Hi Tejas,
Looks fine. Just a few minor nits that I'm fixing up ahead of applying,
see below.
On Fri, 2014-05-30 at 12:19 +0530, Tejas Vaykole wrote:
> From 47d7faa9bd7ae50042aa10c7eb34b2bd1519fe63 Mon Sep 17 00:00:00 2001
> From: Tejas Vaykole <tejas.vaykole@xxxxxxxxxxxxxx>
> Date: Fri, 30 May 2014 11:13:47 +0530
> Subject: [PATCH] target: Target Error in handling CHAP_A in a List.
>
> The target is failing to handle list of CHAP_A key-value pair form
> initiator.The target is expecting CHAP_A=5 always. In other cases,
> where initiator sends list (for example) CHAP_A=6,5 target is failing
> the security negotiation. Which is incorrect.
>
> This patch handles the case (RFC 3720 section 11.1.4).
> where in the initiator may send list of CHAP_A values and target replies
> with appropriate CHAP_A value in response
>
> Signed-off-by: Tejas Vaykole <tejas.vaykole@xxxxxxxxxxxxxx>
> ---
> drivers/target/iscsi/iscsi_target_auth.c | 57 ++++++++++++++++++++++++--------
> drivers/target/iscsi/iscsi_target_auth.h | 1 +
> 2 files changed, 45 insertions(+), 13 deletions(-)
>
> diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c
> index de77d9a..a68804d 100644
> --- a/drivers/target/iscsi/iscsi_target_auth.c
> +++ b/drivers/target/iscsi/iscsi_target_auth.c
> @@ -72,6 +72,33 @@ static void chap_gen_challenge(
> }
>
>
> +static int check_algorithm(const char *a_str)
> +{
> + char *tmp = NULL;
> + char *token = NULL;
> + tmp = kstrdup(a_str, GFP_KERNEL);
> + if (!tmp) {
> + pr_err("Memory allocation failed for CHAP_A temperory buffer\n");
Incorrect spelling of temporary, fixed.
> + return CHAP_DIGEST_UNKNOWN;
> + }
> + token = strsep(&tmp , "=");
Extra whitespace after '&tmp', fixed.
> + while (token) {
> + token = strsep(&tmp , ",");
Extra whitespace after '&tmp', fixed.
> + if (!token) {
> + kfree(tmp);
> + return CHAP_DIGEST_UNKNOWN;
> + }
> + if (!strncmp(token, "5", 1)) {
> + pr_debug("Selected MD5 Algorithm\n");
> + kfree(tmp);
> + return CHAP_DIGEST_MD5;
> + }
> + }
> + kfree(tmp);
> + return CHAP_DIGEST_UNKNOWN;
> +}
> +
> +
> static struct iscsi_chap *chap_server_open(
> struct iscsi_conn *conn,
> struct iscsi_node_auth *auth,
> @@ -79,6 +106,7 @@ static struct iscsi_chap *chap_server_open(
> char *aic_str,
> unsigned int *aic_len)
> {
> + int ret;
> struct iscsi_chap *chap;
>
> if (!(auth->naf_flags & NAF_USERID_SET) ||
> @@ -93,21 +121,24 @@ static struct iscsi_chap *chap_server_open(
> return NULL;
>
> chap = conn->auth_protocol;
> - /*
> - * We only support MD5 MDA presently.
> - */
> - if (strncmp(a_str, "CHAP_A=5", 8)) {
> - pr_err("CHAP_A is not MD5.\n");
> + ret = check_algorithm(a_str);
> + switch (ret) {
> + case CHAP_DIGEST_MD5:
> + pr_debug("[server] Got CHAP_A=5\n");
> + /*
> + * Send back CHAP_A set to MD5.
> + */
> + *aic_len = sprintf(aic_str, "CHAP_A=5");
> + *aic_len += 1;
> + chap->digest_type = CHAP_DIGEST_MD5;
> + pr_debug("[server] Sending CHAP_A=%d\n", chap->digest_type);
> + break;
> + case CHAP_DIGEST_UNKNOWN:
> + default:
> + pr_err("Unknown CHAP_A.\n");
> return NULL;
> }
> - pr_debug("[server] Got CHAP_A=5\n");
> - /*
> - * Send back CHAP_A set to MD5.
> - */
> - *aic_len = sprintf(aic_str, "CHAP_A=5");
> - *aic_len += 1;
> - chap->digest_type = CHAP_DIGEST_MD5;
> - pr_debug("[server] Sending CHAP_A=%d\n", chap->digest_type);
> +
> /*
> * Set Identifier.
> */
Applied to target-pending/for-next.
Thanks!
--nab
--
To unsubscribe from this list: send the line "unsubscribe target-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
