- 11 Jul, 2014 1 commit
-
-
Nicholas Bellinger authored
commit 1d2b60a5 upstream. This patch adds an explicit check in chap_server_compute_md5() to ensure the CHAP_C value received from the initiator during mutual authentication does not match the original CHAP_C provided by the target. This is in line with RFC-3720, section 8.2.1: Originators MUST NOT reuse the CHAP challenge sent by the Responder for the other direction of a bidirectional authentication. Responders MUST check for this condition and close the iSCSI TCP connection if it occurs. Reported-by:
Tejas Vaykole <tejas.vaykole@calsoftinc.com> Signed-off-by:
Nicholas Bellinger <nab@linux-iscsi.org> Signed-off-by:
Ben Hutchings <ben@decadent.org.uk>
-
- 03 Jan, 2014 1 commit
-
-
Eric Seppanen authored
commit 86784c6b upstream. In iSCSI negotiations with initiator CHAP enabled, usernames with trailing garbage are permitted, because the string comparison only checks the strlen of the configured username. e.g. "usernameXXXXX" will be permitted to match "username". Just check one more byte so the trailing null char is also matched. Signed-off-by:
Eric Seppanen <eric@purestorage.com> Signed-off-by:
-
- 06 Dec, 2011 1 commit
-
-
Nicholas Bellinger authored
Fix the following compile warning with hex2bin() usage: drivers/target/iscsi/iscsi_target_auth.c: In function ‘chap_string_to_hex’: drivers/target/iscsi/iscsi_target_auth.c:35: warning: ignoring return value of ‘hex2bin’, declared with attribute warn_unused_result Signed-off-by:
-
- 24 Oct, 2011 1 commit
-
-
Andy Shevchenko authored
This patch converts chap_string_to_hex() to use hex2bin() instead of the internal chap_asciihex_to_binaryhex(). (nab: Fix up minor compile breakage + typo) Signed-off-by:
Andy Shevchenko <andriy.shevchenko@linux.intel.com> Cc: "Nicholas A. Bellinger" <nab@linux-iscsi.org> Signed-off-by:
-
- 26 Jul, 2011 1 commit
-
-
Nicholas Bellinger authored
The Linux-iSCSI.org target module is a full featured in-kernel software implementation of iSCSI target mode (RFC-3720) for the current WIP mainline target v4.1 infrastructure code for the v3.1 kernel. More information can be found here: http://linux-iscsi.org/wiki/ISCSI This includes support for: * RFC-3720 defined request / response state machines and support for all defined iSCSI operation codes from Section 10.2.1.2 using libiscsi include/scsi/iscsi_proto.h PDU definitions * Target v4.1 compatible control plane using the generic layout in target_core_fabric_configfs.c and fabric dependent attributes within /sys/kernel/config/target/iscsi/ subdirectories. * Target v4.1 compatible iSCSI statistics based on RFC-4544 (iSCSI MIBS) * Support for IPv6 and IPv4 network portals in M:N mapping to TPGs * iSCSI Error Recovery Hierarchy support * Per iSCSI connection RX/TX thread pair scheduling affinity * crc32c + crc32c_intel SSEv4 instruction offload support using libcrypto * CHAP Authentication support using libcrypto * Conversion to use internal SGl allocation with iscsit_alloc_buffs() -> transport_generic_map_mem_to_cmd() (nab: Fix iscsi_proto.h struct scsi_lun usage from linux-next in commit: iscsi: Use struct scsi_lun in iscsi structs instead of u8[8]) (nab: Fix 32-bit compile warnings) Reviewed-by:
Christoph Hellwig <hch@lst.de> Reviewed-by:
Andy Grover <agrover@redhat.com> Acked-by:
Roland Dreier <roland@kernel.org> Signed-off-by:
-
