mirror of https://github.com/acidanthera/audk.git
b8649cf2a3
IScsiDxe (that is, the initiator) receives two hex-encoded strings from
the iSCSI target:
- CHAP_C, where the target challenges the initiator,
- CHAP_R, where the target answers the challenge from the initiator (in
case the initiator wants mutual authentication).
Accordingly, we have two IScsiHexToBin() call sites:
- At the CHAP_C decoding site, check whether the decoding succeeds. The
decoded buffer ("AuthData->InChallenge") can accommodate 1024 bytes,
which is a permissible restriction on the target, per
<https://tools.ietf.org/html/rfc7143#section-12.1.3>. Shorter challenges
from the target are acceptable.
- At the CHAP_R decoding site, enforce that the decoding both succeed, and
provide exactly ISCSI_CHAP_RSP_LEN bytes. CHAP_R contains the digest
calculated by the target, therefore it must be of fixed size. We may
only call IScsiCHAPAuthTarget() if "TargetRsp" has been fully populated.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3356
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Message-Id: <20210608121259.32451-11-lersek@redhat.com>
|
||
|---|---|---|
| .. | ||
| ComponentName.c | ||
| IScsiAuthenticationInfo.c | ||
| IScsiCHAP.c | ||
| IScsiCHAP.h | ||
| IScsiConfig.c | ||
| IScsiConfig.h | ||
| IScsiConfigNVDataStruc.h | ||
| IScsiConfigStrings.uni | ||
| IScsiConfigVfr.vfr | ||
| IScsiDhcp.c | ||
| IScsiDhcp.h | ||
| IScsiDhcp6.c | ||
| IScsiDhcp6.h | ||
| IScsiDns.c | ||
| IScsiDns.h | ||
| IScsiDriver.c | ||
| IScsiDriver.h | ||
| IScsiDxe.inf | ||
| IScsiDxe.uni | ||
| IScsiDxeExtra.uni | ||
| IScsiExtScsiPassThru.c | ||
| IScsiIbft.c | ||
| IScsiIbft.h | ||
| IScsiImpl.h | ||
| IScsiInitiatorName.c | ||
| IScsiMisc.c | ||
| IScsiMisc.h | ||
| IScsiProto.c | ||
| IScsiProto.h | ||