diff options
| author |   Nicholas Bellinger <nab@linux-iscsi.org> | 2014-06-13 04:28:31 +0000 |
|---|---|---|
| committer | Nicholas Bellinger <nab@linux-iscsi.org> | 2014-06-26 20:56:42 -0700 |
| commit | e4fae2318b5ddd7aec0e65871f1b455b796cf33d (patch) | |
| tree | 40cd72769cbfe4aff41e428dc9b9206eb36bb4df /drivers/target/iscsi/iscsi_target_auth.c | |
| parent | iscsi-target: Convert chap_server_compute_md5 to use kstrtoul (diff) | |
| download | linux-dev-e4fae2318b5ddd7aec0e65871f1b455b796cf33d.tar.xz linux-dev-e4fae2318b5ddd7aec0e65871f1b455b796cf33d.zip | |
iscsi-target; Enforce 1024 byte maximum for CHAP_C key value
This patch adds a check in chap_server_compute_md5() to enforce a
1024 byte maximum for the CHAP_C key value following the requirement
in RFC-3720 Section 11.1.4:
"..., C and R are large-binary-values and their binary length (not
the length of the character string that represents them in encoded
form) MUST not exceed 1024 bytes."
Reported-by: rahul.rane <rahul.rane@calsoftinc.com>
Tested-by: rahul.rane <rahul.rane@calsoftinc.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Diffstat (limited to 'drivers/target/iscsi/iscsi_target_auth.c')
| -rw-r--r-- | drivers/target/iscsi/iscsi_target_auth.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c index 9430eea7c0d6..ab4915c0d933 100644 --- a/drivers/target/iscsi/iscsi_target_auth.c +++ b/drivers/target/iscsi/iscsi_target_auth.c @@ -355,6 +355,10 @@ static int chap_server_compute_md5( pr_err("Unable to convert incoming challenge\n"); goto out; } + if (challenge_len > 1024) { + pr_err("CHAP_C exceeds maximum binary size of 1024 bytes\n"); + goto out; + } /* * During mutual authentication, the CHAP_C generated by the * initiator must not match the original CHAP_C generated by |