Hi,
I have tested your patch on 3.14.0-rc6+ and it works fine. Thanks
for patch.
On 13-06-2014 09:56 AM, Nicholas A. Bellinger wrote:
Hi Rahul,
On Mon, 2014-06-09 at 17:15 +0530, rahul.rane wrote:
Hi,
RFC 3720 Clause 11.1.4 says that the iSCSI target is expected to send a
Login reject when it receives the CHAP_C binary length value greater
than 1024 bytes.
However ,i find that LIO is accepting the CHAP_C of bunary length
exceeding 1024 bytes and sends a Login success which is an error. I am
sending CHAP_C value of binary length 2064 hex digits which is greater
than 1024 bytes.
please find the attachment for pcap.
RFC 3720 Clause 11.1.4
----------<snip>-----------
C and R are large-binary-values and their binary length (not the length of
the character string that represents them in encoded form) MUST not
exceed 1024 bytes.
----------<snip>-----------
Applying the following patch to enforce 1024 bytes of binary data for
CHAP_C.
Please confirm on your end.
Thank you,
--nab
diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c
index 9430eea..59cd242 100644
--- a/drivers/target/iscsi/iscsi_target_auth.c
+++ b/drivers/target/iscsi/iscsi_target_auth.c
@@ -355,6 +355,10 @@ static int chap_server_compute_md5(
pr_err("Unable to convert incoming challenge\n");
goto out;
}
+ if (challenge_len > 1024) {
+ pr_err("CHAP_C exceeds maximum binary size of 1024 bytes\n");
+ goto out;
+ }
/*
* During mutual authentication, the CHAP_C generated by the
* initiator must not match the original CHAP_C generated by
Thanks,
Rahul Rane
--
To unsubscribe from this list: send the line "unsubscribe target-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
