Re: [PATCHv5 00/12] nvme: In-band authentication support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Hannes, was the issue on the host side or the controller side?

The issue was actually on the host side.

I'm a little lost into what was the actual fix...

The basic fix was this:

@@ -927,13 +944,17 @@ static int nvme_auth_dhchap_host_response(struct
nvme_ctrl
  *ctrl,

         if (!chap->host_response) {
                 chap->host_response =
nvme_auth_transform_key(ctrl->dhchap_key,
-                                       ctrl->dhchap_key_len, chap->hash_id,
+                                       ctrl->dhchap_key_len,
+                                       ctrl->dhchap_key_hash,
                                         ctrl->opts->host->nqn);
                 if (IS_ERR(chap->host_response)) {
                         ret = PTR_ERR(chap->host_response);
                         chap->host_response = NULL;
                         return ret;
                 }


(minus the linebreaks, of course).
'chap->hash_id' is the hash selected by the initial negotiation, which
is wrong as we should have used the hash function selected by the key
itself.

Makes sense. thanks.



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux