port_t *port,
uint32_t d_id,
uint32_t cmd_size,
uint32_t rsp_size,
uint32_t datalen,
int32_t sleepflag)
{
fc_packet_t *pkt;
if (!(pkt = emlxs_pkt_alloc(port, cmd_size, rsp_size,
datalen, sleepflag))) {
return (NULL);
}
pkt->pkt_tran_type = FC_PKT_EXCHANGE;
pkt->pkt_timeout = 35;
pkt->pkt_cmd_fhdr.d_id = LE_SWAP24_LO(d_id);
pkt->pkt_cmd_fhdr.r_ctl = R_CTL_ELS_REQ;
pkt->pkt_cmd_fhdr.s_id = LE_SWAP24_LO(port->did);
pkt->pkt_cmd_fhdr.type = FC_TYPE_EXTENDED_LS;
pkt->pkt_cmd_fhdr.f_ctl =
F_CTL_FIRST_SEQ | F_CTL_END_SEQ | F_CTL_SEQ_INITIATIVE;
pkt->pkt_cmd_fhdr.seq_id = 0;
pkt->pkt_cmd_fhdr.df_ctl = 0;
pkt->pkt_cmd_fhdr.seq_cnt = 0;
pkt->pkt_cmd_fhdr.ox_id = 0xFFFF;
pkt->pkt_cmd_fhdr.rx_id = 0xFFFF;
pkt->pkt_cmd_fhdr.ro = 0;
return ((fc_packet_t *)pkt);
}
static int
emlxs_issue_auth_negotiate(
emlxs_port_t *port,
emlxs_node_t *ndlp,
uint8_t retry)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
fc_packet_t *pkt;
uint32_t cmd_size;
uint32_t rsp_size;
uint16_t cmdsize;
AUTH_MSG_NEGOT_NULL_1 *null_ap1;
AUTH_MSG_NEGOT_NULL_2 *null_ap2;
uint32_t num_hs = 0;
uint8_t flag;
AUTH_MSG_NEGOT_1 *ap1;
AUTH_MSG_NEGOT_2 *ap2;
uint16_t para_len = 0;
uint16_t hash_wcnt = 0;
uint16_t dhgp_wcnt = 0;
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_NEGOTIATE_ISSUE, 0, 0);
flag = (node_dhc->nlp_auth_limit == 2) ? 1 : 0;
if (flag == 1) {
cmdsize = sizeof (AUTH_MSG_NEGOT_NULL);
cmdsize += 2 + 2;
cmdsize += 8;
cmdsize += 4;
cmdsize += 4;
cmdsize += 4;
para_len += 4;
cmdsize += 2 + 2;
para_len += 4;
if (node_dhc->auth_cfg.hash_priority[1] == 0x00) {
cmdsize += 4;
num_hs = 1;
para_len += 4;
hash_wcnt = 1;
} else {
cmdsize += 4 + 4;
num_hs = 2;
para_len += 4 + 4;
hash_wcnt = 2;
}
cmdsize += 2 + 2;
para_len += 4;
if (node_dhc->auth_cfg.dh_group_priority[1] == 0xf) {
cmdsize += 4;
para_len += 4;
dhgp_wcnt = 1;
} else if (node_dhc->auth_cfg.dh_group_priority[2] == 0xf) {
cmdsize += 4 + 4;
para_len += 4 + 4;
dhgp_wcnt = 2;
} else if (node_dhc->auth_cfg.dh_group_priority[3] == 0xf) {
cmdsize += 4 + 4 + 4;
para_len += 4 + 4 + 4;
dhgp_wcnt = 3;
} else if (node_dhc->auth_cfg.dh_group_priority[4] == 0xf) {
cmdsize += 4 + 4 + 4 + 4;
para_len += 4 + 4 + 4 + 4;
dhgp_wcnt = 4;
} else if (node_dhc->auth_cfg.dh_group_priority[5] == 0xf) {
cmdsize += 4 + 4 + 4 + 4 + 4;
para_len += 4 + 4 + 4 + 4 + 4;
dhgp_wcnt = 5;
}
} else {
cmdsize = sizeof (AUTH_MSG_NEGOT_NULL);
cmdsize += 2 + 2 + 8;
cmdsize += 4;
cmdsize += 4;
cmdsize += 4;
cmdsize += 4;
if (node_dhc->auth_cfg.hash_priority[1] == 0x00) {
cmdsize += 4;
num_hs = 1;
} else {
num_hs = 2;
cmdsize += 4 + 4;
}
cmdsize += 4;
cmdsize += 4;
}
cmd_size = cmdsize;
rsp_size = 4;
if ((pkt = emlxs_prep_els_fc_pkt(port, ndlp->nlp_DID, cmd_size,
rsp_size, 0, KM_NOSLEEP)) == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"issue_auth_negotiate: Unable to allocate pkt. 0x%x %d",
ndlp->nlp_DID, cmd_size);
return (1);
}
if (flag == 1) {
if (hash_wcnt == 1) {
ap1 = (AUTH_MSG_NEGOT_1 *)pkt->pkt_cmd;
ap1->auth_els_code = ELS_CMD_AUTH_CODE;
ap1->auth_els_flags = 0x00;
ap1->auth_msg_code = AUTH_NEGOTIATE;
ap1->proto_version = 0x01;
ap1->msg_len = LE_SWAP32(cmdsize -
sizeof (AUTH_MSG_NEGOT_NULL));
} else {
ap2 = (AUTH_MSG_NEGOT_2 *)pkt->pkt_cmd;
ap2->auth_els_code = ELS_CMD_AUTH_CODE;
ap2->auth_els_flags = 0x00;
ap2->auth_msg_code = AUTH_NEGOTIATE;
ap2->proto_version = 0x01;
ap2->msg_len = LE_SWAP32(cmdsize -
sizeof (AUTH_MSG_NEGOT_NULL));
}
} else {
if (node_dhc->auth_cfg.hash_priority[1] == 0x00) {
null_ap1 = (AUTH_MSG_NEGOT_NULL_1 *)pkt->pkt_cmd;
null_ap1->auth_els_code = ELS_CMD_AUTH_CODE;
null_ap1->auth_els_flags = 0x0;
null_ap1->auth_msg_code = AUTH_NEGOTIATE;
null_ap1->proto_version = 0x01;
null_ap1->msg_len = LE_SWAP32(cmdsize -
sizeof (AUTH_MSG_NEGOT_NULL));
} else {
null_ap2 = (AUTH_MSG_NEGOT_NULL_2 *)pkt->pkt_cmd;
null_ap2->auth_els_code = ELS_CMD_AUTH_CODE;
null_ap2->auth_els_flags = 0x0;
null_ap2->auth_msg_code = AUTH_NEGOTIATE;
null_ap2->proto_version = 0x01;
null_ap2->msg_len = LE_SWAP32(cmdsize -
sizeof (AUTH_MSG_NEGOT_NULL));
}
}
node_dhc->nlp_auth_flag = 2;
if (node_dhc->nlp_reauth_status == NLP_HOST_REAUTH_IN_PROGRESS) {
if (node_dhc->nlp_auth_tranid_rsp == 0xffffffff) {
node_dhc->nlp_auth_tranid_rsp = 1;
} else {
node_dhc->nlp_auth_tranid_rsp++;
}
} else {
node_dhc->nlp_auth_tranid_rsp = 0;
}
if (flag == 1) {
if (hash_wcnt == 1) {
ap1->tran_id =
LE_SWAP32(node_dhc->nlp_auth_tranid_rsp);
ap1->params.name_tag = AUTH_NAME_ID;
ap1->params.name_len = AUTH_NAME_LEN;
bcopy((void *)&port->wwpn,
(void *) &ap1->params.nodeName, sizeof (NAME_TYPE));
ap1->params.proto_num = AUTH_PROTO_NUM;
ap1->params.para_len = LE_SWAP32(para_len);
ap1->params.proto_id = AUTH_DHCHAP;
ap1->params.HashList_tag = HASH_LIST_TAG;
ap1->params.HashList_wcnt = LE_SWAP16(hash_wcnt);
ap1->params.HashList_value1 =
node_dhc->auth_cfg.hash_priority[0];
ap1->params.DHgIDList_tag = DHGID_LIST_TAG;
ap1->params.DHgIDList_wnt = LE_SWAP16(dhgp_wcnt);
switch (dhgp_wcnt) {
case 5:
ap1->params.DHgIDList_g4 =
(node_dhc->auth_cfg.dh_group_priority[4]);
ap1->params.DHgIDList_g3 =
(node_dhc->auth_cfg.dh_group_priority[3]);
ap1->params.DHgIDList_g2 =
(node_dhc->auth_cfg.dh_group_priority[2]);
ap1->params.DHgIDList_g1 =
(node_dhc->auth_cfg.dh_group_priority[1]);
ap1->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
case 4:
ap1->params.DHgIDList_g3 =
(node_dhc->auth_cfg.dh_group_priority[3]);
ap1->params.DHgIDList_g2 =
(node_dhc->auth_cfg.dh_group_priority[2]);
ap1->params.DHgIDList_g1 =
(node_dhc->auth_cfg.dh_group_priority[1]);
ap1->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
case 3:
ap1->params.DHgIDList_g2 =
(node_dhc->auth_cfg.dh_group_priority[2]);
ap1->params.DHgIDList_g1 =
(node_dhc->auth_cfg.dh_group_priority[1]);
ap1->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
case 2:
ap1->params.DHgIDList_g1 =
(node_dhc->auth_cfg.dh_group_priority[1]);
ap1->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
case 1:
ap1->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
}
} else {
ap2->tran_id =
LE_SWAP32(node_dhc->nlp_auth_tranid_rsp);
ap2->params.name_tag = AUTH_NAME_ID;
ap2->params.name_len = AUTH_NAME_LEN;
bcopy((void *) &port->wwpn,
(void *) &ap2->params.nodeName, sizeof (NAME_TYPE));
ap2->params.proto_num = AUTH_PROTO_NUM;
ap2->params.para_len = LE_SWAP32(para_len);
ap2->params.proto_id = AUTH_DHCHAP;
ap2->params.HashList_tag = HASH_LIST_TAG;
ap2->params.HashList_wcnt = LE_SWAP16(hash_wcnt);
ap2->params.HashList_value1 =
(node_dhc->auth_cfg.hash_priority[0]);
ap2->params.HashList_value2 =
(node_dhc->auth_cfg.hash_priority[1]);
ap2->params.DHgIDList_tag = DHGID_LIST_TAG;
ap2->params.DHgIDList_wnt = LE_SWAP16(dhgp_wcnt);
switch (dhgp_wcnt) {
case 5:
ap2->params.DHgIDList_g4 =
(node_dhc->auth_cfg.dh_group_priority[4]);
ap2->params.DHgIDList_g3 =
(node_dhc->auth_cfg.dh_group_priority[3]);
ap2->params.DHgIDList_g2 =
(node_dhc->auth_cfg.dh_group_priority[2]);
ap2->params.DHgIDList_g1 =
(node_dhc->auth_cfg.dh_group_priority[1]);
ap2->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
case 4:
ap2->params.DHgIDList_g3 =
(node_dhc->auth_cfg.dh_group_priority[3]);
ap2->params.DHgIDList_g2 =
(node_dhc->auth_cfg.dh_group_priority[2]);
ap2->params.DHgIDList_g1 =
(node_dhc->auth_cfg.dh_group_priority[1]);
ap2->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
case 3:
ap2->params.DHgIDList_g2 =
(node_dhc->auth_cfg.dh_group_priority[2]);
ap2->params.DHgIDList_g1 =
(node_dhc->auth_cfg.dh_group_priority[1]);
ap2->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
case 2:
ap2->params.DHgIDList_g1 =
(node_dhc->auth_cfg.dh_group_priority[1]);
ap2->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
case 1:
ap2->params.DHgIDList_g0 =
(node_dhc->auth_cfg.dh_group_priority[0]);
break;
}
}
} else {
if (num_hs == 1) {
null_ap1->tran_id =
LE_SWAP32(node_dhc->nlp_auth_tranid_rsp);
null_ap1->params.name_tag = AUTH_NAME_ID;
null_ap1->params.name_len = AUTH_NAME_LEN;
bcopy((void *) &port->wwpn,
(void *) &null_ap1->params.nodeName,
sizeof (NAME_TYPE));
null_ap1->params.proto_num = AUTH_PROTO_NUM;
null_ap1->params.para_len = LE_SWAP32(0x00000014);
null_ap1->params.proto_id = AUTH_DHCHAP;
null_ap1->params.HashList_tag = HASH_LIST_TAG;
null_ap1->params.HashList_wcnt = LE_SWAP16(0x0001);
null_ap1->params.HashList_value1 =
(node_dhc->auth_cfg.hash_priority[0]);
null_ap1->params.DHgIDList_tag = DHGID_LIST_TAG;
null_ap1->params.DHgIDList_wnt = LE_SWAP16(0x0001);
null_ap1->params.DHgIDList_g0 = 0x0;
} else {
null_ap2->tran_id =
LE_SWAP32(node_dhc->nlp_auth_tranid_rsp);
null_ap2->params.name_tag = AUTH_NAME_ID;
null_ap2->params.name_len = AUTH_NAME_LEN;
bcopy((void *) &port->wwpn,
(void *) &null_ap2->params.nodeName,
sizeof (NAME_TYPE));
null_ap2->params.proto_num = AUTH_PROTO_NUM;
null_ap2->params.para_len = LE_SWAP32(0x00000018);
null_ap2->params.proto_id = AUTH_DHCHAP;
null_ap2->params.HashList_tag = HASH_LIST_TAG;
null_ap2->params.HashList_wcnt = LE_SWAP16(0x0002);
null_ap2->params.HashList_value1 =
(node_dhc->auth_cfg.hash_priority[0]);
null_ap2->params.HashList_value2 =
(node_dhc->auth_cfg.hash_priority[1]);
null_ap2->params.DHgIDList_tag = DHGID_LIST_TAG;
null_ap2->params.DHgIDList_wnt = LE_SWAP16(0x0001);
null_ap2->params.DHgIDList_g0 = 0x0;
}
}
pkt->pkt_comp = emlxs_cmpl_auth_negotiate_issue;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_debug_msg,
"issue_auth_negotiate: %x flag=%d size=%d hash=%x,%x tid=%x,%x",
ndlp->nlp_DID, flag, cmd_size,
node_dhc->auth_cfg.hash_priority[0],
node_dhc->auth_cfg.hash_priority[1],
node_dhc->nlp_auth_tranid_rsp, node_dhc->nlp_auth_tranid_ini);
if (emlxs_pkt_send(pkt, 1) != FC_SUCCESS) {
emlxs_pkt_free(pkt);
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"issue_auth_negotiate: Unable to send pkt. did=0x%x",
ndlp->nlp_DID);
return (1);
}
return (0);
}
static void
emlxs_cmpl_auth_negotiate_issue(fc_packet_t *pkt)
{
emlxs_port_t *port = pkt->pkt_ulp_private;
emlxs_buf_t *sbp;
NODELIST *ndlp;
emlxs_node_dhc_t *node_dhc;
uint32_t did;
did = pkt->pkt_cmd_fhdr.d_id;
sbp = (emlxs_buf_t *)pkt->pkt_fca_private;
ndlp = sbp->node;
node_dhc = &ndlp->node_dhc;
if (!ndlp) {
ndlp = emlxs_node_find_did(port, did, 1);
}
if (pkt->pkt_state != FC_PKT_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_dhchap_negotiate_issue: 0x%x %x. Noretry.",
did, pkt->pkt_state);
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_dhchap_negotiate_issue: did=0x%x. Succcess.",
did);
}
if (ndlp) {
if (pkt->pkt_state == FC_PKT_SUCCESS) {
(void) emlxs_dhchap_state_machine(port, NULL, NULL,
NULL, ndlp, NODE_EVENT_CMPL_AUTH_MSG);
} else {
emlxs_dhc_set_reauth_time(port, ndlp, DISABLE);
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED,
0, 0);
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_debug_msg,
"Reauth disabled. did=0x%x state=%x",
ndlp->nlp_DID, node_dhc->state);
emlxs_dhc_auth_complete(port, ndlp, 1);
}
}
emlxs_pkt_free(pkt);
return;
}
static uint32_t
emlxs_cmpl_auth_msg_auth_negotiate_issue(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_auth_msg_auth_negotiate_issue: did=0x%x",
ndlp->nlp_DID);
if (node_dhc->nlp_authrsp_tmo == 0) {
node_dhc->nlp_authrsp_tmo = DRV_TIME +
node_dhc->auth_cfg.authentication_timeout;
}
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_NEGOTIATE_CMPL_WAIT4NEXT,
0, 0);
return (node_dhc->state);
}
static uint32_t
emlxs_rcv_auth_msg_auth_negotiate_issue(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
IOCBQ *iocbq = (IOCBQ *) arg2;
uint8_t ReasonCode;
uint8_t ReasonCodeExplanation;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_auth_negotiate_issue: did=0x%x",
ndlp->nlp_DID);
(void) emlxs_els_reply(port, iocbq, ELS_CMD_ACC, ELS_CMD_AUTH, 0, 0);
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_AUTHTRAN_STARTED;
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_NEGOTIATE_ISSUE,
ReasonCode, ReasonCodeExplanation);
(void) emlxs_issue_auth_reject(port, ndlp, 0, 0, ReasonCode,
ReasonCodeExplanation);
return (node_dhc->state);
}
static void
emlxs_cmpl_dhchap_reply_issue(fc_packet_t *pkt)
{
emlxs_port_t *port = pkt->pkt_ulp_private;
emlxs_buf_t *sbp;
NODELIST *ndlp;
uint32_t did;
did = pkt->pkt_cmd_fhdr.d_id;
sbp = (emlxs_buf_t *)pkt->pkt_fca_private;
ndlp = sbp->node;
if (!ndlp) {
ndlp = emlxs_node_find_did(port, did, 1);
}
if (pkt->pkt_state != FC_PKT_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_dhchap_reply_issue: 0x%x %x. No retry.",
did, pkt->pkt_state);
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_dhchap_reply_issue: did=0x%x. Succcess.",
did);
}
if (ndlp) {
if (pkt->pkt_state == FC_PKT_SUCCESS) {
(void) emlxs_dhchap_state_machine(port, NULL, NULL,
NULL, ndlp, NODE_EVENT_CMPL_AUTH_MSG);
}
}
emlxs_pkt_free(pkt);
return;
}
uint32_t
emlxs_issue_dhchap_challenge(
emlxs_port_t *port,
NODELIST *ndlp,
int retry,
void *arg,
uint32_t payload_len,
uint32_t hash_id,
uint32_t dhgp_id)
{
emlxs_hba_t *hba = HBA;
fc_packet_t *pkt;
uint32_t cmd_size;
uint32_t rsp_size;
uint16_t cmdsize = 0;
uint8_t *pCmd;
emlxs_port_dhc_t *port_dhc = &port->port_dhc;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
DHCHAP_CHALL *chal;
uint8_t *tmp;
uint8_t random_number[20];
uint8_t dhval[256];
uint32_t dhval_len;
uint32_t tran_id;
BIG_ERR_CODE err = BIG_OK;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_challenge: did=0x%x hashlist=[%x,%x,%x,%x]",
ndlp->nlp_DID, node_dhc->auth_cfg.hash_priority[0],
node_dhc->auth_cfg.hash_priority[1],
node_dhc->auth_cfg.hash_priority[2],
node_dhc->auth_cfg.hash_priority[3]);
if (hash_id == AUTH_SHA1) {
cmdsize = (12 + 4 + 8) + (4 + 4 + 4) + 20 + 4;
} else if (hash_id == AUTH_MD5) {
cmdsize = (12 + 4 + 8) + (4 + 4 + 4) + 16 + 4;
} else {
return (1);
}
switch (dhgp_id) {
case GROUP_NULL:
break;
case GROUP_1024:
cmdsize += 128;
break;
case GROUP_1280:
cmdsize += 160;
break;
case GROUP_1536:
cmdsize += 192;
break;
case GROUP_2048:
cmdsize += 256;
break;
default:
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"issue_dhchap_challenge: Invalid dhgp_id=0x%x",
dhgp_id);
return (1);
}
cmd_size = cmdsize;
rsp_size = 4;
if ((pkt = emlxs_prep_els_fc_pkt(port, ndlp->nlp_DID, cmd_size,
rsp_size,
0, KM_NOSLEEP)) == NULL) {
return (1);
}
pCmd = (uint8_t *)pkt->pkt_cmd;
tmp = (uint8_t *)arg;
tmp += 8;
tran_id = *(uint32_t *)tmp;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_challenge: 0x%x 0x%x 0x%x %d 0x%x 0x%x 0x%x",
ndlp->nlp_DID, node_dhc->nlp_auth_tranid_ini,
node_dhc->nlp_auth_tranid_rsp,
cmdsize, tran_id, hash_id, dhgp_id);
node_dhc->nlp_auth_tranid_ini = LE_SWAP32(tran_id);
tmp += sizeof (uint32_t);
chal = (DHCHAP_CHALL *)pCmd;
chal->cnul.msg_hdr.auth_els_code = ELS_CMD_AUTH_CODE;
chal->cnul.msg_hdr.auth_els_flags = 0x0;
chal->cnul.msg_hdr.auth_msg_code = DHCHAP_CHALLENGE;
chal->cnul.msg_hdr.proto_version = 0x01;
chal->cnul.msg_hdr.msg_len = LE_SWAP32(cmdsize - 12);
chal->cnul.msg_hdr.tran_id = tran_id;
chal->cnul.msg_hdr.name_tag = (AUTH_NAME_ID);
chal->cnul.msg_hdr.name_len = (AUTH_NAME_LEN);
bcopy((void *) &port->wwpn,
(void *) &chal->cnul.msg_hdr.nodeName, sizeof (NAME_TYPE));
chal->cnul.hash_id = hash_id;
chal->cnul.dhgp_id = dhgp_id;
chal->cnul.cval_len = ((chal->cnul.hash_id == AUTH_SHA1) ?
LE_SWAP32(SHA1_LEN) : LE_SWAP32(MD5_LEN));
tmp = (uint8_t *)pCmd;
tmp += sizeof (DHCHAP_CHALL_NULL);
#ifdef RAND
bzero(random_number, LE_SWAP32(chal->cnul.cval_len));
if (hba->rdn_flag == 1) {
emlxs_get_random_bytes(ndlp, random_number, 20);
} else {
(void) random_get_pseudo_bytes(random_number,
LE_SWAP32(chal->cnul.cval_len));
}
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *) &random_number[0],
(void *) &node_dhc->hrsp_cval[0],
LE_SWAP32(chal->cnul.cval_len));
bcopy((void *) &random_number[0],
(void *) &node_dhc->nlp_auth_misc.hrsp_cval[0],
LE_SWAP32(chal->cnul.cval_len));
} else {
bcopy((void *) &random_number[0],
(void *) &node_dhc->nlp_auth_misc.hrsp_cval[0],
LE_SWAP32(chal->cnul.cval_len));
}
bcopy((void *) &random_number[0], (void *) tmp,
LE_SWAP32(chal->cnul.cval_len));
#endif
#ifdef MYRAND
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *) myrand, (void *) &node_dhc->hrsp_cval[0],
LE_SWAP32(chal->cnul.cval_len));
bcopy((void *) myrand,
(void *) &node_dhc->nlp_auth_misc.hrsp_cval[0],
LE_SWAP32(chal->cnul.cval_len));
} else {
bcopy((void *) myrand,
(void *) &node_dhc->nlp_auth_misc.hrsp_cval[0],
LE_SWAP32(chal->cnul.cval_len));
}
bcopy((void *) myrand, (void *) tmp,
LE_SWAP32(chal->cnul.cval_len));
#endif
if (ndlp->nlp_DID == FABRIC_DID) {
node_dhc->hrsp_cval_len = LE_SWAP32(chal->cnul.cval_len);
node_dhc->nlp_auth_misc.hrsp_cval_len =
LE_SWAP32(chal->cnul.cval_len);
} else {
node_dhc->nlp_auth_misc.hrsp_cval_len =
LE_SWAP32(chal->cnul.cval_len);
}
tmp += LE_SWAP32(chal->cnul.cval_len);
#ifdef RAND
if (dhgp_id != GROUP_NULL) {
bzero(random_number, LE_SWAP32(chal->cnul.cval_len));
if (hba->rdn_flag == 1) {
emlxs_get_random_bytes(ndlp, random_number, 20);
} else {
(void) random_get_pseudo_bytes(random_number,
LE_SWAP32(chal->cnul.cval_len));
}
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *) &random_number[0],
(void *) node_dhc->hrsp_priv_key,
LE_SWAP32(chal->cnul.cval_len));
bcopy((void *) &random_number[0],
(void *) node_dhc->nlp_auth_misc.hrsp_priv_key,
LE_SWAP32(chal->cnul.cval_len));
} else {
bcopy((void *) &random_number[0],
(void *) node_dhc->nlp_auth_misc.hrsp_priv_key,
LE_SWAP32(chal->cnul.cval_len));
}
}
#endif
#ifdef MYRAND
if (dhgp_id != GROUP_NULL) {
bcopy((void *) myrand, (void *) node_dhc->hrsp_priv_key,
LE_SWAP32(chal->cnul.cval_len));
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *) myrand,
(void *) node_dhc->hrsp_priv_key,
LE_SWAP32(chal->cnul.cval_len));
bcopy((void *) myrand,
(void *) node_dhc->nlp_auth_misc.hrsp_priv_key,
LE_SWAP32(chal->cnul.cval_len));
} else {
bcopy((void *) myrand,
(void *) node_dhc->nlp_auth_misc.hrsp_priv_key,
LE_SWAP32(chal->cnul.cval_len));
}
}
#endif
node_dhc->nlp_auth_hashid = hash_id;
node_dhc->nlp_auth_dhgpid = dhgp_id;
#ifdef MYRAND
if (dhgp_id != GROUP_NULL) {
err = emlxs_BIGNUM_get_dhval(port, port_dhc, ndlp, dhval,
&dhval_len, chal->cnul.dhgp_id,
myrand, LE_SWAP32(chal->cnul.cval_len));
if (err != BIG_OK) {
emlxs_pkt_free(pkt);
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"issue_dhchap_challenge: error. 0x%x",
err);
return (1);
}
if (ndlp->nlp_DID == FABRIC_DID) {
*(uint32_t *)tmp =
LE_SWAP32(node_dhc->hrsp_pubkey_len);
} else {
*(uint32_t *)tmp =
LE_SWAP32(
node_dhc->nlp_auth_misc.hrsp_pubkey_len);
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_challenge: 0x%x: 0x%x 0x%x",
ndlp->nlp_DID, *(uint32_t *)tmp, dhval_len);
tmp += sizeof (uint32_t);
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *) node_dhc->hrsp_pub_key, (void *)tmp,
node_dhc->hrsp_pubkey_len);
} else {
bcopy((void *) node_dhc->nlp_auth_misc.hrsp_pub_key,
(void *)tmp,
node_dhc->nlp_auth_misc.hrsp_pubkey_len);
}
} else {
*(uint32_t *)tmp = 0;
}
#endif
#ifdef RAND
if (dhgp_id != GROUP_NULL) {
err = emlxs_BIGNUM_get_dhval(port, port_dhc, ndlp, dhval,
&dhval_len, chal->cnul.dhgp_id,
random_number, LE_SWAP32(chal->cnul.cval_len));
if (err != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"issue_dhchap_challenge: error. 0x%x",
err);
emlxs_pkt_free(pkt);
return (1);
}
if (ndlp->nlp_DID == FABRIC_DID) {
*(uint32_t *)tmp =
LE_SWAP32(node_dhc->hrsp_pubkey_len);
} else {
*(uint32_t *)tmp =
LE_SWAP32(
node_dhc->nlp_auth_misc.hrsp_pubkey_len);
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_challenge: did=0x%x: pubkey_len=0x%x",
ndlp->nlp_DID, *(uint32_t *)tmp);
tmp += sizeof (uint32_t);
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *) node_dhc->hrsp_pub_key, (void *)tmp,
node_dhc->hrsp_pubkey_len);
} else {
bcopy((void *) node_dhc->nlp_auth_misc.hrsp_pub_key,
(void *)tmp,
node_dhc->nlp_auth_misc.hrsp_pubkey_len);
}
} else {
*(uint32_t *)tmp = 0;
}
#endif
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_challenge: 0x%x 0x%x 0x%x 0x%x 0x%x",
ndlp->nlp_DID, node_dhc->nlp_auth_tranid_ini,
node_dhc->nlp_auth_tranid_rsp,
chal->cnul.hash_id, chal->cnul.dhgp_id);
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_challenge: 0x%x 0x%x 0x%x 0x%x",
ndlp->nlp_DID, tran_id, node_dhc->nlp_auth_hashid,
node_dhc->nlp_auth_dhgpid);
pkt->pkt_comp = emlxs_cmpl_dhchap_challenge_issue;
if (emlxs_pkt_send(pkt, 1) != FC_SUCCESS) {
emlxs_pkt_free(pkt);
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"issue_dhchap_challenge: Unable to send fc packet.");
return (1);
}
return (0);
}
uint32_t
emlxs_issue_dhchap_reply(
emlxs_port_t *port,
NODELIST *ndlp,
int retry,
uint32_t *arg1,
uint8_t *dhval,
uint32_t dhval_len,
uint8_t *arg2,
uint32_t arg2_len)
{
fc_packet_t *pkt;
uint32_t cmd_size;
uint32_t rsp_size;
uint16_t cmdsize = 0;
DHCHAP_REPLY_HDR *ap;
uint8_t *pCmd;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
cmdsize = sizeof (DHCHAP_REPLY_HDR);
if (ndlp->nlp_DID == FABRIC_DID) {
if (node_dhc->hash_id == AUTH_MD5) {
cmdsize += 4 + MD5_LEN;
}
if (node_dhc->hash_id == AUTH_SHA1) {
cmdsize += 4 + SHA1_LEN;
}
} else {
if (node_dhc->nlp_auth_hashid == AUTH_MD5) {
cmdsize += 4 + MD5_LEN;
}
if (node_dhc->nlp_auth_hashid == AUTH_SHA1) {
cmdsize += 4 + SHA1_LEN;
}
}
if (ndlp->nlp_DID == FABRIC_DID) {
switch (node_dhc->dhgp_id) {
case GROUP_NULL:
break;
case GROUP_1024:
case GROUP_1280:
case GROUP_1536:
case GROUP_2048:
default:
break;
}
}
cmdsize += 4 + dhval_len;
if (node_dhc->auth_cfg.bidirectional == 0) {
cmdsize += 4;
} else {
if (ndlp->nlp_DID == FABRIC_DID) {
cmdsize += 4 + ((node_dhc->hash_id == AUTH_MD5) ?
MD5_LEN : SHA1_LEN);
} else {
cmdsize += 4 +
((node_dhc->nlp_auth_hashid == AUTH_MD5) ? MD5_LEN :
SHA1_LEN);
}
}
cmd_size = cmdsize;
rsp_size = 4;
if ((pkt = emlxs_prep_els_fc_pkt(port, ndlp->nlp_DID, cmd_size,
rsp_size, 0, KM_NOSLEEP)) == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"issue_dhchap_reply failed: did=0x%x size=%x,%x",
ndlp->nlp_DID, cmd_size, rsp_size);
return (1);
}
pCmd = (uint8_t *)pkt->pkt_cmd;
ap = (DHCHAP_REPLY_HDR *)pCmd;
ap->auth_els_code = ELS_CMD_AUTH_CODE;
ap->auth_els_flags = 0x0;
ap->auth_msg_code = DHCHAP_REPLY;
ap->proto_version = 0x01;
ap->msg_len = LE_SWAP32(cmdsize - sizeof (DHCHAP_REPLY_HDR));
ap->tran_id = LE_SWAP32(node_dhc->nlp_auth_tranid_rsp);
pCmd = (uint8_t *)(pCmd + sizeof (DHCHAP_REPLY_HDR));
if (ndlp->nlp_DID == FABRIC_DID) {
if (node_dhc->hash_id == AUTH_MD5) {
*(uint32_t *)pCmd = LE_SWAP32(MD5_LEN);
} else {
*(uint32_t *)pCmd = LE_SWAP32(SHA1_LEN);
}
} else {
if (node_dhc->nlp_auth_hashid == AUTH_MD5) {
*(uint32_t *)pCmd = LE_SWAP32(MD5_LEN);
} else {
*(uint32_t *)pCmd = LE_SWAP32(SHA1_LEN);
}
}
pCmd = (uint8_t *)(pCmd + 4);
if (ndlp->nlp_DID == FABRIC_DID) {
if (node_dhc->hash_id == AUTH_MD5) {
bcopy((void *)arg1, pCmd, MD5_LEN);
pCmd = (uint8_t *)(pCmd + MD5_LEN);
} else {
bcopy((void *)arg1, (void *)pCmd, SHA1_LEN);
pCmd = (uint8_t *)(pCmd + SHA1_LEN);
}
} else {
if (node_dhc->nlp_auth_hashid == AUTH_MD5) {
bcopy((void *)arg1, pCmd, MD5_LEN);
pCmd = (uint8_t *)(pCmd + MD5_LEN);
} else {
bcopy((void *)arg1, (void *)pCmd, SHA1_LEN);
pCmd = (uint8_t *)(pCmd + SHA1_LEN);
}
}
*(uint32_t *)pCmd = LE_SWAP32(dhval_len);
if (dhval_len != 0) {
pCmd = (uint8_t *)(pCmd + 4);
switch (node_dhc->dhgp_id) {
case GROUP_NULL:
break;
case GROUP_1024:
case GROUP_1280:
case GROUP_1536:
case GROUP_2048:
default:
break;
}
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *) node_dhc->pub_key, (void *)pCmd,
node_dhc->pubkey_len);
} else {
bcopy((void *) node_dhc->nlp_auth_misc.pub_key,
(void *)pCmd,
node_dhc->nlp_auth_misc.pubkey_len);
}
pCmd = (uint8_t *)(pCmd + dhval_len);
} else
pCmd = (uint8_t *)(pCmd + 4);
if (node_dhc->auth_cfg.bidirectional == 0) {
*(uint32_t *)pCmd = 0x0;
} else {
if (ndlp->nlp_DID == FABRIC_DID) {
if (node_dhc->hash_id == AUTH_MD5) {
*(uint32_t *)pCmd = LE_SWAP32(MD5_LEN);
pCmd = (uint8_t *)(pCmd + 4);
bcopy((void *)arg2, (void *)pCmd, arg2_len);
} else if (node_dhc->hash_id == AUTH_SHA1) {
*(uint32_t *)pCmd = LE_SWAP32(SHA1_LEN);
pCmd = (uint8_t *)(pCmd + 4);
bcopy((void *)arg2, (void *)pCmd, arg2_len);
}
} else {
if (node_dhc->nlp_auth_hashid == AUTH_MD5) {
*(uint32_t *)pCmd = LE_SWAP32(MD5_LEN);
pCmd = (uint8_t *)(pCmd + 4);
bcopy((void *)arg2, (void *)pCmd, arg2_len);
} else if (node_dhc->nlp_auth_hashid == AUTH_SHA1) {
*(uint32_t *)pCmd = LE_SWAP32(SHA1_LEN);
pCmd = (uint8_t *)(pCmd + 4);
bcopy((void *)arg2, (void *)pCmd, arg2_len);
}
}
}
pkt->pkt_comp = emlxs_cmpl_dhchap_reply_issue;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"issue_dhchap_reply: did=0x%x (%x,%x,%x,%x,%x,%x)",
ndlp->nlp_DID, dhval_len, arg2_len, cmdsize,
node_dhc->hash_id, node_dhc->nlp_auth_hashid,
LE_SWAP32(ap->tran_id));
if (emlxs_pkt_send(pkt, 1) != FC_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"issue_dhchap_reply failed: Unable to send packet.");
emlxs_pkt_free(pkt);
return (1);
}
return (0);
}
static uint32_t
emlxs_rcv_auth_msg_auth_negotiate_cmpl_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
emlxs_hba_t *hba = HBA;
emlxs_port_dhc_t *port_dhc = &port->port_dhc;
IOCBQ *iocbq = (IOCBQ *)arg2;
MATCHMAP *mp = (MATCHMAP *)arg3;
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint8_t *bp;
uint32_t *lp;
DHCHAP_CHALL_NULL *ncval;
uint16_t namelen;
uint32_t dhvallen;
uint8_t *tmp;
uint8_t ReasonCode;
uint8_t ReasonCodeExplanation;
union challenge_val un_cval;
uint8_t *dhval = NULL;
uint8_t random_number[20];
uint32_t *arg5 = NULL;
uint32_t tran_id;
uint32_t arg2len = 0;
AUTH_RJT *rjt;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: did=0x%x",
ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_DHCHAP_REPLY_ISSUE, 0, 0);
(void) emlxs_els_reply(port, iocbq, ELS_CMD_ACC, ELS_CMD_AUTH, 0, 0);
bp = mp->virt;
lp = (uint32_t *)bp;
ncval = (DHCHAP_CHALL_NULL *)((uint8_t *)lp);
if (ncval->msg_hdr.auth_els_code != ELS_CMD_AUTH_CODE) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x %x",
ndlp->nlp_DID, ncval->msg_hdr.auth_els_code);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PROTOCOL;
goto AUTH_Reject;
}
if (ncval->msg_hdr.auth_msg_code == AUTH_REJECT) {
rjt = (AUTH_RJT *)((uint8_t *)lp);
ReasonCode = rjt->ReasonCode;
ReasonCodeExplanation = rjt->ReasonCodeExplanation;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x.%x,%x",
ndlp->nlp_DID, ReasonCode, ReasonCodeExplanation);
switch (ReasonCode) {
case AUTHRJT_LOGIC_ERR:
switch (ReasonCodeExplanation) {
case AUTHEXP_MECH_UNUSABLE:
case AUTHEXP_DHGROUP_UNUSABLE:
case AUTHEXP_HASHFUNC_UNUSABLE:
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_RESTART_AUTH;
break;
case AUTHEXP_RESTART_AUTH:
if (node_dhc->nlp_authrsp_tmo != 0) {
node_dhc->nlp_authrsp_tmo = 0;
node_dhc->nlp_authrsp_tmocnt = 0;
}
if (emlxs_dhc_auth_start(port, ndlp, NULL,
NULL) != 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth timeout. failed. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
}
return (node_dhc->state);
default:
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
break;
}
break;
case AUTHRJT_FAILURE:
default:
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
break;
}
goto AUTH_Reject;
}
if (ncval->msg_hdr.auth_msg_code != DHCHAP_CHALLENGE) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x.%x",
ndlp->nlp_DID, ncval->msg_hdr.auth_msg_code);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PROTOCOL;
goto AUTH_Reject;
}
tran_id = ncval->msg_hdr.tran_id;
if (LE_SWAP32(tran_id) != node_dhc->nlp_auth_tranid_rsp) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next:0x%x %x!=%x",
ndlp->nlp_DID, LE_SWAP32(tran_id),
node_dhc->nlp_auth_tranid_rsp);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
goto AUTH_Reject;
}
node_dhc->nlp_authrsp_tmo = 0;
namelen = ncval->msg_hdr.name_len;
if (namelen == AUTH_NAME_LEN) {
bcopy((void *)&ncval->msg_hdr.nodeName,
(void *)&node_dhc->nlp_auth_wwn, sizeof (NAME_TYPE));
}
tmp = (uint8_t *)((uint8_t *)lp + sizeof (DHCHAP_CHALL_NULL));
if (ncval->hash_id == AUTH_MD5) {
if (ncval->cval_len != LE_SWAP32(MD5_LEN)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next:0x%x.%x!=%x",
ndlp->nlp_DID, ncval->cval_len, LE_SWAP32(MD5_LEN));
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
goto AUTH_Reject;
}
bzero(un_cval.md5.val, sizeof (MD5_CVAL));
bcopy((void *)tmp, (void *)un_cval.md5.val,
sizeof (MD5_CVAL));
tmp += sizeof (MD5_CVAL);
arg2len = MD5_LEN;
} else if (ncval->hash_id == AUTH_SHA1) {
if (ncval->cval_len != LE_SWAP32(SHA1_LEN)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x %x!=%x",
ndlp->nlp_DID, ncval->cval_len, LE_SWAP32(MD5_LEN));
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
goto AUTH_Reject;
}
bzero(un_cval.sha1.val, sizeof (SHA1_CVAL));
bcopy((void *)tmp, (void *)un_cval.sha1.val,
sizeof (SHA1_CVAL));
tmp += sizeof (SHA1_CVAL);
arg2len = SHA1_LEN;
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x %x",
ndlp->nlp_DID, ncval->hash_id);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
goto AUTH_Reject;
}
node_dhc->hash_id = ncval->hash_id;
node_dhc->nlp_auth_hashid = ncval->hash_id;
node_dhc->dhgp_id = ncval->dhgp_id;
node_dhc->nlp_auth_dhgpid = ncval->dhgp_id;
dhvallen = *((uint32_t *)(tmp));
switch (ncval->dhgp_id) {
case GROUP_NULL:
if (LE_SWAP32(dhvallen) != 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x %x %x",
ndlp->nlp_DID, ncval->dhgp_id, LE_SWAP32(dhvallen));
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
goto AUTH_Reject;
}
break;
case GROUP_1024:
case GROUP_1280:
case GROUP_1536:
case GROUP_2048:
tmp += sizeof (uint32_t);
dhval = (uint8_t *)kmem_zalloc(LE_SWAP32(dhvallen),
KM_NOSLEEP);
if (dhval == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x %x %x",
ndlp->nlp_DID, ncval->dhgp_id, dhval);
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_RESTART_AUTH;
goto AUTH_Reject;
}
bcopy((void *)tmp, (void *)dhval, LE_SWAP32(dhvallen));
break;
default:
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x %x.",
ndlp->nlp_DID, ncval->dhgp_id);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
goto AUTH_Reject;
}
arg5 = (uint32_t *)emlxs_hash_rsp(port, port_dhc,
ndlp, tran_id, un_cval, dhval, LE_SWAP32(dhvallen));
if (node_dhc->auth_cfg.bidirectional == 1) {
bzero(&random_number, sizeof (random_number));
if (hba->rdn_flag == 1) {
emlxs_get_random_bytes(ndlp, random_number, 20);
} else {
(void) random_get_pseudo_bytes(random_number, arg2len);
}
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *)&random_number[0],
(void *)&node_dhc->bi_cval[0], arg2len);
node_dhc->bi_cval_len = arg2len;
bcopy((void *)&random_number[0],
(void *)&node_dhc->nlp_auth_misc.bi_cval[0],
arg2len);
node_dhc->nlp_auth_misc.bi_cval_len = arg2len;
} else {
bcopy((void *)&random_number[0],
(void *)&node_dhc->nlp_auth_misc.bi_cval[0],
arg2len);
node_dhc->nlp_auth_misc.bi_cval_len = arg2len;
}
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next:0x%x(%x,%x,%x,%x,%x)",
ndlp->nlp_DID, node_dhc->nlp_auth_tranid_rsp,
node_dhc->nlp_auth_tranid_ini,
ncval->hash_id, ncval->dhgp_id, dhvallen);
if (emlxs_issue_dhchap_reply(port, ndlp, 0, arg5, dhval,
LE_SWAP32(dhvallen),
random_number, arg2len)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_auth_negotiate_cmpl_wait4next: 0x%x.failed.",
ndlp->nlp_DID);
kmem_free(dhval, LE_SWAP32(dhvallen));
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_RESTART_AUTH;
goto AUTH_Reject;
}
return (node_dhc->state);
AUTH_Reject:
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED, ReasonCode,
ReasonCodeExplanation);
(void) emlxs_issue_auth_reject(port, ndlp, 0, 0, ReasonCode,
ReasonCodeExplanation);
emlxs_dhc_auth_complete(port, ndlp, 1);
return (node_dhc->state);
}
static uint32_t
emlxs_cmpl_auth_msg_auth_negotiate_cmpl_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"cmpl_auth_msg_auth_negotiate_cmpl_wait4next.0x%x. Not iplted.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_rcv_auth_msg_dhchap_reply_issue(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_dhchap_reply_issue called. 0x%x. Not implemented.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_cmpl_auth_msg_dhchap_reply_issue(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *) arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_auth_msg_dhchap_reply_issue: did=0x%x",
ndlp->nlp_DID);
if (node_dhc->nlp_authrsp_tmo == 0) {
node_dhc->nlp_authrsp_tmo = DRV_TIME +
node_dhc->auth_cfg.authentication_timeout;
}
emlxs_dhc_state(port, ndlp,
NODE_STATE_DHCHAP_REPLY_CMPL_WAIT4NEXT, 0, 0);
return (node_dhc->state);
}
static uint32_t
emlxs_rcv_auth_msg_dhchap_reply_cmpl_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
emlxs_port_dhc_t *port_dhc = &port->port_dhc;
IOCBQ *iocbq = (IOCBQ *)arg2;
MATCHMAP *mp = (MATCHMAP *)arg3;
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint8_t *bp;
uint32_t *lp;
DHCHAP_SUCCESS_HDR *dh_success;
uint8_t *tmp;
uint8_t rsp_size;
AUTH_RJT *auth_rjt;
uint32_t tran_id;
uint32_t *hash_val;
union challenge_val un_cval;
uint8_t ReasonCode;
uint8_t ReasonCodeExplanation;
char info[64];
bp = mp->virt;
lp = (uint32_t *)bp;
dh_success = (DHCHAP_SUCCESS_HDR *)((uint8_t *)lp);
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_dhchap_reply_cmpl_wait4next: 0x%x 0x%x 0x%x",
ndlp->nlp_DID, dh_success->auth_els_code,
dh_success->auth_msg_code);
node_dhc->nlp_authrsp_tmo = 0;
(void) emlxs_els_reply(port, iocbq, ELS_CMD_ACC, ELS_CMD_AUTH, 0, 0);
if (dh_success->auth_msg_code == AUTH_REJECT) {
auth_rjt = (AUTH_RJT *) dh_success;
ReasonCode = auth_rjt->ReasonCode;
ReasonCodeExplanation = auth_rjt->ReasonCodeExplanation;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_dhchap_reply_cmpl_wait4next: 0x%x.(%x,%x)",
ndlp->nlp_DID, ReasonCode, ReasonCodeExplanation);
switch (ReasonCode) {
case AUTHRJT_LOGIC_ERR:
switch (ReasonCodeExplanation) {
case AUTHEXP_MECH_UNUSABLE:
case AUTHEXP_DHGROUP_UNUSABLE:
case AUTHEXP_HASHFUNC_UNUSABLE:
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_RESTART_AUTH;
break;
case AUTHEXP_RESTART_AUTH:
if (node_dhc->nlp_authrsp_tmo != 0) {
node_dhc->nlp_authrsp_tmo = 0;
node_dhc->nlp_authrsp_tmocnt = 0;
}
if (emlxs_dhc_auth_start(port, ndlp,
NULL, NULL) != 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth timeout.failed. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
}
return (node_dhc->state);
default:
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
break;
}
break;
case AUTHRJT_FAILURE:
default:
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED,
ReasonCode, ReasonCodeExplanation);
goto out;
}
goto AUTH_Reject;
}
if (dh_success->auth_msg_code == DHCHAP_SUCCESS) {
tran_id = dh_success->tran_id;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_dhchap_reply_cmpl_wait4next: 0x%x 0x%x 0x%x 0x%x",
ndlp->nlp_DID, LE_SWAP32(tran_id),
node_dhc->nlp_auth_tranid_rsp,
node_dhc->nlp_auth_tranid_ini);
if (LE_SWAP32(tran_id) != node_dhc->nlp_auth_tranid_rsp) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_dhchap_reply_cmpl_wait4next:0x%x %x!=%x",
ndlp->nlp_DID, LE_SWAP32(tran_id),
node_dhc->nlp_auth_tranid_rsp);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
goto AUTH_Reject;
}
if (node_dhc->auth_cfg.bidirectional == 0) {
node_dhc->flag |=
(NLP_REMOTE_AUTH | NLP_SET_REAUTH_TIME);
emlxs_dhc_state(port, ndlp,
NODE_STATE_AUTH_SUCCESS, 0, 0);
emlxs_log_auth_event(port, ndlp,
"rcv_auth_msg_dhchap_reply_cmpl_wait4next",
"Host-initiated-unidir-auth-success");
emlxs_dhc_auth_complete(port, ndlp, 0);
} else {
tmp = (uint8_t *)((uint8_t *)lp);
tmp += 8;
tran_id = *(uint32_t *)tmp;
tmp += 4;
rsp_size = *(uint32_t *)tmp;
tmp += 4;
if (LE_SWAP32(rsp_size) == 16) {
bzero(un_cval.md5.val, LE_SWAP32(rsp_size));
if (ndlp->nlp_DID == FABRIC_DID)
bcopy((void *)node_dhc->bi_cval,
(void *)un_cval.md5.val,
LE_SWAP32(rsp_size));
else
bcopy(
(void *)node_dhc->nlp_auth_misc.bi_cval,
(void *)un_cval.md5.val,
LE_SWAP32(rsp_size));
} else if (LE_SWAP32(rsp_size) == 20) {
bzero(un_cval.sha1.val, LE_SWAP32(rsp_size));
if (ndlp->nlp_DID == FABRIC_DID)
bcopy((void *)node_dhc->bi_cval,
(void *)un_cval.sha1.val,
LE_SWAP32(rsp_size));
else
bcopy(
(void *)node_dhc->nlp_auth_misc.bi_cval,
(void *)un_cval.sha1.val,
LE_SWAP32(rsp_size));
}
hash_val = emlxs_hash_vrf(port, port_dhc, ndlp,
tran_id, un_cval);
if (bcmp((void *)tmp, (void *)hash_val,
LE_SWAP32(rsp_size))) {
if (hash_val != NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_dhchap_reply_cmpl_wait4next: 0x%x.failed. %x",
ndlp->nlp_DID, *(uint32_t *)hash_val);
}
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
goto AUTH_Reject;
}
emlxs_dhc_state(port, ndlp,
NODE_STATE_DHCHAP_SUCCESS_ISSUE_WAIT4NEXT, 0, 0);
(void) emlxs_issue_dhchap_success(port, ndlp, 0, 0);
}
}
return (node_dhc->state);
AUTH_Reject:
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED,
ReasonCode, ReasonCodeExplanation);
(void) emlxs_issue_auth_reject(port, ndlp, 0, 0, ReasonCode,
ReasonCodeExplanation);
emlxs_dhc_auth_complete(port, ndlp, 1);
return (node_dhc->state);
out:
(void) snprintf(info, sizeof (info),
"Auth Failed: ReasonCode=0x%x, ReasonCodeExplanation=0x%x",
ReasonCode, ReasonCodeExplanation);
emlxs_log_auth_event(port, ndlp,
"rcv_auth_msg_dhchap_reply_cmpl_wait4next", info);
emlxs_dhc_auth_complete(port, ndlp, 1);
return (node_dhc->state);
}
static uint32_t
emlxs_cmpl_auth_msg_dhchap_reply_cmpl_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"cmpl_auth_msg_dhchap_reply_cmpl_wait4next. 0x%x.Not ipleted.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_rcv_auth_msg_dhchap_success_issue_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *) arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_dhchap_success_issue_wait4next. 0x%x. Not iplted.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_cmpl_auth_msg_dhchap_success_issue_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
node_dhc->flag &= ~NLP_REMOTE_AUTH;
node_dhc->flag |= NLP_SET_REAUTH_TIME;
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_SUCCESS, 0, 0);
emlxs_log_auth_event(port, ndlp,
"cmpl_auth_msg_dhchap_success_issue_wait4next",
"Host-initiated-bidir-auth-success");
emlxs_dhc_auth_complete(port, ndlp, 0);
return (node_dhc->state);
}
static uint32_t
emlxs_cmpl_auth_msg_auth_negotiate_rcv(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"cmpl_auth_msg_auth_negotiate_rcv called. 0x%x. Not implemented.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_rcv_auth_msg_dhchap_challenge_issue(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_dhchap_challenge_issue called. 0x%x. Not iplted.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_cmpl_auth_msg_dhchap_challenge_issue(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
emlxs_dhc_state(port, ndlp,
NODE_STATE_DHCHAP_CHALLENGE_CMPL_WAIT4NEXT, 0, 0);
if (node_dhc->nlp_authrsp_tmo == 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_auth_msg_dhchap_challenge_issue: Starting authrsp timer.");
node_dhc->nlp_authrsp_tmo = DRV_TIME +
node_dhc->auth_cfg.authentication_timeout;
}
return (node_dhc->state);
}
static uint32_t
emlxs_rcv_auth_msg_dhchap_challenge_cmpl_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
emlxs_port_dhc_t *port_dhc = &port->port_dhc;
IOCBQ *iocbq = (IOCBQ *)arg2;
MATCHMAP *mp = (MATCHMAP *)arg3;
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint8_t *bp;
uint32_t *lp;
DHCHAP_REPLY_HDR *dh_reply;
uint8_t *tmp;
uint32_t rsp_len;
uint8_t rsp[20];
uint32_t dhval_len;
uint8_t dhval[512];
uint32_t cval_len;
uint8_t cval[20];
uint32_t tran_id;
uint32_t *hash_val = NULL;
uint8_t ReasonCode;
uint8_t ReasonCodeExplanation;
AUTH_RJT *rjt;
(void) emlxs_els_reply(port, iocbq, ELS_CMD_ACC, ELS_CMD_AUTH, 0, 0);
bp = mp->virt;
lp = (uint32_t *)bp;
dh_reply = (DHCHAP_REPLY_HDR *)((uint8_t *)lp);
tmp = (uint8_t *)((uint8_t *)lp);
tran_id = dh_reply->tran_id;
if (LE_SWAP32(tran_id) != node_dhc->nlp_auth_tranid_ini) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_dhchap_challenge_cmpl_wait4next:0x%x 0x%x 0x%x",
ndlp->nlp_DID, tran_id, node_dhc->nlp_auth_tranid_ini);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PROTOCOL;
goto Reject;
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_a_m_dhch_chll_cmpl_wait4next:0x%x 0x%x 0x%x 0x%x 0x%x",
ndlp->nlp_DID, tran_id, node_dhc->nlp_auth_tranid_ini,
node_dhc->nlp_auth_tranid_rsp, dh_reply->auth_msg_code);
if (node_dhc->nlp_authrsp_tmo) {
node_dhc->nlp_authrsp_tmo = 0;
}
if (dh_reply->auth_msg_code == AUTH_REJECT) {
rjt = (AUTH_RJT *)((uint8_t *)lp);
ReasonCode = rjt->ReasonCode;
ReasonCodeExplanation = rjt->ReasonCodeExplanation;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_a_msg_dhch_chall_cmpl_wait4next:RJT rcved:0x%x 0x%x",
ReasonCode, ReasonCodeExplanation);
switch (ReasonCode) {
case AUTHRJT_LOGIC_ERR:
switch (ReasonCodeExplanation) {
case AUTHEXP_MECH_UNUSABLE:
case AUTHEXP_DHGROUP_UNUSABLE:
case AUTHEXP_HASHFUNC_UNUSABLE:
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_RESTART_AUTH;
break;
case AUTHEXP_RESTART_AUTH:
if (node_dhc->nlp_authrsp_tmo != 0) {
node_dhc->nlp_authrsp_tmo = 0;
node_dhc->nlp_authrsp_tmocnt = 0;
}
if (emlxs_dhc_auth_start(port, ndlp,
NULL, NULL) != 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_debug_msg,
"Reauth timeout.Auth initfailed. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
}
return (node_dhc->state);
default:
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
break;
}
break;
case AUTHRJT_FAILURE:
default:
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
break;
}
goto Reject;
}
if (dh_reply->auth_msg_code == DHCHAP_REPLY) {
tmp += sizeof (DHCHAP_REPLY_HDR);
rsp_len = LE_SWAP32(*(uint32_t *)tmp);
tmp += sizeof (uint32_t);
bcopy((void *)tmp, (void *)rsp, rsp_len);
tmp += rsp_len;
dhval_len = LE_SWAP32(*(uint32_t *)tmp);
tmp += sizeof (uint32_t);
if (dhval_len != 0) {
bcopy((void *)tmp, (void *)dhval, dhval_len);
tmp += dhval_len;
}
cval_len = LE_SWAP32(*(uint32_t *)tmp);
if (cval_len != 0) {
tmp += sizeof (uint32_t);
bcopy((void *)tmp, (void *)cval, cval_len);
if (ndlp->nlp_DID == FABRIC_DID) {
node_dhc->nlp_auth_bidir = 1;
} else {
node_dhc->nlp_auth_bidir = 1;
}
} else {
node_dhc->nlp_auth_bidir = 0;
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_a_m_dhchap_challenge_cmpl_wait4next:Reply:%x %lx %x %x %x\n",
ndlp->nlp_DID, *(uint32_t *)rsp, rsp_len, dhval_len, cval_len);
hash_val = emlxs_hash_verification(port, port_dhc, ndlp,
(tran_id), dhval, (dhval_len), 1, 0);
if (hash_val == NULL) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
goto Reject;
}
if (bcmp((void *) rsp, (void *)hash_val, rsp_len)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_dhchap_challenge_cmpl_wait4next: Not authted(1).");
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
goto Reject;
}
kmem_free(hash_val, rsp_len);
hash_val = NULL;
if ((cval_len) != 0) {
hash_val = emlxs_hash_get_R2(port, port_dhc,
ndlp, (tran_id), dhval,
(dhval_len), 1, cval);
if (hash_val == NULL) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
goto Reject;
}
}
emlxs_dhc_state(port, ndlp,
NODE_STATE_DHCHAP_SUCCESS_ISSUE, 0, 0);
if (emlxs_issue_dhchap_success(port, ndlp, 0,
(uint8_t *)hash_val)) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
goto Reject;
}
}
return (node_dhc->state);
Reject:
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED,
ReasonCode, ReasonCodeExplanation);
(void) emlxs_issue_auth_reject(port, ndlp, 0, 0, ReasonCode,
ReasonCodeExplanation);
emlxs_dhc_auth_complete(port, ndlp, 1);
return (node_dhc->state);
}
static uint32_t
emlxs_cmpl_auth_msg_dhchap_challenge_cmpl_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"cmpl_a_m_dhch_chall_cmpl_wait4next.0x%x. Not implemented.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_rcv_auth_msg_dhchap_success_issue(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_a_m_dhch_success_issue called. did=0x%x. Not implemented.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_cmpl_auth_msg_dhchap_success_issue(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_a_m_dhch_success_issue: did=0x%x auth_bidir=0x%x",
ndlp->nlp_DID, node_dhc->nlp_auth_bidir);
if (node_dhc->nlp_auth_bidir == 1) {
emlxs_dhc_state(port, ndlp,
NODE_STATE_DHCHAP_SUCCESS_CMPL_WAIT4NEXT, 0, 0);
node_dhc->nlp_authrsp_tmo = DRV_TIME +
node_dhc->auth_cfg.authentication_timeout;
} else {
node_dhc->flag &= ~NLP_REMOTE_AUTH;
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_SUCCESS, 0, 0);
emlxs_log_auth_event(port, ndlp,
"cmpl_auth_msg_dhchap_success_issue",
"Node-initiated-unidir-reauth-success");
emlxs_dhc_auth_complete(port, ndlp, 0);
}
return (node_dhc->state);
}
static uint32_t
emlxs_device_recov_unmapped_node(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"device_recov_unmapped_node called. 0x%x. Not implemented.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_device_rm_npr_node(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"device_rm_npr_node called. 0x%x. Not implemented.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_device_recov_npr_node(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"device_recov_npr_node called. 0x%x. Not implemented.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_device_rem_auth(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"device_rem_auth: 0x%x.",
ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_UNKNOWN, 0, 0);
return (node_dhc->state);
}
static uint32_t
emlxs_device_recov_auth(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"device_recov_auth: 0x%x.",
ndlp->nlp_DID);
node_dhc->nlp_authrsp_tmo = 0;
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED, 0, 0);
return (node_dhc->state);
}
static uint32_t
emlxs_rcv_auth_msg_dhchap_success_cmpl_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
IOCBQ *iocbq = (IOCBQ *)arg2;
MATCHMAP *mp = (MATCHMAP *)arg3;
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint8_t *bp;
uint32_t *lp;
DHCHAP_SUCCESS_HDR *dh_success;
AUTH_RJT *auth_rjt;
uint8_t ReasonCode;
uint8_t ReasonCodeExplanation;
bp = mp->virt;
lp = (uint32_t *)bp;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_dhchap_success_cmpl_wait4next: did=0x%x",
ndlp->nlp_DID);
dh_success = (DHCHAP_SUCCESS_HDR *)((uint8_t *)lp);
(void) emlxs_els_reply(port, iocbq, ELS_CMD_ACC, ELS_CMD_AUTH, 0, 0);
if (dh_success->auth_msg_code == AUTH_REJECT) {
auth_rjt = (AUTH_RJT *)dh_success;
ReasonCode = auth_rjt->ReasonCode;
ReasonCodeExplanation = auth_rjt->ReasonCodeExplanation;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_a_m_dhch_success_cmpl_wait4next:REJECT rvd. 0x%x 0x%x 0x%x",
ndlp->nlp_DID, ReasonCode, ReasonCodeExplanation);
switch (ReasonCode) {
case AUTHRJT_LOGIC_ERR:
switch (ReasonCodeExplanation) {
case AUTHEXP_MECH_UNUSABLE:
case AUTHEXP_DHGROUP_UNUSABLE:
case AUTHEXP_HASHFUNC_UNUSABLE:
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_RESTART_AUTH;
break;
case AUTHEXP_RESTART_AUTH:
if (node_dhc->nlp_authrsp_tmo != 0) {
node_dhc->nlp_authrsp_tmo = 0;
node_dhc->nlp_authrsp_tmocnt = 0;
}
if (emlxs_dhc_auth_start(port, ndlp,
NULL, NULL) != 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_debug_msg,
"Reauth timeout. Auth initfailed. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
}
return (node_dhc->state);
default:
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
break;
}
break;
case AUTHRJT_FAILURE:
default:
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
break;
}
goto Reject;
} else if (dh_success->auth_msg_code == DHCHAP_SUCCESS) {
if (LE_SWAP32(dh_success->tran_id) !=
node_dhc->nlp_auth_tranid_ini) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_a_m_dhch_success_cmpl_wait4next: 0x%x 0x%lx, 0x%lx",
ndlp->nlp_DID, dh_success->tran_id, node_dhc->nlp_auth_tranid_ini);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PROTOCOL;
goto Reject;
}
node_dhc->flag |= NLP_REMOTE_AUTH;
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_SUCCESS, 0, 0);
emlxs_log_auth_event(port, ndlp,
"rcv_auth_msg_dhchap_success_cmpl_wait4next",
"Node-initiated-bidir-reauth-success");
emlxs_dhc_auth_complete(port, ndlp, 0);
} else {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PROTOCOL;
goto Reject;
}
return (node_dhc->state);
Reject:
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED,
ReasonCode, ReasonCodeExplanation);
(void) emlxs_issue_auth_reject(port, ndlp, 0, 0, ReasonCode,
ReasonCodeExplanation);
emlxs_dhc_auth_complete(port, ndlp, 1);
return (node_dhc->state);
}
static uint32_t
emlxs_cmpl_auth_msg_dhchap_success_cmpl_wait4next(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
return (0);
}
static uint32_t
emlxs_rcv_auth_msg_auth_negotiate_rcv(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_a_m_auth_negotiate_rcv called. did=0x%x. Not implemented.",
ndlp->nlp_DID);
return (0);
}
static uint32_t
emlxs_rcv_auth_msg_npr_node(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
IOCBQ *iocbq = (IOCBQ *)arg2;
MATCHMAP *mp = (MATCHMAP *)arg3;
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint8_t *bp;
uint32_t *lp;
uint32_t msglen;
uint8_t *tmp;
AUTH_MSG_HDR *msg;
uint8_t *temp;
uint32_t rc, i, hs_id[2], dh_id[5];
uint32_t hash_id, dhgp_id;
uint16_t num_hs = 0;
uint16_t num_dh = 0;
bp = mp->virt;
lp = (uint32_t *)bp;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_npr_node:");
(void) emlxs_els_reply(port, iocbq, ELS_CMD_ACC, ELS_CMD_AUTH, 0, 0);
msg = (AUTH_MSG_HDR *)((uint8_t *)lp);
msglen = msg->msg_len;
tmp = ((uint8_t *)lp);
temp = (uint8_t *)((uint8_t *)lp);
if (((*(uint32_t *)temp) & 0xFFFFFFFF) != LE_SWAP32(0x90000B01)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(1)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
temp += 3 * sizeof (uint32_t);
if (((*(uint32_t *)temp) & 0xFFFFFFFF) != LE_SWAP32(0x00010008)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(2)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
temp += sizeof (uint32_t) + 8;
if (((*(uint32_t *)temp) & 0xFFFFFFFF) != LE_SWAP32(0x00000001)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(3)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
temp += sizeof (uint32_t);
temp += sizeof (uint32_t);
if (((*(uint32_t *)temp) & 0xFFFFFFFF) != AUTH_DHCHAP) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(4)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
temp += sizeof (uint32_t);
if ((LE_SWAP32(*(uint32_t *)temp) & 0xFFFF0000) >> 16 !=
LE_SWAP16(HASH_LIST_TAG)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(5)=0x%x",
(LE_SWAP32(*(uint32_t *)temp) & 0xFFFF0000) >> 16);
goto AUTH_Reject;
}
num_hs = LE_SWAP32(*(uint32_t *)temp) & 0x0000FFFF;
temp += sizeof (uint32_t);
hs_id[0] = *(uint32_t *)temp;
if ((hs_id[0] != AUTH_MD5) && (hs_id[0] != AUTH_SHA1)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(6)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
if (num_hs == 1) {
hs_id[1] = 0;
} else if (num_hs == 2) {
temp += sizeof (uint32_t);
hs_id[1] = *(uint32_t *)temp;
if ((hs_id[1] != AUTH_MD5) && (hs_id[1] != AUTH_SHA1)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(7)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
if (hs_id[0] == hs_id[1]) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(8)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(9)=0x%x",
(*(uint32_t *)(temp - sizeof (uint32_t))));
goto AUTH_Reject;
}
if (num_hs == 1) {
if (node_dhc->auth_cfg.hash_priority[0] == hs_id[0]) {
hash_id = node_dhc->auth_cfg.hash_priority[0];
} else if (node_dhc->auth_cfg.hash_priority[1] == hs_id[0]) {
hash_id = node_dhc->auth_cfg.hash_priority[1];
} else {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(10)=0x%lx",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
} else {
hash_id = node_dhc->auth_cfg.hash_priority[0];
}
temp += sizeof (uint32_t);
if ((LE_SWAP32(*(uint32_t *)temp) & 0xFFFF0000) >> 16 !=
LE_SWAP16(DHGID_LIST_TAG)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(11)=0x%lx",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
num_dh = LE_SWAP32(*(uint32_t *)temp) & 0x0000FFFF;
if (num_dh == 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(12)=0x%lx",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
for (i = 0; i < num_dh; i++) {
temp += sizeof (uint32_t);
dh_id[i] = (*(uint32_t *)temp);
}
rc = emlxs_check_dhgp(port, ndlp, dh_id, num_dh, &dhgp_id);
if (rc == 1) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(13)=0x%lx",
(*(uint32_t *)temp));
goto AUTH_Reject;
} else if (rc == 2) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"rcv_auth_msg_npr_node: payload(14)=0x%lx",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
node_dhc->nlp_auth_tranid_ini = msg->tran_id;
if (msg->auth_msg_code == AUTH_NEGOTIATE) {
node_dhc->nlp_auth_flag = 1;
if (emlxs_issue_dhchap_challenge(port, ndlp, 0, tmp,
LE_SWAP32(msglen),
hash_id, dhgp_id)) {
goto AUTH_Reject;
}
emlxs_dhc_state(port, ndlp,
NODE_STATE_DHCHAP_CHALLENGE_ISSUE, 0, 0);
} else {
goto AUTH_Reject;
}
return (node_dhc->state);
AUTH_Reject:
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_npr_node: AUTH_Reject it.");
return (node_dhc->state);
}
static uint32_t
emlxs_cmpl_auth_msg_npr_node(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"cmpl_auth_msg_npr_node: 0x%x 0x%x prev_state=0x%x\n",
ndlp->nlp_DID, node_dhc->state, node_dhc->prev_state);
return (node_dhc->state);
}
static uint32_t
emlxs_rcv_auth_msg_unmapped_node(
emlxs_port_t *port,
void *arg1,
void *arg2,
void *arg3,
void *arg4,
uint32_t evt)
{
IOCBQ *iocbq = (IOCBQ *)arg2;
MATCHMAP *mp = (MATCHMAP *)arg3;
NODELIST *ndlp = (NODELIST *)arg4;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint8_t *bp;
uint32_t *lp;
uint32_t msglen;
uint8_t *tmp;
uint8_t ReasonCode;
uint8_t ReasonCodeExplanation;
AUTH_MSG_HDR *msg;
uint8_t *temp;
uint32_t rc, i, hs_id[2], dh_id[5];
uint32_t hash_id, dhgp_id;
uint16_t num_hs = 0;
uint16_t num_dh = 0;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: Sending ACC: did=0x%x",
ndlp->nlp_DID);
(void) emlxs_els_reply(port, iocbq, ELS_CMD_ACC, ELS_CMD_AUTH, 0, 0);
bp = mp->virt;
lp = (uint32_t *)bp;
msg = (AUTH_MSG_HDR *)((uint8_t *)lp);
msglen = msg->msg_len;
tmp = ((uint8_t *)lp);
temp = (uint8_t *)((uint8_t *)lp);
if (((*(uint32_t *)temp) & 0xFFFFFFFF) != LE_SWAP32(0x90000B01)) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(1)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
temp += 3 * sizeof (uint32_t);
if (((*(uint32_t *)temp) & 0xFFFFFFFF) != LE_SWAP32(0x00010008)) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(2)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
temp += sizeof (uint32_t) + 8;
if (((*(uint32_t *)temp) & 0xFFFFFFFF) != LE_SWAP32(0x00000001)) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(3)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
temp += sizeof (uint32_t);
temp += sizeof (uint32_t);
if (((*(uint32_t *)temp) & 0xFFFFFFFF) != AUTH_DHCHAP) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PROTOCOL;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(4)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
temp += sizeof (uint32_t);
if ((LE_SWAP32(*(uint32_t *)temp) & 0xFFFF0000) >> 16 !=
LE_SWAP16(HASH_LIST_TAG)) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(5)=0x%x",
(LE_SWAP32(*(uint32_t *)temp) & 0xFFFF0000) >> 16);
goto AUTH_Reject;
}
num_hs = LE_SWAP32(*(uint32_t *)temp) & 0x0000FFFF;
temp += sizeof (uint32_t);
hs_id[0] = *(uint32_t *)temp;
if ((hs_id[0] != AUTH_MD5) && (hs_id[0] != AUTH_SHA1)) {
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_HASHFUNC_UNUSABLE;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(6)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
if (num_hs == 1) {
hs_id[1] = 0;
} else if (num_hs == 2) {
temp += sizeof (uint32_t);
hs_id[1] = *(uint32_t *)temp;
if ((hs_id[1] != AUTH_MD5) && (hs_id[1] != AUTH_SHA1)) {
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_HASHFUNC_UNUSABLE;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(7)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
if (hs_id[0] == hs_id[1]) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(8)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
} else {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(9)=0x%x",
(*(uint32_t *)(temp - sizeof (uint32_t))));
goto AUTH_Reject;
}
if (num_hs == 1) {
if (node_dhc->auth_cfg.hash_priority[0] == hs_id[0]) {
hash_id = node_dhc->auth_cfg.hash_priority[0];
} else if (node_dhc->auth_cfg.hash_priority[1] == hs_id[0]) {
hash_id = node_dhc->auth_cfg.hash_priority[1];
} else {
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_HASHFUNC_UNUSABLE;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: pload(10)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
} else {
hash_id = node_dhc->auth_cfg.hash_priority[0];
}
temp += sizeof (uint32_t);
if ((LE_SWAP32(*(uint32_t *)temp) & 0xFFFF0000) >> 16 !=
LE_SWAP16(DHGID_LIST_TAG)) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(11)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
num_dh = LE_SWAP32(*(uint32_t *)temp) & 0x0000FFFF;
if (num_dh == 0) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(12)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
for (i = 0; i < num_dh; i++) {
temp += sizeof (uint32_t);
dh_id[i] = (*(uint32_t *)temp);
}
rc = emlxs_check_dhgp(port, ndlp, dh_id, num_dh, &dhgp_id);
if (rc == 1) {
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_DHGROUP_UNUSABLE;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(13)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
} else if (rc == 2) {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PAYLOAD;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: payload(14)=0x%x",
(*(uint32_t *)temp));
goto AUTH_Reject;
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: 0x%x 0x%x 0x%x 0x%x 0x%x",
hash_id, dhgp_id, msg->auth_msg_code, msglen, msg->tran_id);
node_dhc->nlp_auth_tranid_ini = LE_SWAP32(msg->tran_id);
if (msg->auth_msg_code == AUTH_NEGOTIATE) {
node_dhc->nlp_auth_flag = 1;
if (node_dhc->nlp_authrsp_tmo) {
node_dhc->nlp_authrsp_tmo = 0;
}
if (node_dhc->nlp_reauth_status ==
NLP_HOST_REAUTH_IN_PROGRESS) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"rcv_auth_msg_unmapped_node: Ht reauth inprgress.");
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_AUTHTRAN_STARTED;
goto AUTH_Reject;
}
if (emlxs_issue_dhchap_challenge(port, ndlp, 0, tmp,
LE_SWAP32(msglen),
hash_id, dhgp_id)) {
goto AUTH_Reject;
}
emlxs_dhc_state(port, ndlp,
NODE_STATE_DHCHAP_CHALLENGE_ISSUE, 0, 0);
} else {
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_BAD_PROTOCOL;
goto AUTH_Reject;
}
return (node_dhc->state);
AUTH_Reject:
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED,
ReasonCode, ReasonCodeExplanation);
(void) emlxs_issue_auth_reject(port, ndlp, 0, 0, ReasonCode,
ReasonCodeExplanation);
emlxs_dhc_auth_complete(port, ndlp, 1);
return (node_dhc->state);
}
static uint32_t *
emlxs_hash_vrf(
emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp,
uint32_t tran_id,
union challenge_val un_cval)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t dhgp_id;
uint32_t hash_id;
uint32_t *hash_val;
uint32_t hash_size;
MD5_CTX mdctx;
SHA1_CTX sha1ctx;
uint8_t sha1_digest[20];
uint8_t md5_digest[16];
uint8_t mytran_id = 0x00;
char *remote_key;
tran_id = (AUTH_TRAN_ID_MASK & tran_id);
mytran_id = (uint8_t)(LE_SWAP32(tran_id));
if (ndlp->nlp_DID == FABRIC_DID) {
remote_key = (char *)node_dhc->auth_key.remote_password;
hash_id = node_dhc->hash_id;
dhgp_id = node_dhc->dhgp_id;
} else {
remote_key = (char *)node_dhc->auth_key.remote_password;
hash_id = node_dhc->nlp_auth_hashid;
dhgp_id = node_dhc->nlp_auth_dhgpid;
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"hash_vrf: 0x%x 0x%x 0x%x tran_id=0x%x",
ndlp->nlp_DID, hash_id, dhgp_id, mytran_id);
if (dhgp_id == 0) {
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx, (unsigned char *) &mytran_id, 1);
MD5Update(&mdctx, (unsigned char *) remote_key,
node_dhc->auth_key.remote_password_length);
MD5Update(&mdctx,
(unsigned char *)&(un_cval.md5.val[0]), MD5_LEN);
MD5Final((uint8_t *)md5_digest, &mdctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)&md5_digest,
(void *)hash_val, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&mytran_id, 1);
SHA1Update(&sha1ctx, (void *)remote_key,
node_dhc->auth_key.remote_password_length);
SHA1Update(&sha1ctx,
(void *)&(un_cval.sha1.val[0]), SHA1_LEN);
SHA1Final((void *)sha1_digest, &sha1ctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)&sha1_digest,
(void *)hash_val, SHA1_LEN);
}
}
return ((uint32_t *)hash_val);
} else {
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx,
(void *)&(un_cval.md5.val[0]), MD5_LEN);
if (ndlp->nlp_DID == FABRIC_DID) {
MD5Update(&mdctx,
(void *)&node_dhc->ses_key[0],
node_dhc->seskey_len);
} else {
MD5Update(&mdctx,
(void *)&node_dhc->nlp_auth_misc.ses_key[0],
node_dhc->nlp_auth_misc.seskey_len);
}
MD5Final((void *)md5_digest, &mdctx);
MD5Init(&mdctx);
MD5Update(&mdctx, (void *)&mytran_id, 1);
MD5Update(&mdctx, (void *)remote_key,
node_dhc->auth_key.remote_password_length);
MD5Update(&mdctx, (void *)md5_digest, MD5_LEN);
MD5Final((void *)md5_digest, &mdctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)&md5_digest,
(void *)hash_val, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx,
(void *)&(un_cval.sha1.val[0]), SHA1_LEN);
if (ndlp->nlp_DID == FABRIC_DID) {
SHA1Update(&sha1ctx,
(void *)&node_dhc->ses_key[0],
node_dhc->seskey_len);
} else {
SHA1Update(&sha1ctx,
(void *)&node_dhc->nlp_auth_misc.ses_key[0],
node_dhc->nlp_auth_misc.seskey_len);
}
SHA1Final((void *)sha1_digest, &sha1ctx);
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&mytran_id, 1);
SHA1Update(&sha1ctx, (void *)remote_key,
node_dhc->auth_key.remote_password_length);
SHA1Update(&sha1ctx, (void *)sha1_digest, SHA1_LEN);
SHA1Final((void *)sha1_digest, &sha1ctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)&sha1_digest,
(void *)hash_val, SHA1_LEN);
}
}
return ((uint32_t *)hash_val);
}
}
uint32_t *
emlxs_hash_rsp(
emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp,
uint32_t tran_id,
union challenge_val un_cval,
uint8_t *dhval,
uint32_t dhvallen)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t dhgp_id;
uint32_t hash_id;
uint32_t *hash_val;
uint32_t hash_size;
MD5_CTX mdctx;
SHA1_CTX sha1ctx;
uint8_t sha1_digest[20];
uint8_t md5_digest[16];
uint8_t Cai[20];
uint8_t mytran_id = 0x00;
char *mykey;
BIG_ERR_CODE err = BIG_OK;
if (ndlp->nlp_DID == FABRIC_DID) {
hash_id = node_dhc->hash_id;
dhgp_id = node_dhc->dhgp_id;
} else {
hash_id = node_dhc->nlp_auth_hashid;
dhgp_id = node_dhc->nlp_auth_dhgpid;
}
tran_id = (AUTH_TRAN_ID_MASK & tran_id);
mytran_id = (uint8_t)(LE_SWAP32(tran_id));
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"hash_rsp: 0x%x 0x%x 0x%x 0x%x dhvallen=0x%x",
ndlp->nlp_DID, hash_id, dhgp_id, mytran_id, dhvallen);
if (ndlp->nlp_DID == FABRIC_DID) {
mykey = (char *)node_dhc->auth_key.local_password;
} else {
mykey = (char *)node_dhc->auth_key.local_password;
}
if (dhval == NULL) {
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx, (unsigned char *)&mytran_id, 1);
MD5Update(&mdctx, (unsigned char *)mykey,
node_dhc->auth_key.local_password_length);
MD5Update(&mdctx,
(unsigned char *)&(un_cval.md5.val[0]),
MD5_LEN);
MD5Final((uint8_t *)md5_digest, &mdctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)&md5_digest,
(void *)hash_val, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&mytran_id, 1);
SHA1Update(&sha1ctx, (void *)mykey,
node_dhc->auth_key.local_password_length);
SHA1Update(&sha1ctx,
(void *)&(un_cval.sha1.val[0]), SHA1_LEN);
SHA1Final((void *)sha1_digest, &sha1ctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)&sha1_digest,
(void *)hash_val, SHA1_LEN);
}
}
return ((uint32_t *)hash_val);
} else {
err = emlxs_interm_hash(port, port_dhc, ndlp,
(void *)&Cai, tran_id,
un_cval, dhval, &dhvallen);
if (err != BIG_OK) {
return (NULL);
}
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx, (unsigned char *)&mytran_id, 1);
MD5Update(&mdctx, (unsigned char *)mykey,
node_dhc->auth_key.local_password_length);
MD5Update(&mdctx, (unsigned char *)Cai, MD5_LEN);
MD5Final((uint8_t *)md5_digest, &mdctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)&md5_digest,
(void *)hash_val, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&mytran_id, 1);
SHA1Update(&sha1ctx, (void *)mykey,
node_dhc->auth_key.local_password_length);
SHA1Update(&sha1ctx, (void *)&Cai[0], SHA1_LEN);
SHA1Final((void *)sha1_digest, &sha1ctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)&sha1_digest,
(void *)hash_val, SHA1_LEN);
}
}
return ((uint32_t *)hash_val);
}
}
BIG_ERR_CODE
emlxs_interm_hash(
emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp,
void *hash_val,
uint32_t tran_id,
union challenge_val un_cval,
uint8_t *dhval,
uint32_t *dhvallen)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t dhgp_id;
uint32_t hash_id;
MD5_CTX mdctx;
SHA1_CTX sha1ctx;
uint8_t sha1_digest[20];
uint8_t md5_digest[16];
uint32_t hash_size;
BIG_ERR_CODE err = BIG_OK;
if (ndlp->nlp_DID == FABRIC_DID) {
hash_id = node_dhc->hash_id;
dhgp_id = node_dhc->dhgp_id;
} else {
hash_id = node_dhc->nlp_auth_hashid;
dhgp_id = node_dhc->nlp_auth_dhgpid;
}
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx,
(unsigned char *)&(un_cval.md5.val[0]), MD5_LEN);
err = emlxs_BIGNUM_get_pubkey(port, port_dhc, ndlp,
dhval, dhvallen, hash_size, dhgp_id);
if (err != BIG_OK) {
return (err);
}
if (ndlp->nlp_DID == FABRIC_DID) {
MD5Update(&mdctx,
(unsigned char *)&node_dhc->ses_key[0],
node_dhc->seskey_len);
} else {
MD5Update(&mdctx,
(unsigned char *)&node_dhc->nlp_auth_misc.ses_key[0],
node_dhc->nlp_auth_misc.seskey_len);
}
MD5Final((uint8_t *)md5_digest, &mdctx);
bcopy((void *)&md5_digest, (void *)hash_val, MD5_LEN);
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&(un_cval.sha1.val[0]), SHA1_LEN);
err = emlxs_BIGNUM_get_pubkey(port, port_dhc, ndlp,
dhval, dhvallen, hash_size, dhgp_id);
if (err != BIG_OK) {
return (err);
}
if (ndlp->nlp_DID == FABRIC_DID) {
SHA1Update(&sha1ctx, (void *)&node_dhc->ses_key[0],
node_dhc->seskey_len);
} else {
SHA1Update(&sha1ctx,
(void *)&node_dhc->nlp_auth_misc.ses_key[0],
node_dhc->nlp_auth_misc.seskey_len);
}
SHA1Final((void *)sha1_digest, &sha1ctx);
bcopy((void *)&sha1_digest, (void *)hash_val, SHA1_LEN);
}
return (err);
}
BIG_ERR_CODE
emlxs_BIGNUM_get_pubkey(
emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp,
uint8_t *dhval,
uint32_t *dhvallen,
uint32_t hash_size,
uint32_t dhgp_id)
{
emlxs_hba_t *hba = HBA;
BIGNUM a, e, n, result;
uint32_t plen;
uint8_t random_number[20];
unsigned char *tmp = NULL;
BIGNUM g, result1;
#ifdef BIGNUM_CHUNK_32
uint8_t gen[] = {0x00, 0x00, 0x00, 0x02};
#else
uint8_t gen[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
#endif
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
BIG_ERR_CODE err = BIG_OK;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"BIGNUM_get_pubkey: 0x%x 0x%x 0x%x 0x%x",
ndlp->nlp_DID, *dhvallen, hash_size, dhgp_id);
if (big_init(&a, CHARLEN2BIGNUMLEN(*dhvallen)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_init failed. a size=%d",
CHARLEN2BIGNUMLEN(*dhvallen));
err = BIG_NO_MEM;
return (err);
}
bytestring2bignum(&a, (unsigned char *)dhval, *dhvallen);
if (big_init(&e, CHARLEN2BIGNUMLEN(hash_size)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_init failed. e size=%d",
CHARLEN2BIGNUMLEN(hash_size));
err = BIG_NO_MEM;
goto ret1;
}
#ifdef RAND
bzero(&random_number, hash_size);
if (hba->rdn_flag == 1) {
emlxs_get_random_bytes(ndlp, random_number, 20);
} else {
(void) random_get_pseudo_bytes(random_number, hash_size);
}
bytestring2bignum(&e, (unsigned char *)random_number, hash_size);
#endif
#ifdef MYRAND
bytestring2bignum(&e, (unsigned char *)myrand, hash_size);
printf("myrand random_number as Y ================\n");
for (i = 0; i < 5; i++) {
for (j = 0; j < 4; j++) {
printf("%x", myrand[(i * 4) + j]);
}
printf("\n");
}
#endif
switch (dhgp_id) {
case GROUP_1024:
plen = 128;
tmp = dhgp1_pVal;
break;
case GROUP_1280:
plen = 160;
tmp = dhgp2_pVal;
break;
case GROUP_1536:
plen = 192;
tmp = dhgp3_pVal;
break;
case GROUP_2048:
plen = 256;
tmp = dhgp4_pVal;
break;
}
if (big_init(&n, CHARLEN2BIGNUMLEN(plen)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_init failed. n size=%d",
CHARLEN2BIGNUMLEN(plen));
err = BIG_NO_MEM;
goto ret2;
}
bytestring2bignum(&n, (unsigned char *)tmp, plen);
if (big_init(&result, CHARLEN2BIGNUMLEN(512)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_init failed. result size=%d",
CHARLEN2BIGNUMLEN(512));
err = BIG_NO_MEM;
goto ret3;
}
if (big_cmp_abs(&a, &n) > 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_cmp_abs error.");
err = BIG_GENERAL_ERR;
goto ret4;
}
if (big_modexp(&result, &a, &e, &n, NULL) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_modexp result error");
err = BIG_NO_MEM;
goto ret4;
}
if (ndlp->nlp_DID == FABRIC_DID) {
bignum2bytestring(node_dhc->ses_key, &result,
sizeof (BIG_CHUNK_TYPE) * (result.len));
node_dhc->seskey_len = sizeof (BIG_CHUNK_TYPE) * (result.len);
bignum2bytestring(node_dhc->nlp_auth_misc.ses_key, &result,
sizeof (BIG_CHUNK_TYPE) * (result.len));
node_dhc->nlp_auth_misc.seskey_len =
sizeof (BIG_CHUNK_TYPE) * (result.len);
} else {
bignum2bytestring(node_dhc->nlp_auth_misc.ses_key, &result,
sizeof (BIG_CHUNK_TYPE) * (result.len));
node_dhc->nlp_auth_misc.seskey_len =
sizeof (BIG_CHUNK_TYPE) * (result.len);
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"BIGNUM_get_pubkey: after seskey cal: 0x%x 0x%x 0x%x",
node_dhc->nlp_auth_misc.seskey_len, result.size, result.len);
if (big_init(&g, 1) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_init failed. g size=1");
err = BIG_NO_MEM;
goto ret4;
}
if (big_init(&result1, CHARLEN2BIGNUMLEN(512)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_init failed. result1 size=%d",
CHARLEN2BIGNUMLEN(512));
err = BIG_NO_MEM;
goto ret5;
}
bytestring2bignum(&g,
(unsigned char *)&gen, sizeof (BIG_CHUNK_TYPE));
if (big_modexp(&result1, &g, &e, &n, NULL) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_pubkey: big_modexp result1 error");
err = BIG_NO_MEM;
goto ret6;
}
if (ndlp->nlp_DID == FABRIC_DID) {
bignum2bytestring(node_dhc->pub_key, &result1,
sizeof (BIG_CHUNK_TYPE) * (result1.len));
node_dhc->pubkey_len = (result1.len) * sizeof (BIG_CHUNK_TYPE);
bignum2bytestring(node_dhc->nlp_auth_misc.pub_key, &result1,
sizeof (BIG_CHUNK_TYPE) * (result1.len));
node_dhc->nlp_auth_misc.pubkey_len =
(result1.len) * sizeof (BIG_CHUNK_TYPE);
} else {
bignum2bytestring(node_dhc->nlp_auth_misc.pub_key, &result1,
sizeof (BIG_CHUNK_TYPE) * (result1.len));
node_dhc->nlp_auth_misc.pubkey_len =
(result1.len) * sizeof (BIG_CHUNK_TYPE);
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"BIGNUM_get_pubkey: after pubkey cal: 0x%x 0x%x 0x%x",
node_dhc->nlp_auth_misc.pubkey_len, result1.size, result1.len);
ret6:
big_finish(&result1);
ret5:
big_finish(&g);
ret4:
big_finish(&result);
ret3:
big_finish(&n);
ret2:
big_finish(&e);
ret1:
big_finish(&a);
return (err);
}
static BIG_ERR_CODE
emlxs_BIGNUM_get_dhval(
emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp,
uint8_t *dhval,
uint32_t *dhval_len,
uint32_t dhgp_id,
uint8_t *priv_key,
uint32_t privkey_len)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
BIGNUM g, e, n, result1;
uint32_t plen;
unsigned char *tmp = NULL;
#ifdef BIGNUM_CHUNK_32
uint8_t gen[] = {0x00, 0x00, 0x00, 0x02};
#else
uint8_t gen[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
#endif
BIG_ERR_CODE err = BIG_OK;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"BIGNUM_get_dhval: did=0x%x privkey_len=0x%x dhgp_id=0x%x",
ndlp->nlp_DID, privkey_len, dhgp_id);
if (big_init(&result1, CHARLEN2BIGNUMLEN(512)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_dhval: big_init failed. result1 size=%d",
CHARLEN2BIGNUMLEN(512));
err = BIG_NO_MEM;
return (err);
}
if (big_init(&g, 1) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_dhval: big_init failed. g size=1");
err = BIG_NO_MEM;
goto ret1;
}
bytestring2bignum(&g, (unsigned char *)gen, sizeof (BIG_CHUNK_TYPE));
if (big_init(&e, CHARLEN2BIGNUMLEN(privkey_len)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_dhval: big_init failed. e size=%d",
CHARLEN2BIGNUMLEN(privkey_len));
err = BIG_NO_MEM;
goto ret2;
}
bytestring2bignum(&e, (unsigned char *)priv_key, privkey_len);
switch (dhgp_id) {
case GROUP_1024:
plen = 128;
tmp = dhgp1_pVal;
break;
case GROUP_1280:
plen = 160;
tmp = dhgp2_pVal;
break;
case GROUP_1536:
plen = 192;
tmp = dhgp3_pVal;
break;
case GROUP_2048:
plen = 256;
tmp = dhgp4_pVal;
break;
}
if (big_init(&n, CHARLEN2BIGNUMLEN(plen)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_dhval: big_init failed. n size=%d",
CHARLEN2BIGNUMLEN(plen));
err = BIG_NO_MEM;
goto ret3;
}
bytestring2bignum(&n, (unsigned char *)tmp, plen);
if (big_modexp(&result1, &g, &e, &n, NULL) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_get_dhval: big_modexp result1 error");
err = BIG_GENERAL_ERR;
goto ret4;
}
if (ndlp->nlp_DID == FABRIC_DID) {
bignum2bytestring(node_dhc->hrsp_pub_key, &result1,
sizeof (BIG_CHUNK_TYPE) * (result1.len));
node_dhc->hrsp_pubkey_len =
(result1.len) * sizeof (BIG_CHUNK_TYPE);
bignum2bytestring(node_dhc->nlp_auth_misc.hrsp_pub_key,
&result1,
sizeof (BIG_CHUNK_TYPE) * (result1.len));
node_dhc->nlp_auth_misc.hrsp_pubkey_len =
(result1.len) * sizeof (BIG_CHUNK_TYPE);
} else {
bignum2bytestring(node_dhc->nlp_auth_misc.hrsp_pub_key,
&result1,
sizeof (BIG_CHUNK_TYPE) * (result1.len));
node_dhc->nlp_auth_misc.hrsp_pubkey_len =
(result1.len) * sizeof (BIG_CHUNK_TYPE);
}
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *)node_dhc->hrsp_pub_key, (void *)dhval,
node_dhc->hrsp_pubkey_len);
} else {
bcopy((void *)node_dhc->nlp_auth_misc.hrsp_pub_key,
(void *)dhval,
node_dhc->nlp_auth_misc.hrsp_pubkey_len);
}
*(uint32_t *)dhval_len = (result1.len) * sizeof (BIG_CHUNK_TYPE);
ret4:
big_finish(&result1);
ret3:
big_finish(&e);
ret2:
big_finish(&n);
ret1:
big_finish(&g);
return (err);
}
BIG_ERR_CODE
emlxs_BIGNUM_pubkey(
emlxs_port_t *port,
void *pubkey,
uint8_t *dhval,
uint32_t dhvallen,
uint8_t *key,
uint32_t key_size,
uint32_t dhgp_id,
uint32_t *pubkeylen)
{
BIGNUM a, e, n, result;
uint32_t plen;
unsigned char *tmp = NULL;
BIG_ERR_CODE err = BIG_OK;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"BIGNUM_pubkey: dhvallen=0x%x dhgp_id=0x%x",
dhvallen, dhgp_id);
if (big_init(&a, CHARLEN2BIGNUMLEN(dhvallen)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_pubkey: big_init failed. a size=%d",
CHARLEN2BIGNUMLEN(dhvallen));
err = BIG_NO_MEM;
return (err);
}
bytestring2bignum(&a, (unsigned char *)dhval, dhvallen);
if (big_init(&e, CHARLEN2BIGNUMLEN(key_size)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_pubkey: big_init failed. e size=%d",
CHARLEN2BIGNUMLEN(key_size));
err = BIG_NO_MEM;
goto ret1;
}
bytestring2bignum(&e, (unsigned char *)key, key_size);
switch (dhgp_id) {
case GROUP_1024:
plen = 128;
tmp = dhgp1_pVal;
break;
case GROUP_1280:
plen = 160;
tmp = dhgp2_pVal;
break;
case GROUP_1536:
plen = 192;
tmp = dhgp3_pVal;
break;
case GROUP_2048:
plen = 256;
tmp = dhgp4_pVal;
break;
}
if (big_init(&n, CHARLEN2BIGNUMLEN(plen)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_pubkey: big_init failed. n size=%d",
CHARLEN2BIGNUMLEN(plen));
err = BIG_NO_MEM;
goto ret2;
}
bytestring2bignum(&n, (unsigned char *)tmp, plen);
if (big_init(&result, CHARLEN2BIGNUMLEN(512)) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_pubkey: big_init failed. result size=%d",
CHARLEN2BIGNUMLEN(512));
err = BIG_NO_MEM;
goto ret3;
}
if (big_cmp_abs(&a, &n) > 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_pubkey: big_cmp_abs error");
err = BIG_GENERAL_ERR;
goto ret4;
}
if (big_modexp(&result, &a, &e, &n, NULL) != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"BIGNUM_pubkey: big_modexp result error");
err = BIG_NO_MEM;
goto ret4;
}
bignum2bytestring(pubkey, &result,
sizeof (BIG_CHUNK_TYPE) * (result.len));
*pubkeylen = sizeof (BIG_CHUNK_TYPE) * (result.len);
ret4:
big_finish(&result);
ret3:
big_finish(&n);
ret2:
big_finish(&e);
ret1:
big_finish(&a);
return (err);
}
BIG_ERR_CODE
emlxs_hash_Cai(
emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp,
void *Cai,
uint32_t hash_id,
uint32_t dhgp_id,
uint32_t tran_id,
uint8_t *cval,
uint32_t cval_len,
uint8_t *key,
uint8_t *dhval,
uint32_t dhvallen)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
MD5_CTX mdctx;
SHA1_CTX sha1ctx;
uint8_t sha1_digest[20];
uint8_t md5_digest[16];
uint8_t pubkey[512];
uint32_t pubkey_len = 0;
uint32_t key_size;
BIG_ERR_CODE err = BIG_OK;
key_size = cval_len;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"hash_Cai: 0x%x 0x%x 0x%x 0x%x 0x%x",
ndlp->nlp_DID, hash_id, dhgp_id, tran_id, dhvallen);
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
MD5Init(&mdctx);
MD5Update(&mdctx, (unsigned char *)cval, cval_len);
err = emlxs_BIGNUM_pubkey(port, pubkey, dhval, dhvallen,
key, key_size, dhgp_id, &pubkey_len);
if (err != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_Cai: MD5 BIGNUM_pubkey error: 0x%x",
err);
err = BIG_GENERAL_ERR;
return (err);
}
if (pubkey_len == 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_Cai: MD5 BIGNUM_pubkey error: len=0");
err = BIG_GENERAL_ERR;
return (err);
}
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *)pubkey,
(void *)node_dhc->hrsp_ses_key, pubkey_len);
node_dhc->hrsp_seskey_len = pubkey_len;
bcopy((void *)pubkey,
(void *)node_dhc->nlp_auth_misc.hrsp_ses_key,
pubkey_len);
node_dhc->nlp_auth_misc.hrsp_seskey_len = pubkey_len;
} else {
bcopy((void *)pubkey,
(void *)node_dhc->nlp_auth_misc.hrsp_ses_key,
pubkey_len);
node_dhc->nlp_auth_misc.hrsp_seskey_len = pubkey_len;
}
MD5Update(&mdctx, (unsigned char *)pubkey, pubkey_len);
MD5Final((uint8_t *)md5_digest, &mdctx);
bcopy((void *)&md5_digest, (void *)Cai, MD5_LEN);
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)cval, cval_len);
err = emlxs_BIGNUM_pubkey(port, pubkey, dhval, dhvallen,
key, key_size, dhgp_id, &pubkey_len);
if (err != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_Cai: SHA1 BIGNUM_pubkey error: 0x%x",
err);
err = BIG_GENERAL_ERR;
return (err);
}
if (pubkey_len == 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_Cai: SA1 BUM_pubkey error: key_len=0");
err = BIG_GENERAL_ERR;
return (err);
}
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *)pubkey,
(void *)node_dhc->hrsp_ses_key,
pubkey_len);
node_dhc->hrsp_seskey_len = pubkey_len;
bcopy((void *)pubkey,
(void *)node_dhc->nlp_auth_misc.hrsp_ses_key,
pubkey_len);
node_dhc->nlp_auth_misc.hrsp_seskey_len = pubkey_len;
} else {
bcopy((void *)pubkey,
(void *)node_dhc->nlp_auth_misc.hrsp_ses_key,
pubkey_len);
node_dhc->nlp_auth_misc.hrsp_seskey_len = pubkey_len;
}
SHA1Update(&sha1ctx, (void *)pubkey, pubkey_len);
SHA1Final((void *)sha1_digest, &sha1ctx);
bcopy((void *)&sha1_digest, (void *)Cai, SHA1_LEN);
}
return (err);
}
static uint32_t *
emlxs_hash_verification(
emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp,
uint32_t tran_id,
uint8_t *dhval,
uint32_t dhval_len,
uint32_t flag,
uint8_t *bi_cval)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t dhgp_id;
uint32_t hash_id;
uint32_t *hash_val = NULL;
uint32_t hash_size;
MD5_CTX mdctx;
SHA1_CTX sha1ctx;
uint8_t sha1_digest[20];
uint8_t md5_digest[16];
uint8_t Cai[20];
uint8_t key[20];
uint8_t cval[20];
uint32_t cval_len;
uint8_t mytran_id = 0x00;
char *remote_key;
BIG_ERR_CODE err = BIG_OK;
tran_id = (AUTH_TRAN_ID_MASK & tran_id);
mytran_id = (uint8_t)(LE_SWAP32(tran_id));
if (ndlp->nlp_DID == FABRIC_DID) {
remote_key = (char *)node_dhc->auth_key.remote_password;
} else {
remote_key = (char *)node_dhc->auth_key.remote_password;
}
if (flag == 0) {
dhgp_id = node_dhc->dhgp_id;
hash_id = node_dhc->hash_id;
} else {
dhgp_id = node_dhc->nlp_auth_dhgpid;
hash_id = node_dhc->nlp_auth_hashid;
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"hash_verification: 0x%x 0x%x hash_id=0x%x dhgp_id=0x%x",
ndlp->nlp_DID, mytran_id, hash_id, dhgp_id);
if (dhval_len == 0) {
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx, (unsigned char *)&mytran_id, 1);
if (ndlp->nlp_DID == FABRIC_DID) {
MD5Update(&mdctx,
(unsigned char *)remote_key,
node_dhc->auth_key.remote_password_length);
} else {
MD5Update(&mdctx,
(unsigned char *)remote_key,
node_dhc->auth_key.remote_password_length);
}
if (ndlp->nlp_DID == FABRIC_DID) {
MD5Update(&mdctx,
(unsigned char *)&node_dhc->hrsp_cval[0],
MD5_LEN);
} else {
MD5Update(&mdctx,
(unsigned char *)&node_dhc->nlp_auth_misc.hrsp_cval[0],
MD5_LEN);
}
MD5Final((uint8_t *)md5_digest, &mdctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_verification: alloc failed");
return (NULL);
} else {
bcopy((void *)md5_digest,
(void *)hash_val, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&mytran_id, 1);
if (ndlp->nlp_DID == FABRIC_DID) {
SHA1Update(&sha1ctx, (void *)remote_key,
node_dhc->auth_key.remote_password_length);
} else {
SHA1Update(&sha1ctx, (void *)remote_key,
node_dhc->auth_key.remote_password_length);
}
if (ndlp->nlp_DID == FABRIC_DID) {
SHA1Update(&sha1ctx,
(void *)&node_dhc->hrsp_cval[0],
SHA1_LEN);
} else {
SHA1Update(&sha1ctx,
(void *)&node_dhc->nlp_auth_misc.hrsp_cval[0],
SHA1_LEN);
}
SHA1Final((void *)sha1_digest, &sha1ctx);
hash_val = (uint32_t *)kmem_zalloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_verification: alloc failed");
return (NULL);
} else {
bcopy((void *)sha1_digest,
(void *)hash_val, SHA1_LEN);
}
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"hash_verification: hash_val=0x%x",
*(uint32_t *)hash_val);
return ((uint32_t *)hash_val);
} else {
if (hash_id == AUTH_MD5) {
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *)node_dhc->hrsp_priv_key,
(void *)key, MD5_LEN);
} else {
bcopy(
(void *)node_dhc->nlp_auth_misc.hrsp_priv_key,
(void *)key, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *)node_dhc->hrsp_priv_key,
(void *)key, SHA1_LEN);
} else {
bcopy(
(void *)node_dhc->nlp_auth_misc.hrsp_priv_key,
(void *)key, SHA1_LEN);
}
}
if (ndlp->nlp_DID == FABRIC_DID) {
bcopy((void *)node_dhc->hrsp_cval,
(void *)cval, node_dhc->hrsp_cval_len);
cval_len = node_dhc->hrsp_cval_len;
} else {
bcopy((void *)node_dhc->nlp_auth_misc.hrsp_cval,
(void *)cval,
node_dhc->nlp_auth_misc.hrsp_cval_len);
cval_len = node_dhc->nlp_auth_misc.hrsp_cval_len;
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"hash_verification: N-Null gp. 0x%x 0x%x",
ndlp->nlp_DID, cval_len);
err = emlxs_hash_Cai(port, port_dhc, ndlp, (void *)Cai,
hash_id, dhgp_id,
tran_id, cval, cval_len,
key, dhval, dhval_len);
if (err != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_verification: Cai error. ret=0x%x",
err);
return (NULL);
}
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx, (unsigned char *)&mytran_id, 1);
if (ndlp->nlp_DID == FABRIC_DID) {
MD5Update(&mdctx,
(unsigned char *)remote_key,
node_dhc->auth_key.remote_password_length);
} else {
MD5Update(&mdctx,
(unsigned char *)remote_key,
node_dhc->auth_key.remote_password_length);
}
MD5Update(&mdctx, (unsigned char *)Cai, MD5_LEN);
MD5Final((uint8_t *)md5_digest, &mdctx);
hash_val = (uint32_t *)kmem_zalloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_vf: alloc failed(Non-NULL dh)");
return (NULL);
} else {
bcopy((void *)&md5_digest,
(void *)hash_val, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&mytran_id, 1);
if (ndlp->nlp_DID == FABRIC_DID) {
SHA1Update(&sha1ctx, (void *)remote_key,
node_dhc->auth_key.remote_password_length);
} else {
SHA1Update(&sha1ctx, (void *)remote_key,
node_dhc->auth_key.remote_password_length);
}
SHA1Update(&sha1ctx, (void *)Cai, SHA1_LEN);
SHA1Final((void *)sha1_digest, &sha1ctx);
hash_val = (uint32_t *)kmem_zalloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_vf: val alloc failed (Non-NULL dh)");
return (NULL);
} else {
bcopy((void *)&sha1_digest,
(void *)hash_val, SHA1_LEN);
}
}
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"hash_verification: hash_val=0x%x",
*(uint32_t *)hash_val);
return ((uint32_t *)hash_val);
}
}
static uint32_t *
emlxs_hash_get_R2(
emlxs_port_t *port,
emlxs_port_dhc_t *port_dhc,
NODELIST *ndlp,
uint32_t tran_id,
uint8_t *dhval,
uint32_t dhval_len,
uint32_t flag,
uint8_t *bi_cval)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t dhgp_id;
uint32_t hash_id;
uint32_t *hash_val = NULL;
uint32_t hash_size;
MD5_CTX mdctx;
SHA1_CTX sha1ctx;
uint8_t sha1_digest[20];
uint8_t md5_digest[16];
uint8_t Cai[20];
uint8_t key[20];
uint32_t cval_len;
uint8_t mytran_id = 0x00;
char *mykey;
BIG_ERR_CODE err = BIG_OK;
if (ndlp->nlp_DID == FABRIC_DID) {
dhgp_id = node_dhc->nlp_auth_dhgpid;
hash_id = node_dhc->nlp_auth_hashid;
} else {
if (flag == 0) {
dhgp_id = node_dhc->dhgp_id;
hash_id = node_dhc->hash_id;
} else {
dhgp_id = node_dhc->nlp_auth_dhgpid;
hash_id = node_dhc->nlp_auth_hashid;
}
}
tran_id = (AUTH_TRAN_ID_MASK & tran_id);
mytran_id = (uint8_t)(LE_SWAP32(tran_id));
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_detail_msg,
"hash_get_R2:0x%x 0x%x dhgp_id=0x%x mytran_id=0x%x",
ndlp->nlp_DID, hash_id, dhgp_id, mytran_id);
if (ndlp->nlp_DID == FABRIC_DID) {
mykey = (char *)node_dhc->auth_key.local_password;
} else {
mykey = (char *)node_dhc->auth_key.remote_password;
}
if (dhval_len == 0) {
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx, (unsigned char *)&mytran_id, 1);
if (ndlp->nlp_DID == FABRIC_DID) {
MD5Update(&mdctx, (unsigned char *)mykey,
node_dhc->auth_key.local_password_length);
} else {
MD5Update(&mdctx, (unsigned char *)mykey,
node_dhc->auth_key.remote_password_length);
}
MD5Update(&mdctx, (unsigned char *)bi_cval, MD5_LEN);
MD5Final((uint8_t *)md5_digest, &mdctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)md5_digest,
(void *)hash_val, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&mytran_id, 1);
if (ndlp->nlp_DID == FABRIC_DID) {
SHA1Update(&sha1ctx, (void *)mykey,
node_dhc->auth_key.local_password_length);
} else {
SHA1Update(&sha1ctx, (void *)mykey,
node_dhc->auth_key.remote_password_length);
}
SHA1Update(&sha1ctx, (void *)bi_cval, SHA1_LEN);
SHA1Final((void *)sha1_digest, &sha1ctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
return (NULL);
} else {
bcopy((void *)sha1_digest,
(void *)hash_val, SHA1_LEN);
}
}
} else {
if (ndlp->nlp_DID == FABRIC_DID) {
if (hash_id == AUTH_MD5) {
bcopy((void *)node_dhc->hrsp_priv_key,
(void *)key, MD5_LEN);
}
if (hash_id == AUTH_SHA1) {
bcopy((void *)node_dhc->hrsp_priv_key,
(void *)key, SHA1_LEN);
}
cval_len = node_dhc->hrsp_cval_len;
} else {
if (hash_id == AUTH_MD5) {
bcopy(
(void *)node_dhc->nlp_auth_misc.hrsp_priv_key,
(void *)key, MD5_LEN);
}
if (hash_id == AUTH_SHA1) {
bcopy(
(void *)node_dhc->nlp_auth_misc.hrsp_priv_key,
(void *)key, SHA1_LEN);
}
cval_len = node_dhc->nlp_auth_misc.hrsp_cval_len;
}
err = emlxs_hash_Cai(port, port_dhc, ndlp, (void *)Cai,
hash_id, dhgp_id, tran_id, bi_cval, cval_len,
key, dhval, dhval_len);
if (err != BIG_OK) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_get_R2: hash_Cai error. ret=0x%x",
err);
return (NULL);
}
if (hash_id == AUTH_MD5) {
bzero(&mdctx, sizeof (MD5_CTX));
hash_size = MD5_LEN;
MD5Init(&mdctx);
MD5Update(&mdctx, (unsigned char *) &mytran_id, 1);
if (ndlp->nlp_DID == FABRIC_DID)
MD5Update(&mdctx, (unsigned char *)mykey,
node_dhc->auth_key.local_password_length);
else
MD5Update(&mdctx, (unsigned char *)mykey,
node_dhc->auth_key.remote_password_length);
MD5Update(&mdctx, (unsigned char *)Cai, MD5_LEN);
MD5Final((uint8_t *)md5_digest, &mdctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_get_R2: hash_val MD5 alloc failed.");
return (NULL);
} else {
bcopy((void *)md5_digest,
(void *)hash_val, MD5_LEN);
}
}
if (hash_id == AUTH_SHA1) {
bzero(&sha1ctx, sizeof (SHA1_CTX));
hash_size = SHA1_LEN;
SHA1Init(&sha1ctx);
SHA1Update(&sha1ctx, (void *)&mytran_id, 1);
if (ndlp->nlp_DID == FABRIC_DID) {
SHA1Update(&sha1ctx, (void *)mykey,
node_dhc->auth_key.local_password_length);
} else {
SHA1Update(&sha1ctx, (void *)mykey,
node_dhc->auth_key.remote_password_length);
}
SHA1Update(&sha1ctx, (void *)Cai, SHA1_LEN);
SHA1Final((void *)sha1_digest, &sha1ctx);
hash_val = (uint32_t *)kmem_alloc(hash_size,
KM_NOSLEEP);
if (hash_val == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_error_msg,
"hash_get_R2: hash_val SHA1 alloc failed.");
return (NULL);
} else {
bcopy((void *)sha1_digest,
(void *)hash_val, SHA1_LEN);
}
}
}
return ((uint32_t *)hash_val);
}
static void
emlxs_log_auth_event(
emlxs_port_t *port,
NODELIST *ndlp,
char *subclass,
char *info)
{
emlxs_hba_t *hba = HBA;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
nvlist_t *attr_list = NULL;
dev_info_t *dip = hba->dip;
emlxs_auth_cfg_t *auth_cfg;
char *tmp = "No_more_logging_information_available";
uint8_t lwwn[8];
uint8_t rwwn[8];
char *lwwn_str = NULL;
char *rwwn_str = NULL;
char ext_subclass[128];
char ext_class[32];
auth_cfg = &(node_dhc->auth_cfg);
if (info == NULL) {
info = tmp;
}
bcopy((void *) &auth_cfg->local_entity, (void *)lwwn, 8);
lwwn_str = (char *)kmem_zalloc(32, KM_NOSLEEP);
if (lwwn_str == NULL) {
return;
}
(void) snprintf(lwwn_str, 32, "%02X%02X%02X%02X%02X%02X%02X%02X",
lwwn[0], lwwn[1], lwwn[2], lwwn[3], lwwn[4], lwwn[5], lwwn[6],
lwwn[7]);
bcopy((void *)&auth_cfg->remote_entity, (void *)rwwn, 8);
rwwn_str = (char *)kmem_zalloc(32, KM_NOSLEEP);
if (rwwn_str == NULL) {
kmem_free(lwwn_str, 32);
return;
}
(void) snprintf(rwwn_str, 32, "%02X%02X%02X%02X%02X%02X%02X%02X",
rwwn[0], rwwn[1], rwwn[2], rwwn[3], rwwn[4], rwwn[5], rwwn[6],
rwwn[7]);
(void) snprintf(ext_subclass, sizeof (ext_subclass),
"ESC_%s_%s", DRIVER_NAME, subclass);
(void) snprintf(ext_class, sizeof (ext_class),
"EC_%s", DRIVER_NAME);
if (nvlist_alloc(&attr_list, NV_UNIQUE_NAME_TYPE, KM_NOSLEEP)
== DDI_SUCCESS) {
if ((nvlist_add_uint32(attr_list, "instance",
ddi_get_instance(dip)) == DDI_SUCCESS) &&
(nvlist_add_string(attr_list, "lwwn",
lwwn_str) == DDI_SUCCESS) &&
(nvlist_add_string(attr_list, "rwwn",
rwwn_str) == DDI_SUCCESS) &&
(nvlist_add_string(attr_list, "Info",
info) == DDI_SUCCESS) &&
(nvlist_add_string(attr_list, "Class",
ext_class) == DDI_SUCCESS) &&
(nvlist_add_string(attr_list, "SubClass",
ext_subclass) == DDI_SUCCESS)) {
(void) ddi_log_sysevent(dip,
emlxs_strtoupper(DRIVER_NAME),
ext_class,
ext_subclass,
attr_list,
NULL,
DDI_NOSLEEP);
}
nvlist_free(attr_list);
attr_list = NULL;
}
kmem_free(lwwn_str, 32);
kmem_free(rwwn_str, 32);
return;
}
extern int
emlxs_dhc_auth_start(
emlxs_port_t *port,
emlxs_node_t *ndlp,
uint8_t *deferred_sbp,
uint8_t *deferred_ubp)
{
emlxs_hba_t *hba = HBA;
emlxs_config_t *cfg = &CFG;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
emlxs_auth_cfg_t *auth_cfg;
emlxs_auth_key_t *auth_key;
uint32_t i;
uint32_t fabric;
uint32_t fabric_switch;
fabric = ((ndlp->nlp_DID & FABRIC_DID_MASK) == FABRIC_DID_MASK) ? 1 : 0;
fabric_switch = ((ndlp->nlp_DID == FABRIC_DID) ? 1 : 0);
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. Auth disabled. did=0x%x", ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_DISABLED, 0, 0);
return (1);
}
if (port->vpi != 0 && cfg[CFG_AUTH_NPIV].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. NPIV auth disabled. did=0x%x", ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_DISABLED, 0, 0);
return (1);
}
if (!fabric_switch && fabric) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. FS auth disabled. did=0x%x", ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_DISABLED, 0, 0);
return (1);
}
if (!fabric_switch && cfg[CFG_AUTH_E2E].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. E2E auth disabled. did=0x%x", ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_DISABLED, 0, 0);
return (1);
}
if ((deferred_sbp && node_dhc->deferred_sbp) ||
(deferred_ubp && node_dhc->deferred_ubp)) {
emlxs_dhc_auth_stop(port, ndlp);
}
mutex_enter(&hba->auth_lock);
node_dhc->parent_auth_cfg = NULL;
node_dhc->parent_auth_key = NULL;
if (fabric_switch) {
auth_cfg = emlxs_auth_cfg_find(port,
(uint8_t *)emlxs_fabric_wwn);
auth_key = emlxs_auth_key_find(port,
(uint8_t *)emlxs_fabric_wwn);
} else {
auth_cfg = emlxs_auth_cfg_find(port,
(uint8_t *)&ndlp->nlp_portname);
auth_key = emlxs_auth_key_find(port,
(uint8_t *)&ndlp->nlp_portname);
}
if (!auth_cfg) {
mutex_exit(&hba->auth_lock);
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. No auth cfg entry found. did=0x%x",
ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_DISABLED, 0, 0);
return (1);
}
if (fabric_switch) {
auth_cfg->node = NULL;
} else {
node_dhc->parent_auth_cfg = auth_cfg;
auth_cfg->node = ndlp;
}
if (!auth_key) {
mutex_exit(&hba->auth_lock);
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. No auth key entry found. did=0x%x",
ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_DISABLED, 0, 0);
return (1);
}
if (fabric_switch) {
auth_key->node = NULL;
} else {
node_dhc->parent_auth_key = auth_key;
auth_key->node = ndlp;
}
if (ndlp->sparm.cmn.fcsp_support == 0) {
switch (auth_cfg->authentication_mode) {
case AUTH_MODE_PASSIVE:
mutex_exit(&hba->auth_lock);
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. Auth unsupported. did=0x%x",
ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp,
NODE_STATE_AUTH_DISABLED, 0, 0);
return (1);
case AUTH_MODE_ACTIVE:
mutex_exit(&hba->auth_lock);
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Failed. Auth unsupported. did=0x%x",
ndlp->nlp_DID);
ndlp->node_dhc.deferred_sbp = deferred_sbp;
ndlp->node_dhc.deferred_ubp = deferred_ubp;
goto failed;
case AUTH_MODE_DISABLED:
default:
mutex_exit(&hba->auth_lock);
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. Auth mode=disabled. did=0x%x",
ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp,
NODE_STATE_AUTH_DISABLED, 0, 0);
return (1);
}
} else {
switch (auth_cfg->authentication_mode) {
case AUTH_MODE_PASSIVE:
case AUTH_MODE_ACTIVE:
break;
case AUTH_MODE_DISABLED:
default:
mutex_exit(&hba->auth_lock);
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Failed. Auth mode=disabled. did=0x%x",
ndlp->nlp_DID);
ndlp->node_dhc.deferred_sbp = deferred_sbp;
ndlp->node_dhc.deferred_ubp = deferred_ubp;
goto failed;
}
}
node_dhc->deferred_sbp = deferred_sbp;
node_dhc->deferred_ubp = deferred_ubp;
bzero(&node_dhc->auth_cfg, sizeof (node_dhc->auth_cfg));
bzero(&node_dhc->auth_key, sizeof (node_dhc->auth_key));
bcopy((uint8_t *)&port->wwpn,
(uint8_t *)&node_dhc->auth_cfg.local_entity, 8);
bcopy((uint8_t *)&ndlp->nlp_portname,
(uint8_t *)&node_dhc->auth_cfg.remote_entity, 8);
node_dhc->auth_cfg.authentication_timeout =
auth_cfg->authentication_timeout;
node_dhc->auth_cfg.authentication_mode =
auth_cfg->authentication_mode;
if (auth_key->remote_password_type == 3) {
node_dhc->auth_cfg.bidirectional = 0;
} else {
node_dhc->auth_cfg.bidirectional = auth_cfg->bidirectional;
}
node_dhc->auth_cfg.reauthenticate_time_interval =
auth_cfg->reauthenticate_time_interval;
for (i = 0; i < 4; i++) {
switch (auth_cfg->authentication_type_priority[i]) {
case ELX_DHCHAP:
node_dhc->auth_cfg.authentication_type_priority[i] =
AUTH_DHCHAP;
break;
case ELX_FCAP:
node_dhc->auth_cfg.authentication_type_priority[i] =
AUTH_FCAP;
break;
case ELX_FCPAP:
node_dhc->auth_cfg.authentication_type_priority[i] =
AUTH_FCPAP;
break;
case ELX_KERBEROS:
node_dhc->auth_cfg.authentication_type_priority[i] =
AUTH_KERBEROS;
break;
default:
node_dhc->auth_cfg.authentication_type_priority[i] =
0;
break;
}
switch (auth_cfg->hash_priority[i]) {
case ELX_SHA1:
node_dhc->auth_cfg.hash_priority[i] = AUTH_SHA1;
break;
case ELX_MD5:
node_dhc->auth_cfg.hash_priority[i] = AUTH_MD5;
break;
default:
node_dhc->auth_cfg.hash_priority[i] = 0;
break;
}
}
for (i = 0; i < 8; i++) {
switch (auth_cfg->dh_group_priority[i]) {
case ELX_GROUP_NULL:
node_dhc->auth_cfg.dh_group_priority[i] = GROUP_NULL;
break;
case ELX_GROUP_1024:
node_dhc->auth_cfg.dh_group_priority[i] = GROUP_1024;
break;
case ELX_GROUP_1280:
node_dhc->auth_cfg.dh_group_priority[i] = GROUP_1280;
break;
case ELX_GROUP_1536:
node_dhc->auth_cfg.dh_group_priority[i] = GROUP_1536;
break;
case ELX_GROUP_2048:
node_dhc->auth_cfg.dh_group_priority[i] = GROUP_2048;
break;
default:
node_dhc->auth_cfg.dh_group_priority[i] = 0xF;
break;
}
}
if (auth_key) {
bcopy((uint8_t *)auth_key,
(uint8_t *)&node_dhc->auth_key,
sizeof (emlxs_auth_key_t));
node_dhc->auth_key.next = NULL;
node_dhc->auth_key.prev = NULL;
bcopy((uint8_t *)&port->wwpn,
(uint8_t *)&node_dhc->auth_key.local_entity, 8);
bcopy((uint8_t *)&ndlp->nlp_portname,
(uint8_t *)&node_dhc->auth_key.remote_entity,
8);
}
mutex_exit(&hba->auth_lock);
node_dhc->nlp_auth_limit = 2;
node_dhc->nlp_fb_vendor = 1;
node_dhc->nlp_authrsp_tmocnt = 0;
node_dhc->nlp_authrsp_tmo = 0;
if (deferred_ubp) {
if (emlxs_ub_send_login_acc(port,
(fc_unsol_buf_t *)deferred_ubp) != FC_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Not started. Unable to send PLOGI ACC. did=0x%x",
ndlp->nlp_DID);
goto failed;
}
node_dhc->nlp_authrsp_tmo = DRV_TIME +
node_dhc->auth_cfg.authentication_timeout;
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Authrsp timer activated. did=0x%x",
ndlp->nlp_DID);
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_SUCCESS, 0, 0);
} else {
node_dhc->nlp_auth_flag = 1;
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_start_msg,
"Auth initiated. did=0x%x limit=%d sbp=%p",
ndlp->nlp_DID, node_dhc->nlp_auth_limit, deferred_sbp);
if (emlxs_issue_auth_negotiate(port, ndlp, 0)) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_start_msg,
"Failed. Auth initiation failed. did=0x%x",
ndlp->nlp_DID);
goto failed;
}
}
return (0);
failed:
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED, 0, 0);
emlxs_dhc_auth_complete(port, ndlp, 1);
return (0);
}
extern void
emlxs_dhc_auth_stop(
emlxs_port_t *port,
emlxs_node_t *ndlp)
{
emlxs_port_dhc_t *port_dhc = &port->port_dhc;
emlxs_node_dhc_t *node_dhc;
uint32_t i;
if (port_dhc->state == ELX_FABRIC_STATE_UNKNOWN) {
return;
}
if (ndlp) {
node_dhc = &ndlp->node_dhc;
if (node_dhc->state == NODE_STATE_UNKNOWN) {
return;
}
if (ndlp->nlp_DID != FABRIC_DID) {
emlxs_dhc_state(port, ndlp, NODE_STATE_UNKNOWN, 0, 0);
}
emlxs_dhc_auth_complete(port, ndlp, 2);
} else {
rw_enter(&port->node_rwlock, RW_READER);
for (i = 0; i < EMLXS_NUM_HASH_QUES; i++) {
ndlp = port->node_table[i];
if (!ndlp) {
continue;
}
node_dhc = &ndlp->node_dhc;
if (node_dhc->state == NODE_STATE_UNKNOWN) {
continue;
}
if (ndlp->nlp_DID != FABRIC_DID) {
emlxs_dhc_state(port, ndlp,
NODE_STATE_UNKNOWN, 0, 0);
}
emlxs_dhc_auth_complete(port, ndlp, 2);
}
rw_exit(&port->node_rwlock);
}
return;
}
static void
emlxs_dhc_auth_complete(
emlxs_port_t *port,
emlxs_node_t *ndlp,
uint32_t status)
{
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t fabric;
uint32_t fabric_switch;
fabric = ((ndlp->nlp_DID & FABRIC_DID_MASK) == FABRIC_DID_MASK) ? 1 : 0;
fabric_switch = ((ndlp->nlp_DID == FABRIC_DID) ? 1 : 0);
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_complete_msg,
"did=0x%x status=%d sbp=%p ubp=%p",
ndlp->nlp_DID, status, node_dhc->deferred_sbp,
node_dhc->deferred_ubp);
if (status == 1) {
if (fabric_switch) {
(void) emlxs_port_offline(port, 0xfeffffff);
} else if (!fabric) {
(void) emlxs_port_offline(port, ndlp->nlp_DID);
}
}
if (status == 1) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_complete_msg,
"Sending LOGO to did=0x%x...",
ndlp->nlp_DID);
emlxs_send_logo(port, ndlp->nlp_DID);
}
emlxs_mb_deferred_cmpl(port, status,
(emlxs_buf_t *)node_dhc->deferred_sbp,
(fc_unsol_buf_t *)node_dhc->deferred_ubp, 0);
node_dhc->deferred_sbp = 0;
node_dhc->deferred_ubp = 0;
return;
}
extern void
emlxs_dhc_attach(emlxs_hba_t *hba)
{
mutex_init(&hba->auth_lock, NULL, MUTEX_DRIVER, NULL);
mutex_init(&hba->dhc_lock, NULL, MUTEX_DRIVER, NULL);
emlxs_auth_cfg_init(hba);
emlxs_auth_key_init(hba);
hba->rdn_flag = 1;
return;
}
extern void
emlxs_dhc_detach(emlxs_hba_t *hba)
{
emlxs_auth_cfg_fini(hba);
emlxs_auth_key_fini(hba);
mutex_destroy(&hba->dhc_lock);
mutex_destroy(&hba->auth_lock);
return;
}
extern void
emlxs_dhc_init_sp(emlxs_port_t *port, uint32_t did, SERV_PARM *sp, char **msg)
{
emlxs_hba_t *hba = HBA;
emlxs_config_t *cfg = &CFG;
uint32_t fabric;
uint32_t fabric_switch;
emlxs_auth_cfg_t *auth_cfg = NULL;
emlxs_auth_key_t *auth_key = NULL;
fabric = ((did & FABRIC_DID_MASK) == FABRIC_DID_MASK) ? 1 : 0;
fabric_switch = ((did == FABRIC_DID) ? 1 : 0);
if (cfg[CFG_AUTH_ENABLE].current == 0) {
sp->cmn.fcsp_support = 0;
bcopy("fcsp:Disabled (0)", (void *) &msg[0],
sizeof ("fcsp:Disabled (0)"));
return;
}
if (port->vpi != 0 && cfg[CFG_AUTH_NPIV].current == 0) {
sp->cmn.fcsp_support = 0;
bcopy("fcsp:Disabled (npiv)", (void *) &msg[0],
sizeof ("fcsp:Disabled (npiv)"));
return;
}
if (!fabric_switch && fabric) {
sp->cmn.fcsp_support = 0;
bcopy("fcsp:Disabled (fs)", (void *) &msg[0],
sizeof ("fcsp:Disabled (fs)"));
return;
}
if (!fabric_switch && cfg[CFG_AUTH_E2E].current == 0) {
sp->cmn.fcsp_support = 0;
bcopy("fcsp:Disabled (e2e)", (void *) &msg[0],
sizeof ("fcsp:Disabled (e2e)"));
return;
}
mutex_enter(&hba->auth_lock);
if (fabric_switch) {
auth_cfg = emlxs_auth_cfg_find(port,
(uint8_t *)emlxs_fabric_wwn);
auth_key = emlxs_auth_key_find(port,
(uint8_t *)emlxs_fabric_wwn);
if ((!auth_cfg) || (!auth_key)) {
sp->cmn.fcsp_support = 0;
bcopy("fcsp:Disabled (1)", (void *) &msg[0],
sizeof ("fcsp:Disabled (1)"));
mutex_exit(&hba->auth_lock);
return;
}
}
mutex_exit(&hba->auth_lock);
sp->cmn.fcsp_support = 1;
return;
}
extern uint32_t
emlxs_dhc_verify_login(emlxs_port_t *port, uint32_t sid, SERV_PARM *sp)
{
emlxs_hba_t *hba = HBA;
emlxs_config_t *cfg = &CFG;
emlxs_auth_cfg_t *auth_cfg;
emlxs_auth_key_t *auth_key;
uint32_t fabric;
uint32_t fabric_switch;
fabric = ((sid & FABRIC_DID_MASK) == FABRIC_DID_MASK) ? 1 : 0;
fabric_switch = ((sid == FABRIC_DID) ? 1 : 0);
if (port->port_dhc.state == ELX_FABRIC_AUTH_FAILED) {
return (1);
}
if (sp->cmn.fcsp_support) {
return (0);
}
if (cfg[CFG_AUTH_ENABLE].current == 0) {
return (0);
}
if (port->vpi != 0 && cfg[CFG_AUTH_NPIV].current == 0) {
return (0);
}
if (!fabric_switch && fabric) {
return (0);
}
if (!fabric_switch && cfg[CFG_AUTH_E2E].current == 0) {
return (0);
}
mutex_enter(&hba->auth_lock);
if (fabric_switch) {
auth_cfg = emlxs_auth_cfg_find(port,
(uint8_t *)emlxs_fabric_wwn);
auth_key = emlxs_auth_key_find(port,
(uint8_t *)emlxs_fabric_wwn);
} else {
auth_cfg = emlxs_auth_cfg_find(port,
(uint8_t *)&sp->portName);
auth_key = emlxs_auth_key_find(port,
(uint8_t *)&sp->portName);
}
if (auth_key && auth_cfg &&
(auth_cfg->authentication_mode == AUTH_MODE_ACTIVE)) {
mutex_exit(&hba->auth_lock);
return (1);
}
mutex_exit(&hba->auth_lock);
return (0);
}
extern void
emlxs_dhc_reauth_timeout(
emlxs_port_t *port,
void *arg1,
void *arg2)
{
emlxs_port_dhc_t *port_dhc = &port->port_dhc;
NODELIST *ndlp = (NODELIST *) arg2;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
if (node_dhc->auth_cfg.reauthenticate_time_interval == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth timeout. Reauth no longer enabled. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
emlxs_dhc_set_reauth_time(port, ndlp, DISABLE);
return;
}
if (port_dhc->state == ELX_FABRIC_IN_AUTH) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_error_msg,
"Reauth timeout. Fabric in auth. Quiting. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
emlxs_dhc_set_reauth_time(port, ndlp, DISABLE);
return;
}
if (node_dhc->state != NODE_STATE_AUTH_SUCCESS) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth timeout. Auth not done. Restarting. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
goto restart;
}
if (port_dhc->state == ELX_FABRIC_IN_REAUTH) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth timeout. Fabric in reauth. Restarting. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
goto restart;
}
if (node_dhc->nlp_reauth_status == NLP_HOST_REAUTH_IN_PROGRESS) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth timeout. Fabric in reauth. Restarting. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
goto restart;
}
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth timeout. Auth initiated. did=0x%x",
ndlp->nlp_DID);
emlxs_dhc_set_reauth_time(port, ndlp, ENABLE);
node_dhc->nlp_reauth_status = NLP_HOST_REAUTH_IN_PROGRESS;
if (emlxs_dhc_auth_start(port, ndlp, NULL, NULL) != 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth timeout. Auth initiation failed. 0x%x %x",
ndlp->nlp_DID, node_dhc->state);
return;
}
return;
restart:
emlxs_dhc_set_reauth_time(port, ndlp, ENABLE);
return;
}
static void
emlxs_dhc_set_reauth_time(
emlxs_port_t *port,
emlxs_node_t *ndlp,
uint32_t status)
{
emlxs_port_dhc_t *port_dhc = &port->port_dhc;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint32_t drv_time;
uint32_t timeout;
uint32_t reauth_tmo;
time_t last_auth_time;
node_dhc->flag &= ~NLP_SET_REAUTH_TIME;
if ((status == ENABLE) &&
node_dhc->auth_cfg.reauthenticate_time_interval) {
timeout =
(60 * node_dhc->auth_cfg.reauthenticate_time_interval);
drv_time = DRV_TIME;
if (ndlp->nlp_DID == FABRIC_DID) {
last_auth_time = port_dhc->auth_time;
} else if (node_dhc->parent_auth_cfg) {
last_auth_time = node_dhc->parent_auth_cfg->auth_time;
} else {
last_auth_time = 0;
}
if (last_auth_time) {
reauth_tmo = last_auth_time + timeout;
if ((reauth_tmo < drv_time) ||
(reauth_tmo > drv_time + timeout)) {
reauth_tmo = drv_time + timeout;
}
} else {
reauth_tmo = drv_time + timeout;
}
node_dhc->nlp_reauth_tmo = reauth_tmo;
node_dhc->nlp_reauth_status = NLP_HOST_REAUTH_ENABLED;
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth enabled. did=0x%x state=%x tmo=%d,%d",
ndlp->nlp_DID, node_dhc->state,
node_dhc->auth_cfg.reauthenticate_time_interval,
(reauth_tmo - drv_time));
} else {
node_dhc->nlp_reauth_tmo = 0;
node_dhc->nlp_reauth_status = NLP_HOST_REAUTH_DISABLED;
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"Reauth disabled. did=0x%x state=%x",
ndlp->nlp_DID, node_dhc->state);
}
return;
}
extern void
emlxs_dhc_authrsp_timeout(
emlxs_port_t *port,
void *arg1,
void *arg2)
{
NODELIST *ndlp = (NODELIST *)arg1;
emlxs_node_dhc_t *node_dhc = &ndlp->node_dhc;
uint8_t ReasonCode;
uint8_t ReasonCodeExplanation;
node_dhc->nlp_authrsp_tmo = 0;
node_dhc->nlp_authrsp_tmocnt++;
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_debug_msg,
"Authrsp timeout. did=0x%x count=%d",
ndlp->nlp_DID, node_dhc->nlp_authrsp_tmocnt);
if (node_dhc->nlp_authrsp_tmocnt > 3) {
(void) emlxs_dhchap_state_machine(port, NULL, NULL,
NULL, ndlp, NODE_EVENT_DEVICE_RM);
ReasonCode = AUTHRJT_FAILURE;
ReasonCodeExplanation = AUTHEXP_AUTH_FAILED;
} else {
(void) emlxs_dhchap_state_machine(port, NULL, NULL,
NULL, ndlp, NODE_EVENT_DEVICE_RECOVERY);
ReasonCode = AUTHRJT_LOGIC_ERR;
ReasonCodeExplanation = AUTHEXP_RESTART_AUTH;
}
emlxs_dhc_state(port, ndlp, NODE_STATE_AUTH_FAILED, ReasonCode,
ReasonCodeExplanation);
(void) emlxs_issue_auth_reject(port, ndlp, 0, 0, ReasonCode,
ReasonCodeExplanation);
emlxs_dhc_auth_complete(port, ndlp, 1);
return;
}
static emlxs_auth_cfg_t *
emlxs_auth_cfg_find(emlxs_port_t *port, uint8_t *rwwpn)
{
emlxs_hba_t *hba = HBA;
emlxs_auth_cfg_t *auth_cfg;
if (rwwpn) {
auth_cfg = emlxs_auth_cfg_get(hba,
(uint8_t *)&port->wwpn, (uint8_t *)rwwpn);
if (auth_cfg) {
emlxs_auth_cfg_print(hba, auth_cfg);
return (auth_cfg);
}
auth_cfg = emlxs_auth_cfg_get(hba,
(uint8_t *)emlxs_null_wwn, (uint8_t *)rwwpn);
if (auth_cfg) {
emlxs_auth_cfg_print(hba, auth_cfg);
return (auth_cfg);
}
}
auth_cfg = emlxs_auth_cfg_get(hba,
(uint8_t *)&port->wwpn, (uint8_t *)emlxs_null_wwn);
if (auth_cfg) {
emlxs_auth_cfg_print(hba, auth_cfg);
return (auth_cfg);
}
return (&hba->auth_cfg);
}
static void
emlxs_auth_cfg_init(emlxs_hba_t *hba)
{
emlxs_config_t *cfg = &CFG;
emlxs_auth_cfg_t *auth_cfg;
emlxs_auth_cfg_fini(hba);
mutex_enter(&hba->auth_lock);
auth_cfg = &hba->auth_cfg;
bzero(auth_cfg, sizeof (emlxs_auth_cfg_t));
auth_cfg->next = auth_cfg;
auth_cfg->prev = auth_cfg;
auth_cfg->authentication_timeout =
cfg[CFG_AUTH_TMO].current;
auth_cfg->authentication_mode =
cfg[CFG_AUTH_MODE].current;
auth_cfg->bidirectional =
cfg[CFG_AUTH_BIDIR].current;
auth_cfg->authentication_type_priority[0] =
(cfg[CFG_AUTH_TYPE].current & 0xF000) >> 12;
auth_cfg->authentication_type_priority[1] =
(cfg[CFG_AUTH_TYPE].current & 0x0F00) >> 8;
auth_cfg->authentication_type_priority[2] =
(cfg[CFG_AUTH_TYPE].current & 0x00F0) >> 4;
auth_cfg->authentication_type_priority[3] =
(cfg[CFG_AUTH_TYPE].current & 0x000F);
auth_cfg->hash_priority[0] =
(cfg[CFG_AUTH_HASH].current & 0xF000) >> 12;
auth_cfg->hash_priority[1] =
(cfg[CFG_AUTH_HASH].current & 0x0F00) >> 8;
auth_cfg->hash_priority[2] =
(cfg[CFG_AUTH_HASH].current & 0x00F0) >> 4;
auth_cfg->hash_priority[3] =
(cfg[CFG_AUTH_HASH].current & 0x000F);
auth_cfg->dh_group_priority[0] =
(cfg[CFG_AUTH_GROUP].current & 0xF0000000) >> 28;
auth_cfg->dh_group_priority[1] =
(cfg[CFG_AUTH_GROUP].current & 0x0F000000) >> 24;
auth_cfg->dh_group_priority[2] =
(cfg[CFG_AUTH_GROUP].current & 0x00F00000) >> 20;
auth_cfg->dh_group_priority[3] =
(cfg[CFG_AUTH_GROUP].current & 0x000F0000) >> 16;
auth_cfg->dh_group_priority[4] =
(cfg[CFG_AUTH_GROUP].current & 0x0000F000) >> 12;
auth_cfg->dh_group_priority[5] =
(cfg[CFG_AUTH_GROUP].current & 0x00000F00) >> 8;
auth_cfg->dh_group_priority[6] =
(cfg[CFG_AUTH_GROUP].current & 0x000000F0) >> 4;
auth_cfg->dh_group_priority[7] =
(cfg[CFG_AUTH_GROUP].current & 0x0000000F);
auth_cfg->reauthenticate_time_interval =
cfg[CFG_AUTH_INTERVAL].current;
emlxs_auth_cfg_read(hba);
mutex_exit(&hba->auth_lock);
return;
}
static void
emlxs_auth_cfg_fini(emlxs_hba_t *hba)
{
emlxs_auth_cfg_t *auth_cfg = hba->auth_cfg.next;
emlxs_auth_cfg_t *next;
mutex_enter(&hba->auth_lock);
while (auth_cfg && auth_cfg != &hba->auth_cfg) {
next = auth_cfg->next;
emlxs_auth_cfg_destroy(hba, auth_cfg);
auth_cfg = next;
}
mutex_exit(&hba->auth_lock);
return;
}
static void
emlxs_auth_cfg_print(emlxs_hba_t *hba, emlxs_auth_cfg_t *auth_cfg)
{
emlxs_port_t *port = &PPORT;
char s_lwwpn[32];
char s_rwwpn[32];
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_detail_msg,
"%s:%s:%x:%x:%x:%x%x%x%x:%x%x%x%x:%x%x%x%x%x%x%x%x:%x",
emlxs_wwn_xlate(s_lwwpn, sizeof (s_lwwpn),
(uint8_t *)&auth_cfg->local_entity),
emlxs_wwn_xlate(s_rwwpn, sizeof (s_rwwpn),
(uint8_t *)&auth_cfg->remote_entity),
auth_cfg->authentication_timeout,
auth_cfg->authentication_mode,
auth_cfg->bidirectional,
auth_cfg->authentication_type_priority[0],
auth_cfg->authentication_type_priority[1],
auth_cfg->authentication_type_priority[2],
auth_cfg->authentication_type_priority[3],
auth_cfg->hash_priority[0],
auth_cfg->hash_priority[1],
auth_cfg->hash_priority[2],
auth_cfg->hash_priority[3],
auth_cfg->dh_group_priority[0],
auth_cfg->dh_group_priority[1],
auth_cfg->dh_group_priority[2],
auth_cfg->dh_group_priority[3],
auth_cfg->dh_group_priority[4],
auth_cfg->dh_group_priority[5],
auth_cfg->dh_group_priority[6],
auth_cfg->dh_group_priority[7],
auth_cfg->reauthenticate_time_interval);
}
static emlxs_auth_cfg_t *
emlxs_auth_cfg_get(emlxs_hba_t *hba, uint8_t *lwwpn, uint8_t *rwwpn)
{
emlxs_auth_cfg_t *auth_cfg;
if (!lwwpn || !rwwpn) {
return (NULL);
}
if ((bcmp(lwwpn, emlxs_null_wwn, 8) == 0) &&
(bcmp(rwwpn, emlxs_null_wwn, 8) == 0)) {
return (&hba->auth_cfg);
}
for (auth_cfg = hba->auth_cfg.next;
auth_cfg != &hba->auth_cfg; auth_cfg = auth_cfg->next) {
if (bcmp((void *)&auth_cfg->local_entity,
(void *)lwwpn, 8) != 0) {
continue;
}
if (bcmp((void *)&auth_cfg->remote_entity,
(void *)rwwpn, 8) != 0) {
continue;
}
return (auth_cfg);
}
return (NULL);
}
static emlxs_auth_cfg_t *
emlxs_auth_cfg_create(emlxs_hba_t *hba, uint8_t *lwwpn, uint8_t *rwwpn)
{
emlxs_auth_cfg_t *auth_cfg;
auth_cfg = emlxs_auth_cfg_get(hba, lwwpn, rwwpn);
if (auth_cfg) {
return (auth_cfg);
}
auth_cfg = (emlxs_auth_cfg_t *)kmem_zalloc(sizeof (emlxs_auth_cfg_t),
KM_NOSLEEP);
if (!auth_cfg) {
return (NULL);
}
auth_cfg->next = &hba->auth_cfg;
auth_cfg->prev = hba->auth_cfg.prev;
hba->auth_cfg.prev->next = auth_cfg;
hba->auth_cfg.prev = auth_cfg;
hba->auth_cfg_count++;
if (lwwpn) {
bcopy((void *)lwwpn, (void *)&auth_cfg->local_entity, 8);
}
if (rwwpn) {
bcopy((void *)rwwpn, (void *)&auth_cfg->remote_entity, 8);
}
auth_cfg->auth_status.auth_state = DFC_AUTH_STATE_OFF;
return (auth_cfg);
}
static void
emlxs_auth_cfg_destroy(emlxs_hba_t *hba, emlxs_auth_cfg_t *auth_cfg)
{
if (!auth_cfg) {
return;
}
if (auth_cfg == &hba->auth_cfg) {
return;
}
auth_cfg->next->prev = auth_cfg->prev;
auth_cfg->prev->next = auth_cfg->next;
hba->auth_cfg_count--;
if (auth_cfg->node &&
auth_cfg->node->nlp_active &&
(auth_cfg->node->node_dhc.parent_auth_cfg == auth_cfg)) {
auth_cfg->node->node_dhc.parent_auth_cfg = NULL;
}
bzero(auth_cfg, sizeof (emlxs_auth_cfg_t));
kmem_free(auth_cfg, sizeof (emlxs_auth_cfg_t));
return;
}
static void
emlxs_auth_cfg_read(emlxs_hba_t *hba)
{
emlxs_port_t *port = &PPORT;
char **arrayp;
emlxs_auth_cfg_t auth_cfg;
emlxs_auth_cfg_t *auth_cfg2;
uint32_t cnt;
uint32_t rval;
char buffer[64];
char *prop_str;
uint32_t i;
(void) snprintf(buffer, sizeof (buffer), "%s%d-auth-cfgs", DRIVER_NAME,
hba->ddiinst);
cnt = 0;
arrayp = NULL;
rval = ddi_prop_lookup_string_array(DDI_DEV_T_ANY, hba->dip,
(DDI_PROP_DONTPASS),
buffer, &arrayp, &cnt);
if ((rval != DDI_PROP_SUCCESS) || !cnt || !arrayp) {
cnt = 0;
arrayp = NULL;
rval = ddi_prop_lookup_string_array(DDI_DEV_T_ANY,
hba->dip, (DDI_PROP_DONTPASS),
"auth-cfgs", &arrayp, &cnt);
}
if ((rval != DDI_PROP_SUCCESS) || !cnt || !arrayp) {
return;
}
for (i = 0; i < cnt; i++) {
prop_str = arrayp[i];
if (prop_str == NULL) {
break;
}
if (emlxs_auth_cfg_parse(hba, &auth_cfg, prop_str) == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_msg,
"Error parsing auth_cfgs property. entry=%d", i);
continue;
}
auth_cfg2 = emlxs_auth_cfg_create(hba,
(uint8_t *)&auth_cfg.local_entity,
(uint8_t *)&auth_cfg.remote_entity);
if (!auth_cfg2) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_msg,
"Out of memory parsing auth_cfgs property. ey=%d",
i);
return;
}
auth_cfg.next = auth_cfg2->next;
auth_cfg.prev = auth_cfg2->prev;
bcopy((uint8_t *)&auth_cfg,
(uint8_t *)auth_cfg2,
sizeof (emlxs_auth_cfg_t));
}
return;
}
static uint32_t
emlxs_auth_cfg_parse(
emlxs_hba_t *hba,
emlxs_auth_cfg_t *auth_cfg,
char *prop_str)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
uint32_t errors = 0;
uint32_t c1;
uint8_t *np;
uint32_t j;
uint32_t i;
uint32_t sum;
char *s;
s = prop_str;
bzero(auth_cfg, sizeof (emlxs_auth_cfg_t));
np = (uint8_t *)&auth_cfg->local_entity;
for (j = 0; j < 8; j++) {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = ((c1 - '0') << 4);
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = ((c1 - 'a' + 10) << 4);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = ((c1 - 'A' + 10) << 4);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err:Invalid LWWPN found. byte=%d hi_nibble=%c",
j, c1);
errors++;
}
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum |= (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum |= (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum |= (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid LWWPN found. %d %c",
j, c1);
errors++;
}
*np++ = (uint8_t)sum;
}
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after LWWPN.");
goto out;
}
np = (uint8_t *)&auth_cfg->remote_entity;
for (j = 0; j < 8; j++) {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = ((c1 - '0') << 4);
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = ((c1 - 'a' + 10) << 4);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = ((c1 - 'A' + 10) << 4);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid RWWPN found.byte=%d hi_nibble=%c",
j, c1);
errors++;
}
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum |= (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum |= (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum |= (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid RWWPN found. %d %c",
j, c1);
errors++;
}
*np++ = (uint8_t)sum;
}
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after RWWPN.");
goto out;
}
sum = 0;
do {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (sum << 4) + (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (sum << 4) + (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (sum << 4) + (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid auth_tov found. c=%c sum=%d",
c1, sum);
errors++;
}
} while (*s != ':' && *s != 0);
auth_cfg->authentication_timeout = sum;
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after auth_tov.");
goto out;
}
sum = 0;
do {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (sum << 4) + (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (sum << 4) + (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (sum << 4) + (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid auth_mode found. c=%c sum=%d",
c1, sum);
errors++;
}
} while (*s != ':' && *s != 0);
auth_cfg->authentication_mode = sum;
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Config error: Invalid delimiter after auth_mode.");
goto out;
}
sum = 0;
do {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (sum << 4) + (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (sum << 4) + (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (sum << 4) + (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid auth_bidir found. c=%c sum=%d",
c1, sum);
errors++;
}
} while (*s != ':' && *s != 0);
auth_cfg->bidirectional = sum;
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after auth_bidir.");
goto out;
}
for (i = 0; i < 4; i++) {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid type_pty[%d] found. c=%c sum=%d",
i, c1, sum);
errors++;
}
auth_cfg->authentication_type_priority[i] = sum;
}
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after type_priority.");
goto out;
}
for (i = 0; i < 4; i++) {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid hash_priority[%d] fd. %c %d",
i, c1, sum);
errors++;
}
auth_cfg->hash_priority[i] = sum;
}
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after hash_priority.");
goto out;
}
for (i = 0; i < 8; i++) {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid group_priority[%d] fd. %c %d",
i, c1, sum);
errors++;
}
auth_cfg->dh_group_priority[i] = sum;
}
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after group_priority.");
goto out;
}
sum = 0;
do {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (sum << 4) + (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (sum << 4) + (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (sum << 4) + (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid reauth_tov found. c=%c sum=%d",
c1, sum);
errors++;
}
} while (*s != ':' && *s != 0);
auth_cfg->reauthenticate_time_interval = sum;
if (errors) {
goto out;
}
if (auth_cfg->authentication_timeout < cfg[CFG_AUTH_TMO].low) {
auth_cfg->authentication_timeout = cfg[CFG_AUTH_TMO].current;
} else if (auth_cfg->authentication_timeout > cfg[CFG_AUTH_TMO].hi) {
auth_cfg->authentication_timeout = cfg[CFG_AUTH_TMO].current;
}
if (auth_cfg->authentication_mode < cfg[CFG_AUTH_MODE].low) {
auth_cfg->authentication_mode = cfg[CFG_AUTH_MODE].current;
} else if (auth_cfg->authentication_mode > cfg[CFG_AUTH_MODE].hi) {
auth_cfg->authentication_mode = cfg[CFG_AUTH_MODE].current;
}
if (auth_cfg->bidirectional < cfg[CFG_AUTH_BIDIR].low) {
auth_cfg->bidirectional = cfg[CFG_AUTH_BIDIR].current;
} else if (auth_cfg->bidirectional > cfg[CFG_AUTH_BIDIR].hi) {
auth_cfg->bidirectional = cfg[CFG_AUTH_BIDIR].current;
}
for (i = 0; i < 4; i++) {
if (auth_cfg->authentication_type_priority[i] >
DFC_AUTH_TYPE_MAX) {
auth_cfg->authentication_type_priority[i] =
hba->auth_cfg.authentication_type_priority[i];
}
if (auth_cfg->hash_priority[i] > DFC_AUTH_HASH_MAX) {
auth_cfg->hash_priority[i] =
hba->auth_cfg.hash_priority[i];
}
}
for (i = 0; i < 8; i++) {
if (auth_cfg->dh_group_priority[i] > DFC_AUTH_GROUP_MAX) {
auth_cfg->dh_group_priority[i] =
hba->auth_cfg.dh_group_priority[i];
}
}
if (auth_cfg->reauthenticate_time_interval <
cfg[CFG_AUTH_INTERVAL].low) {
auth_cfg->reauthenticate_time_interval =
cfg[CFG_AUTH_INTERVAL].current;
} else if (auth_cfg->reauthenticate_time_interval >
cfg[CFG_AUTH_INTERVAL].hi) {
auth_cfg->reauthenticate_time_interval =
cfg[CFG_AUTH_INTERVAL].current;
}
emlxs_auth_cfg_print(hba, auth_cfg);
out:
if (errors) {
bzero(auth_cfg, sizeof (emlxs_auth_cfg_t));
return (0);
}
return (1);
}
extern emlxs_auth_key_t *
emlxs_auth_key_find(emlxs_port_t *port, uint8_t *rwwpn)
{
emlxs_hba_t *hba = HBA;
emlxs_auth_key_t *auth_key;
if (rwwpn) {
auth_key = emlxs_auth_key_get(hba,
(uint8_t *)&port->wwpn, (uint8_t *)rwwpn);
if (auth_key) {
emlxs_auth_key_print(hba, auth_key);
return (auth_key);
}
auth_key = emlxs_auth_key_get(hba,
(uint8_t *)emlxs_null_wwn, (uint8_t *)rwwpn);
if (auth_key) {
emlxs_auth_key_print(hba, auth_key);
return (auth_key);
}
}
auth_key = emlxs_auth_key_get(hba,
(uint8_t *)&port->wwpn, (uint8_t *)emlxs_null_wwn);
if (auth_key) {
emlxs_auth_key_print(hba, auth_key);
return (auth_key);
}
return (NULL);
}
static void
emlxs_auth_key_init(emlxs_hba_t *hba)
{
emlxs_auth_key_t *auth_key;
emlxs_auth_key_fini(hba);
mutex_enter(&hba->auth_lock);
auth_key = &hba->auth_key;
bzero(auth_key, sizeof (emlxs_auth_key_t));
auth_key->next = auth_key;
auth_key->prev = auth_key;
auth_key->local_password_type = PASSWORD_TYPE_IGNORE;
auth_key->remote_password_type = PASSWORD_TYPE_IGNORE;
emlxs_auth_key_read(hba);
mutex_exit(&hba->auth_lock);
return;
}
static void
emlxs_auth_key_fini(emlxs_hba_t *hba)
{
emlxs_auth_key_t *auth_key = hba->auth_key.next;
emlxs_auth_key_t *next;
mutex_enter(&hba->auth_lock);
while (auth_key && auth_key != &hba->auth_key) {
next = auth_key->next;
emlxs_auth_key_destroy(hba, auth_key);
auth_key = next;
}
mutex_exit(&hba->auth_lock);
return;
}
static void
emlxs_auth_key_print(emlxs_hba_t *hba, emlxs_auth_key_t *auth_key)
{
emlxs_port_t *port = &PPORT;
char s_lwwpn[32];
char s_rwwpn[32];
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_detail_msg,
"auth-key> %s:%s:%x:*%d chars*:%x:*%d chars*",
emlxs_wwn_xlate(s_lwwpn, sizeof (s_lwwpn),
(uint8_t *)&auth_key->local_entity),
emlxs_wwn_xlate(s_rwwpn, sizeof (s_rwwpn),
(uint8_t *)&auth_key->remote_entity),
auth_key->local_password_type, auth_key->local_password_length,
auth_key->remote_password_type, auth_key->remote_password_length);
return;
}
static emlxs_auth_key_t *
emlxs_auth_key_get(emlxs_hba_t *hba, uint8_t *lwwpn, uint8_t *rwwpn)
{
emlxs_auth_key_t *auth_key;
if (!lwwpn || !rwwpn) {
return (NULL);
}
if ((bcmp(lwwpn, emlxs_null_wwn, 8) == 0) &&
(bcmp(rwwpn, emlxs_null_wwn, 8) == 0)) {
return (&hba->auth_key);
}
for (auth_key = hba->auth_key.next; auth_key !=
&hba->auth_key; auth_key = auth_key->next) {
if (bcmp((void *)&auth_key->local_entity,
(void *)lwwpn, 8) != 0) {
continue;
}
if (bcmp((void *)&auth_key->remote_entity,
(void *)rwwpn, 8) != 0) {
continue;
}
return (auth_key);
}
return (NULL);
}
static emlxs_auth_key_t *
emlxs_auth_key_create(emlxs_hba_t *hba, uint8_t *lwwpn, uint8_t *rwwpn)
{
emlxs_auth_key_t *auth_key;
auth_key = emlxs_auth_key_get(hba, lwwpn, rwwpn);
if (auth_key) {
return (auth_key);
}
auth_key = (emlxs_auth_key_t *)kmem_zalloc(sizeof (emlxs_auth_key_t),
KM_NOSLEEP);
if (!auth_key) {
return (NULL);
}
if (lwwpn) {
bcopy((void *)lwwpn, (void *)&auth_key->local_entity, 8);
}
if (rwwpn) {
bcopy((void *)rwwpn, (void *)&auth_key->remote_entity, 8);
}
auth_key->local_password_type = PASSWORD_TYPE_IGNORE;
auth_key->remote_password_type = PASSWORD_TYPE_IGNORE;
auth_key->next = &hba->auth_key;
auth_key->prev = hba->auth_key.prev;
hba->auth_key.prev->next = auth_key;
hba->auth_key.prev = auth_key;
hba->auth_key_count++;
return (auth_key);
}
static void
emlxs_auth_key_destroy(emlxs_hba_t *hba, emlxs_auth_key_t *auth_key)
{
if (!auth_key) {
return;
}
if (auth_key == &hba->auth_key) {
return;
}
auth_key->next->prev = auth_key->prev;
auth_key->prev->next = auth_key->next;
hba->auth_key_count--;
if (auth_key->node &&
auth_key->node->nlp_active &&
(auth_key->node->node_dhc.parent_auth_key == auth_key)) {
auth_key->node->node_dhc.parent_auth_key = NULL;
}
bzero(auth_key, sizeof (emlxs_auth_key_t));
kmem_free(auth_key, sizeof (emlxs_auth_key_t));
return;
}
static void
emlxs_auth_key_read(emlxs_hba_t *hba)
{
emlxs_port_t *port = &PPORT;
char **arrayp;
emlxs_auth_key_t auth_key;
emlxs_auth_key_t *auth_key2;
uint32_t cnt;
uint32_t rval;
char buffer[64];
char *prop_str;
uint32_t i;
(void) snprintf(buffer, sizeof (buffer), "%s%d-auth-keys", DRIVER_NAME,
hba->ddiinst);
cnt = 0;
arrayp = NULL;
rval = ddi_prop_lookup_string_array(DDI_DEV_T_ANY, hba->dip,
(DDI_PROP_DONTPASS),
buffer, &arrayp, &cnt);
if ((rval != DDI_PROP_SUCCESS) || !cnt || !arrayp) {
cnt = 0;
arrayp = NULL;
rval = ddi_prop_lookup_string_array(DDI_DEV_T_ANY, hba->dip,
(DDI_PROP_DONTPASS),
"auth-keys", &arrayp, &cnt);
}
if ((rval != DDI_PROP_SUCCESS) || !cnt || !arrayp) {
return;
}
for (i = 0; i < cnt; i++) {
prop_str = arrayp[i];
if (prop_str == NULL) {
break;
}
if (emlxs_auth_key_parse(hba, &auth_key, prop_str) == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_msg,
"Error parsing auth_keys property. entry=%d", i);
continue;
}
auth_key2 = emlxs_auth_key_create(hba,
(uint8_t *)&auth_key.local_entity,
(uint8_t *)&auth_key.remote_entity);
if (!auth_key2) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_msg,
"Out of memory parsing auth_keys property. %d",
i);
return;
}
auth_key.next = auth_key2->next;
auth_key.prev = auth_key2->prev;
bcopy((uint8_t *)&auth_key,
(uint8_t *)auth_key2, sizeof (emlxs_auth_key_t));
}
return;
}
static uint32_t
emlxs_auth_key_parse(
emlxs_hba_t *hba,
emlxs_auth_key_t *auth_key,
char *prop_str)
{
emlxs_port_t *port = &PPORT;
uint32_t errors = 0;
uint32_t c1;
uint8_t *np;
uint32_t j;
uint32_t sum;
char *s;
s = prop_str;
bzero(auth_key, sizeof (emlxs_auth_key_t));
np = (uint8_t *)&auth_key->local_entity;
for (j = 0; j < 8; j++) {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = ((c1 - '0') << 4);
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = ((c1 - 'a' + 10) << 4);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = ((c1 - 'A' + 10) << 4);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid LWWPN found. %d %c",
j, c1);
errors++;
}
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum |= (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum |= (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum |= (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid LWWPN found. %d %c",
j, c1);
errors++;
}
*np++ = (uint8_t)sum;
}
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after LWWPN.");
goto out;
}
np = (uint8_t *)&auth_key->remote_entity;
for (j = 0; j < 8; j++) {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = ((c1 - '0') << 4);
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = ((c1 - 'a' + 10) << 4);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = ((c1 - 'A' + 10) << 4);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid RWWPN found.%d %c",
j, c1);
errors++;
}
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum |= (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum |= (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum |= (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid RWWPN found. %d %c",
j, c1);
errors++;
}
*np++ = (uint8_t)sum;
}
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after RWWPN.");
goto out;
}
sum = 0;
do {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (sum << 4) + (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (sum << 4) + (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (sum << 4) + (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid lpwd type found. %c %d",
c1, sum);
errors++;
}
} while (*s != ':' && *s != 0);
auth_key->local_password_type = (uint16_t)sum;
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid delimiter after lpwd type.");
goto out;
}
np = (uint8_t *)&auth_key->local_password;
j = 0;
switch (auth_key->local_password_type) {
case 1:
while (*s != ':' && *s != 0) {
*np++ = *s++;
j++;
}
break;
case 2:
do {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = ((c1 - '0') << 4);
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = ((c1 - 'a' + 10) << 4);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = ((c1 - 'A' + 10) << 4);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid lpwd found. %d %c",
j, c1);
errors++;
}
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum |= (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum |= (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum |= (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid lpwd found. %d %c",
j, c1);
errors++;
}
*np++ = (uint8_t)sum;
j++;
} while (*s != ':' && *s != 0);
break;
case 0:
case 3:
break;
default:
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Config error: Invalid lpwd type found. type=%x",
auth_key->local_password_type);
errors++;
goto out;
}
auth_key->local_password_length = (uint16_t)j;
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Config error: Invalid delimiter after lpwd.");
goto out;
}
sum = 0;
do {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = (sum << 4) + (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = (sum << 4) + (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = (sum << 4) + (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Config error: Invalid rpwd type found. %c %d",
c1, sum);
errors++;
}
} while (*s != ':' && *s != 0);
auth_key->remote_password_type = (uint16_t)sum;
if (*s++ != ':') {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Config error: Invalid delimiter after rpwd type.");
goto out;
}
np = (uint8_t *)&auth_key->remote_password;
j = 0;
switch (auth_key->remote_password_type) {
case 1:
while (*s != ':' && *s != 0) {
*np++ = *s++;
j++;
}
break;
case 2:
do {
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum = ((c1 - '0') << 4);
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum = ((c1 - 'a' + 10) << 4);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum = ((c1 - 'A' + 10) << 4);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid rpwd found. %d %c",
j, c1);
errors++;
}
c1 = *s++;
if ((c1 >= '0') && (c1 <= '9')) {
sum |= (c1 - '0');
} else if ((c1 >= 'a') && (c1 <= 'f')) {
sum |= (c1 - 'a' + 10);
} else if ((c1 >= 'A') && (c1 <= 'F')) {
sum |= (c1 - 'A' + 10);
} else {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg err: Invalid rpwd found. %d %c",
j, c1);
errors++;
}
*np++ = (uint8_t)sum;
j++;
} while (*s != ':' && *s != 0);
break;
case 0:
case 3:
break;
default:
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_attach_debug_msg,
"Cfg error: Invalid rpwd type found. type=%x",
auth_key->remote_password_type);
errors++;
goto out;
}
auth_key->remote_password_length = (uint16_t)j;
if (errors) {
goto out;
}
if (auth_key->local_password_type == 0 ||
auth_key->local_password_type > 3 ||
auth_key->local_password_length == 0) {
auth_key->local_password_type = 3;
auth_key->local_password_length = 0;
bzero(auth_key->local_password,
sizeof (auth_key->local_password));
}
if (auth_key->remote_password_type == 0 ||
auth_key->remote_password_type > 3 ||
auth_key->remote_password_length == 0) {
auth_key->remote_password_type = 3;
auth_key->remote_password_length = 0;
bzero(auth_key->remote_password,
sizeof (auth_key->remote_password));
}
emlxs_auth_key_print(hba, auth_key);
out:
if (errors) {
bzero(auth_key, sizeof (emlxs_auth_key_t));
return (0);
}
return (1);
}
extern uint32_t
emlxs_dhc_init_auth(emlxs_hba_t *hba, uint8_t *lwwpn, uint8_t *rwwpn)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
NODELIST *ndlp;
uint32_t vpi;
char s_wwpn[64];
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_init_auth. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
for (vpi = 0; vpi < MAX_VPORTS; vpi++) {
port = &VPORT(vpi);
if (!(port->flag & EMLXS_PORT_BOUND)) {
continue;
}
if (bcmp((uint8_t *)&port->wwpn, lwwpn, 8) == 0) {
break;
}
}
if (vpi == MAX_VPORTS) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_init_auth: lwwpn not found. %s",
emlxs_wwn_xlate(s_wwpn, sizeof (s_wwpn), lwwpn));
return (DFC_AUTH_WWN_NOT_FOUND);
}
if (bcmp(rwwpn, emlxs_fabric_wwn, 8) == 0) {
if ((ndlp = emlxs_node_find_did(port, FABRIC_DID, 1)) == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_init_auth: fabric node not found.");
return (DFC_AUTH_WWN_NOT_FOUND);
}
} else {
if ((ndlp = emlxs_node_find_wwpn(port, rwwpn, 1)) == NULL) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_init_auth: rwwpn not found. %s",
emlxs_wwn_xlate(s_wwpn, sizeof (s_wwpn), rwwpn));
return (DFC_AUTH_WWN_NOT_FOUND);
}
}
if ((ndlp->nlp_DID != FABRIC_DID) &&
((port->port_dhc.state != ELX_FABRIC_AUTH_SUCCESS))) {
return (DFC_IO_ERROR);
}
if (ndlp->node_dhc.state >= NODE_STATE_AUTH_NEGOTIATE_ISSUE) {
return (DFC_AUTH_AUTHENTICATION_GOINGON);
}
if (ndlp->node_dhc.state == NODE_STATE_AUTH_SUCCESS) {
ndlp->node_dhc.nlp_reauth_status = NLP_HOST_REAUTH_IN_PROGRESS;
}
if (emlxs_dhc_auth_start(port, ndlp, NULL, NULL) != 0) {
return (DFC_IO_ERROR);
}
return (0);
}
extern uint32_t
emlxs_dhc_get_auth_cfg(emlxs_hba_t *hba, dfc_fcsp_config_t *fcsp_cfg)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
char s_lwwpn[64];
char s_rwwpn[64];
emlxs_auth_cfg_t *auth_cfg;
uint32_t i;
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_get_auth_cfg. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
mutex_enter(&hba->auth_lock);
auth_cfg = emlxs_auth_cfg_get(hba,
(uint8_t *)&fcsp_cfg->lwwpn, (uint8_t *)&fcsp_cfg->rwwpn);
if (!auth_cfg) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_get_auth_cfg: entry not found. %s:%s",
emlxs_wwn_xlate(s_lwwpn, sizeof (s_lwwpn),
(uint8_t *)&fcsp_cfg->lwwpn),
emlxs_wwn_xlate(s_rwwpn, sizeof (s_rwwpn),
(uint8_t *)&fcsp_cfg->rwwpn));
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_NOT_CONFIGURED);
}
fcsp_cfg->auth_tov = auth_cfg->authentication_timeout;
fcsp_cfg->auth_mode = auth_cfg->authentication_mode;
fcsp_cfg->auth_bidir = auth_cfg->bidirectional;
for (i = 0; i < 4; i++) {
fcsp_cfg->type_priority[i] =
auth_cfg->authentication_type_priority[i];
fcsp_cfg->hash_priority[i] =
auth_cfg->hash_priority[i];
}
for (i = 0; i < 8; i++) {
fcsp_cfg->group_priority[i] = auth_cfg->dh_group_priority[i];
}
fcsp_cfg->reauth_tov = auth_cfg->reauthenticate_time_interval;
mutex_exit(&hba->auth_lock);
return (0);
}
extern uint32_t
emlxs_dhc_add_auth_cfg(
emlxs_hba_t *hba,
dfc_fcsp_config_t *fcsp_cfg,
dfc_password_t *dfc_pwd)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
emlxs_auth_cfg_t *auth_cfg;
emlxs_auth_key_t *auth_key;
uint32_t i;
NODELIST *ndlp;
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_add_auth_cfg. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
mutex_enter(&hba->auth_lock);
auth_key = emlxs_auth_key_get(hba,
(uint8_t *)&fcsp_cfg->lwwpn, (uint8_t *)&fcsp_cfg->rwwpn);
if (auth_key &&
(auth_key->local_password_type == PASSWORD_TYPE_ASCII ||
auth_key->local_password_type == PASSWORD_TYPE_BINARY)) {
if ((auth_key->local_password_length != dfc_pwd->length) ||
(auth_key->local_password_type != dfc_pwd->type) ||
bcmp(dfc_pwd->password, auth_key->local_password,
dfc_pwd->length)) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_add_auth_cfg: Invalid local password.");
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_COMPARE_FAILED);
}
}
auth_cfg = emlxs_auth_cfg_create(hba,
(uint8_t *)&fcsp_cfg->lwwpn,
(uint8_t *)&fcsp_cfg->rwwpn);
if (!auth_cfg) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_add_auth_cfg: Out of memory.");
mutex_exit(&hba->auth_lock);
return (DFC_SYSRES_ERROR);
}
auth_cfg->authentication_timeout = fcsp_cfg->auth_tov;
auth_cfg->authentication_mode = fcsp_cfg->auth_mode;
auth_cfg->bidirectional = fcsp_cfg->auth_bidir;
for (i = 0; i < 4; i++) {
auth_cfg->authentication_type_priority[i] =
fcsp_cfg->type_priority[i];
auth_cfg->hash_priority[i] =
fcsp_cfg->hash_priority[i];
}
for (i = 0; i < 8; i++) {
auth_cfg->dh_group_priority[i] = fcsp_cfg->group_priority[i];
}
auth_cfg->reauthenticate_time_interval = fcsp_cfg->reauth_tov;
emlxs_auth_cfg_print(hba, auth_cfg);
for (i = 0; i < MAX_VPORTS; i++) {
port = &VPORT(i);
if (!(port->flag & EMLXS_PORT_BOUND)) {
continue;
}
if (bcmp((uint8_t *)&fcsp_cfg->lwwpn,
(uint8_t *)&port->wwpn, 8)) {
continue;
}
if (bcmp((uint8_t *)&fcsp_cfg->rwwpn,
emlxs_fabric_wwn, 8) == 0) {
if ((ndlp = emlxs_node_find_did(port,
FABRIC_DID, 1)) == NULL) {
break;
}
} else {
if ((ndlp = emlxs_node_find_wwpn(port,
(uint8_t *)&fcsp_cfg->rwwpn, 1)) == NULL) {
break;
}
}
emlxs_dhc_set_reauth_time(port, ndlp, ENABLE);
break;
}
mutex_exit(&hba->auth_lock);
return (0);
}
extern uint32_t
emlxs_dhc_delete_auth_cfg(
emlxs_hba_t *hba,
dfc_fcsp_config_t *fcsp_cfg,
dfc_password_t *dfc_pwd)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
char s_lwwpn[64];
char s_rwwpn[64];
emlxs_auth_key_t *auth_key;
emlxs_auth_cfg_t *auth_cfg;
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_delete_auth_cfg. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
mutex_enter(&hba->auth_lock);
auth_key = emlxs_auth_key_get(hba,
(uint8_t *)&fcsp_cfg->lwwpn,
(uint8_t *)&fcsp_cfg->rwwpn);
if (auth_key &&
(auth_key->local_password_type == PASSWORD_TYPE_ASCII ||
auth_key->local_password_type ==
PASSWORD_TYPE_BINARY)) {
if ((auth_key->local_password_length != dfc_pwd->length) ||
(auth_key->local_password_type != dfc_pwd->type) ||
bcmp(dfc_pwd->password,
auth_key->local_password,
dfc_pwd->length)) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_delete_auth_cfg: Ivld local pwd.");
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_COMPARE_FAILED);
}
}
auth_cfg = emlxs_auth_cfg_get(hba,
(uint8_t *)&fcsp_cfg->lwwpn, (uint8_t *)&fcsp_cfg->rwwpn);
if (!auth_cfg) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_delete_auth_cfg: entry not found. %s:%s",
emlxs_wwn_xlate(s_lwwpn, sizeof (s_lwwpn),
(uint8_t *)&fcsp_cfg->lwwpn),
emlxs_wwn_xlate(s_rwwpn, sizeof (s_rwwpn),
(uint8_t *)&fcsp_cfg->rwwpn));
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_WWN_NOT_FOUND);
}
emlxs_auth_cfg_destroy(hba, auth_cfg);
emlxs_auth_key_destroy(hba, auth_key);
mutex_exit(&hba->auth_lock);
return (0);
}
extern uint32_t
emlxs_dhc_get_auth_key(emlxs_hba_t *hba, dfc_auth_password_t *dfc_auth_pwd)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
char s_lwwpn[64];
char s_rwwpn[64];
emlxs_auth_key_t *auth_key;
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_get_auth_key. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
mutex_enter(&hba->auth_lock);
auth_key = emlxs_auth_key_get(hba,
(uint8_t *)&dfc_auth_pwd->lwwpn,
(uint8_t *)&dfc_auth_pwd->rwwpn);
if (!auth_key) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_get_auth_key: entry not found. %s:%s",
emlxs_wwn_xlate(s_lwwpn, sizeof (s_lwwpn),
(uint8_t *)&dfc_auth_pwd->lwwpn),
emlxs_wwn_xlate(s_rwwpn, sizeof (s_rwwpn),
(uint8_t *)&dfc_auth_pwd->rwwpn));
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_NOT_CONFIGURED);
}
dfc_auth_pwd->lpw.length = auth_key->local_password_length;
dfc_auth_pwd->lpw.type = auth_key->local_password_type;
dfc_auth_pwd->rpw.length = auth_key->remote_password_length;
dfc_auth_pwd->rpw.type = auth_key->remote_password_type;
dfc_auth_pwd->lpw_new.length = auth_key->local_password_length;
dfc_auth_pwd->lpw_new.type = auth_key->local_password_type;
dfc_auth_pwd->rpw_new.length = auth_key->remote_password_length;
dfc_auth_pwd->rpw_new.type = auth_key->remote_password_type;
mutex_exit(&hba->auth_lock);
return (0);
}
extern uint32_t
emlxs_dhc_set_auth_key(emlxs_hba_t *hba, dfc_auth_password_t *dfc_pwd)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
emlxs_auth_key_t *auth_key;
uint32_t length;
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_set_auth_key. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
if ((dfc_pwd->lpw_new.type == PASSWORD_TYPE_ASCII ||
dfc_pwd->lpw_new.type == PASSWORD_TYPE_BINARY) &&
(dfc_pwd->rpw_new.type == PASSWORD_TYPE_ASCII ||
dfc_pwd->rpw_new.type == PASSWORD_TYPE_BINARY)) {
if (bcmp(dfc_pwd->lpw_new.password,
dfc_pwd->rpw_new.password,
dfc_pwd->lpw_new.length) == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_set_auth_key. nlpwd==nrpwd");
return (DFC_AUTH_LOCAL_REMOTE_PWD_EQUAL);
}
}
mutex_enter(&hba->auth_lock);
auth_key = emlxs_auth_key_get(hba,
(uint8_t *)&dfc_pwd->lwwpn,
(uint8_t *)&dfc_pwd->rwwpn);
if (!auth_key) {
auth_key = emlxs_auth_key_create(hba,
(uint8_t *)&dfc_pwd->lwwpn,
(uint8_t *)&dfc_pwd->rwwpn);
if (!auth_key) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_set_auth_key: Out of memory.");
mutex_exit(&hba->auth_lock);
return (DFC_SYSRES_ERROR);
}
}
if (dfc_pwd->lpw_new.type == PASSWORD_TYPE_ASCII ||
dfc_pwd->lpw_new.type == PASSWORD_TYPE_BINARY) {
if (auth_key->local_password_type == PASSWORD_TYPE_ASCII ||
auth_key->local_password_type == PASSWORD_TYPE_BINARY) {
if ((auth_key->local_password_length !=
dfc_pwd->lpw.length) ||
(auth_key->local_password_type !=
dfc_pwd->lpw.type) ||
bcmp(dfc_pwd->lpw.password,
auth_key->local_password,
dfc_pwd->lpw.length)) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_set_auth_key: Invalid local password.");
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_COMPARE_FAILED);
}
}
if (auth_key->remote_password_type == PASSWORD_TYPE_ASCII ||
auth_key->remote_password_type == PASSWORD_TYPE_BINARY) {
if ((auth_key->remote_password_length ==
dfc_pwd->lpw_new.length) &&
(bcmp(dfc_pwd->lpw_new.password,
auth_key->remote_password,
dfc_pwd->lpw_new.length) == 0)) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_set_auth_key: nlpwd==crpwd");
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_LOCAL_REMOTE_PWD_EQUAL);
}
}
auth_key->local_password_length = dfc_pwd->lpw_new.length;
auth_key->local_password_type = dfc_pwd->lpw_new.type;
bzero(auth_key->local_password,
sizeof (auth_key->local_password));
length = min(dfc_pwd->lpw_new.length,
sizeof (auth_key->local_password));
bcopy(dfc_pwd->lpw_new.password,
auth_key->local_password, length);
}
if (dfc_pwd->rpw_new.type == PASSWORD_TYPE_ASCII ||
dfc_pwd->rpw_new.type == PASSWORD_TYPE_BINARY) {
if (auth_key->remote_password_type == PASSWORD_TYPE_ASCII ||
auth_key->remote_password_type == PASSWORD_TYPE_BINARY) {
if ((auth_key->remote_password_length !=
dfc_pwd->rpw.length) ||
(auth_key->remote_password_type !=
dfc_pwd->rpw.type) ||
bcmp(dfc_pwd->rpw.password,
auth_key->remote_password,
dfc_pwd->rpw.length)) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_set_auth_key: Invalid remote password.");
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_COMPARE_FAILED);
}
}
if (auth_key->local_password_type == PASSWORD_TYPE_ASCII ||
auth_key->local_password_type == PASSWORD_TYPE_BINARY) {
if ((auth_key->local_password_length ==
dfc_pwd->rpw_new.length) &&
(bcmp(dfc_pwd->rpw_new.password,
auth_key->local_password,
dfc_pwd->rpw_new.length) == 0)) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_dfc_error_msg,
"dhc_set_auth_key: nrpwd==clpwd");
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_LOCAL_REMOTE_PWD_EQUAL);
}
}
auth_key->remote_password_length = dfc_pwd->rpw_new.length;
auth_key->remote_password_type = dfc_pwd->rpw_new.type;
bzero(auth_key->remote_password,
sizeof (auth_key->remote_password));
length = min(dfc_pwd->rpw_new.length, 128);
bcopy(dfc_pwd->rpw_new.password,
auth_key->remote_password, length);
}
dfc_pwd->lpw.length = auth_key->local_password_length;
dfc_pwd->lpw.type = auth_key->local_password_type;
bzero(dfc_pwd->lpw.password, sizeof (dfc_pwd->lpw.password));
length = min(auth_key->local_password_length,
sizeof (dfc_pwd->lpw.password));
bcopy(auth_key->local_password, dfc_pwd->lpw.password, length);
dfc_pwd->rpw.length = auth_key->remote_password_length;
dfc_pwd->rpw.type = auth_key->remote_password_type;
bzero(dfc_pwd->rpw.password, sizeof (dfc_pwd->rpw.password));
length = min(auth_key->remote_password_length,
sizeof (dfc_pwd->rpw.password));
bcopy(auth_key->remote_password, dfc_pwd->rpw.password, length);
emlxs_auth_key_print(hba, auth_key);
mutex_exit(&hba->auth_lock);
return (0);
}
extern uint32_t
emlxs_dhc_get_auth_status(emlxs_hba_t *hba, dfc_auth_status_t *fcsp_status)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
char s_lwwpn[64];
char s_rwwpn[64];
emlxs_auth_cfg_t *auth_cfg;
dfc_auth_status_t *auth_status;
NODELIST *ndlp;
uint32_t rc;
time_t auth_time;
uint32_t update;
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_fcsp_debug_msg,
"dhc_get_auth_status. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
mutex_enter(&hba->auth_lock);
auth_cfg = emlxs_auth_cfg_get(hba, (uint8_t *)&fcsp_status->lwwpn,
(uint8_t *)&fcsp_status->rwwpn);
if (!auth_cfg) {
EMLXS_MSGF(EMLXS_CONTEXT, &emlxs_dfc_error_msg,
"dhc_get_auth_status: entry not found. %s:%s",
emlxs_wwn_xlate(s_lwwpn, sizeof (s_lwwpn),
(uint8_t *)&fcsp_status->lwwpn),
emlxs_wwn_xlate(s_rwwpn, sizeof (s_rwwpn),
(uint8_t *)&fcsp_status->rwwpn));
mutex_exit(&hba->auth_lock);
return (DFC_AUTH_NOT_CONFIGURED);
}
if (bcmp((uint8_t *)&fcsp_status->rwwpn,
(uint8_t *)emlxs_fabric_wwn, 8) == 0) {
auth_status = &port->port_dhc.auth_status;
auth_time = port->port_dhc.auth_time;
ndlp = emlxs_node_find_did(port, FABRIC_DID, 1);
} else {
auth_status = &auth_cfg->auth_status;
auth_time = auth_cfg->auth_time;
ndlp = auth_cfg->node;
}
update = 0;
if (ndlp && ndlp->nlp_active) {
emlxs_dhc_status(port, ndlp, 0, 0);
update = 1;
} else {
rc = DFC_AUTH_WWN_NOT_FOUND;
}
if (update) {
fcsp_status->auth_state = auth_status->auth_state;
fcsp_status->auth_failReason = auth_status->auth_failReason;
fcsp_status->type_priority = auth_status->type_priority;
fcsp_status->group_priority = auth_status->group_priority;
fcsp_status->hash_priority = auth_status->hash_priority;
fcsp_status->localAuth = auth_status->localAuth;
fcsp_status->remoteAuth = auth_status->remoteAuth;
fcsp_status->time_from_last_auth = DRV_TIME - auth_time;
fcsp_status->time_until_next_auth =
auth_status->time_until_next_auth;
rc = 0;
} else {
rc = DFC_AUTH_WWN_NOT_FOUND;
}
mutex_exit(&hba->auth_lock);
return (rc);
}
extern uint32_t
emlxs_dhc_get_auth_cfg_table(emlxs_hba_t *hba, dfc_fcsp_config_t *fcsp_cfg)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
emlxs_auth_cfg_t *auth_cfg;
uint32_t i;
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_get_auth_cfg_table. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
for (auth_cfg = hba->auth_cfg.next;
auth_cfg != &hba->auth_cfg;
auth_cfg = auth_cfg->next) {
bcopy((uint8_t *)&auth_cfg->local_entity,
(uint8_t *)&fcsp_cfg->lwwpn, 8);
bcopy((uint8_t *)&auth_cfg->remote_entity,
(uint8_t *)&fcsp_cfg->rwwpn, 8);
fcsp_cfg->auth_tov = auth_cfg->authentication_timeout;
fcsp_cfg->auth_mode = auth_cfg->authentication_mode;
fcsp_cfg->auth_bidir = auth_cfg->bidirectional;
for (i = 0; i < 4; i++) {
fcsp_cfg->type_priority[i] =
auth_cfg->authentication_type_priority[i];
fcsp_cfg->hash_priority[i] =
auth_cfg->hash_priority[i];
}
for (i = 0; i < 8; i++) {
fcsp_cfg->group_priority[i] =
auth_cfg->dh_group_priority[i];
}
fcsp_cfg->reauth_tov = auth_cfg->reauthenticate_time_interval;
fcsp_cfg++;
}
return (0);
}
extern uint32_t
emlxs_dhc_get_auth_key_table(emlxs_hba_t *hba, dfc_auth_password_t *auth_pwd)
{
emlxs_port_t *port = &PPORT;
emlxs_config_t *cfg = &CFG;
emlxs_auth_key_t *auth_key;
if (cfg[CFG_AUTH_ENABLE].current == 0) {
EMLXS_MSGF(EMLXS_CONTEXT,
&emlxs_fcsp_debug_msg,
"dhc_get_auth_key_table. Auth disabled.");
return (DFC_AUTH_AUTHENTICATION_DISABLED);
}
for (auth_key = hba->auth_key.next;
auth_key != &hba->auth_key;
auth_key = auth_key->next) {
bcopy((uint8_t *)&auth_key->local_entity,
(uint8_t *)&auth_pwd->lwwpn, 8);
bcopy((uint8_t *)&auth_key->remote_entity,
(uint8_t *)&auth_pwd->rwwpn, 8);
auth_pwd->lpw.length = auth_key->local_password_length;
auth_pwd->lpw.type = auth_key->local_password_type;
auth_pwd->rpw.length = auth_key->remote_password_length;
auth_pwd->rpw.type = auth_key->remote_password_type;
auth_pwd->lpw_new.length = auth_key->local_password_length;
auth_pwd->lpw_new.type = auth_key->local_password_type;
auth_pwd->rpw_new.length = auth_key->remote_password_length;
auth_pwd->rpw_new.type = auth_key->remote_password_type;
auth_pwd++;
}
return (0);
}
#endif
