summaryrefslogtreecommitdiff
path: root/drivers/target/iscsi/iscsi_target_auth.c
diff options
context:
space:
mode:
authorMaurizio Lombardi <mlombard@redhat.com>2019-10-17 16:10:36 +0300
committerMartin K. Petersen <martin.petersen@oracle.com>2019-11-06 08:13:24 +0300
commit19f5f88ed779180f16e236949e18389a0dca4aae (patch)
tree3eaf0f11fe05e4e7d02183a12f4c6e0d524f1780 /drivers/target/iscsi/iscsi_target_auth.c
parenta572d24af4d16e70743feb0b4decb17aaae7ce43 (diff)
downloadlinux-19f5f88ed779180f16e236949e18389a0dca4aae.tar.xz
scsi: target: iscsi: tie the challenge length to the hash digest size
Link: https://lore.kernel.org/r/20191017131037.9903-3-mlombard@redhat.com Signed-off-by: Maurizio Lombardi <mlombard@redhat.com> Tested-by: Chris Leech <cleech@redhat.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Diffstat (limited to 'drivers/target/iscsi/iscsi_target_auth.c')
-rw-r--r--drivers/target/iscsi/iscsi_target_auth.c37
1 files changed, 26 insertions, 11 deletions
diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c
index b09f20842e40..f3973ab19da2 100644
--- a/drivers/target/iscsi/iscsi_target_auth.c
+++ b/drivers/target/iscsi/iscsi_target_auth.c
@@ -41,16 +41,21 @@ static int chap_gen_challenge(
unsigned int *c_len)
{
int ret;
- unsigned char challenge_asciihex[CHAP_CHALLENGE_LENGTH * 2 + 1];
+ unsigned char *challenge_asciihex;
struct iscsi_chap *chap = conn->auth_protocol;
- memset(challenge_asciihex, 0, CHAP_CHALLENGE_LENGTH * 2 + 1);
+ challenge_asciihex = kzalloc(chap->challenge_len * 2 + 1, GFP_KERNEL);
+ if (!challenge_asciihex)
+ return -ENOMEM;
- ret = get_random_bytes_wait(chap->challenge, CHAP_CHALLENGE_LENGTH);
+ memset(chap->challenge, 0, MAX_CHAP_CHALLENGE_LEN);
+
+ ret = get_random_bytes_wait(chap->challenge, chap->challenge_len);
if (unlikely(ret))
- return ret;
+ goto out;
+
bin2hex(challenge_asciihex, chap->challenge,
- CHAP_CHALLENGE_LENGTH);
+ chap->challenge_len);
/*
* Set CHAP_C, and copy the generated challenge into c_str.
*/
@@ -59,7 +64,10 @@ static int chap_gen_challenge(
pr_debug("[%s] Sending CHAP_C=0x%s\n\n", (caller) ? "server" : "client",
challenge_asciihex);
- return 0;
+
+out:
+ kfree(challenge_asciihex);
+ return ret;
}
static int chap_test_algorithm(const char *name)
@@ -171,6 +179,9 @@ static struct iscsi_chap *chap_server_open(
chap->digest_name = chap_get_digest_name(digest_type);
+ /* Tie the challenge length to the digest size */
+ chap->challenge_len = chap->digest_size;
+
pr_debug("[server] Got CHAP_A=%d\n", digest_type);
*aic_len = sprintf(aic_str, "CHAP_A=%d", digest_type);
*aic_len += 1;
@@ -334,21 +345,23 @@ static int chap_server_compute_hash(
}
ret = crypto_shash_finup(desc, chap->challenge,
- CHAP_CHALLENGE_LENGTH, server_digest);
+ chap->challenge_len, server_digest);
if (ret < 0) {
pr_err("crypto_shash_finup() failed for challenge\n");
goto out;
}
bin2hex(response, server_digest, chap->digest_size);
- pr_debug("[server] %s Server Digest: %s\n", hash_name, response);
+ pr_debug("[server] %s Server Digest: %s\n",
+ chap->digest_name, response);
if (memcmp(server_digest, client_digest, chap->digest_size) != 0) {
- pr_debug("[server] %s Digests do not match!\n\n", hash_name);
+ pr_debug("[server] %s Digests do not match!\n\n",
+ chap->digest_name);
goto out;
} else
pr_debug("[server] %s Digests match, CHAP connection"
- " successful.\n\n", hash_name);
+ " successful.\n\n", chap->digest_name);
/*
* One way authentication has succeeded, return now if mutual
* authentication is not enabled.
@@ -414,7 +427,9 @@ static int chap_server_compute_hash(
* initiator must not match the original CHAP_C generated by
* the target.
*/
- if (!memcmp(challenge_binhex, chap->challenge, CHAP_CHALLENGE_LENGTH)) {
+ if (challenge_len == chap->challenge_len &&
+ !memcmp(challenge_binhex, chap->challenge,
+ challenge_len)) {
pr_err("initiator CHAP_C matches target CHAP_C, failing"
" login attempt\n");
goto out;