3160723c49
The target is failing to handle list of CHAP_A key-value pair form initiator.The target is expecting CHAP_A=5 always. In other cases, where initiator sends list (for example) CHAP_A=6,5 target is failing the security negotiation. Which is incorrect. This patch handles the case (RFC 3720 section 11.1.4). where in the initiator may send list of CHAP_A values and target replies with appropriate CHAP_A value in response (Drop whitespaces + rename to chap_check_algorithm + save original pointer + add explicit check for CHAP_A key - nab) Signed-off-by: Tejas Vaykole <tejas.vaykole@calsoftinc.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
32 lines
861 B
C
32 lines
861 B
C
#ifndef _ISCSI_CHAP_H_
|
|
#define _ISCSI_CHAP_H_
|
|
|
|
#define CHAP_DIGEST_UNKNOWN 0
|
|
#define CHAP_DIGEST_MD5 5
|
|
#define CHAP_DIGEST_SHA 6
|
|
|
|
#define CHAP_CHALLENGE_LENGTH 16
|
|
#define CHAP_CHALLENGE_STR_LEN 4096
|
|
#define MAX_RESPONSE_LENGTH 64 /* sufficient for MD5 */
|
|
#define MAX_CHAP_N_SIZE 512
|
|
|
|
#define MD5_SIGNATURE_SIZE 16 /* 16 bytes in a MD5 message digest */
|
|
|
|
#define CHAP_STAGE_CLIENT_A 1
|
|
#define CHAP_STAGE_SERVER_AIC 2
|
|
#define CHAP_STAGE_CLIENT_NR 3
|
|
#define CHAP_STAGE_CLIENT_NRIC 4
|
|
#define CHAP_STAGE_SERVER_NR 5
|
|
|
|
extern u32 chap_main_loop(struct iscsi_conn *, struct iscsi_node_auth *, char *, char *,
|
|
int *, int *);
|
|
|
|
struct iscsi_chap {
|
|
unsigned char digest_type;
|
|
unsigned char id;
|
|
unsigned char challenge[CHAP_CHALLENGE_LENGTH];
|
|
unsigned int authenticate_target;
|
|
unsigned int chap_state;
|
|
} ____cacheline_aligned;
|
|
|
|
#endif /*** _ISCSI_CHAP_H_ ***/
|