On 8/30/19 10:16 AM, David Disseldorp wrote:
> RFC 2307 states:
>
> For CHAP [RFC1994], in the first step, the initiator MUST send:
>
> CHAP_A=<A1,A2...>
>
> Where A1,A2... are proposed algorithms, in order of preference.
> ...
> For the Algorithm, as stated in [RFC1994], one value is required to
> be implemented:
>
> 5 (CHAP with MD5)
>
> LIO currently checks for this value by only comparing a single byte in
> the tokenized Algorithm string, which means that any value starting with
> a '5' (e.g. "55") is interpreted as "CHAP with MD5". Fix this by
> comparing the entire tokenized string.
>
> Signed-off-by: David Disseldorp <ddiss@xxxxxxx>
> ---
> drivers/target/iscsi/iscsi_target_auth.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c
> index 51ddca2033e0..8fe9b12a07a4 100644
> --- a/drivers/target/iscsi/iscsi_target_auth.c
> +++ b/drivers/target/iscsi/iscsi_target_auth.c
> @@ -70,7 +70,7 @@ static int chap_check_algorithm(const char *a_str)
> if (!token)
> goto out;
>
> - if (!strncmp(token, "5", 1)) {
> + if (!strcmp(token, "5")) {
> pr_debug("Selected MD5 Algorithm\n");
> kfree(orig);
> return CHAP_DIGEST_MD5;
>
Reviewed-by: Lee Duncan <lduncan@xxxxxxxx>
