From owner-svn-src-all@FreeBSD.ORG Sun Nov 23 04:17:40 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8E84F4C5; Sun, 23 Nov 2014 04:17:40 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6BD07F97; Sun, 23 Nov 2014 04:17:40 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sAN4HeTI006061; Sun, 23 Nov 2014 04:17:40 GMT (envelope-from mav@FreeBSD.org) Received: (from mav@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id sAN4HebY006059; Sun, 23 Nov 2014 04:17:40 GMT (envelope-from mav@FreeBSD.org) Message-Id: <201411230417.sAN4HebY006059@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: mav set sender to mav@FreeBSD.org using -f From: Alexander Motin Date: Sun, 23 Nov 2014 04:17:40 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r274909 - in stable/10/usr.sbin: ctld iscsid X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Nov 2014 04:17:40 -0000 Author: mav Date: Sun Nov 23 04:17:39 2014 New Revision: 274909 URL: https://svnweb.freebsd.org/changeset/base/274909 Log: MFC r274328: Make both iSCSI initiator and target support base64 encoded CHAP data. While all tested initiators and targets use hex-encoded CHAP data, RFC also allows base64 encoding there, and Microsoft certificaition tool uses it. Modified: stable/10/usr.sbin/ctld/chap.c stable/10/usr.sbin/iscsid/chap.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/ctld/chap.c ============================================================================== --- stable/10/usr.sbin/ctld/chap.c Sun Nov 23 01:08:42 2014 (r274908) +++ stable/10/usr.sbin/ctld/chap.c Sun Nov 23 04:17:39 2014 (r274909) @@ -33,6 +33,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include +#include #include #include #include @@ -105,6 +107,29 @@ chap_hex2int(const char hex) } } +static int +chap_b642bin(const char *b64, void **binp, size_t *bin_lenp) +{ + char *bin; + int b64_len, bin_len; + + b64_len = strlen(b64); + bin_len = (b64_len + 3) / 4 * 3; + bin = calloc(bin_len, 1); + if (bin == NULL) + log_err(1, "calloc"); + + bin_len = b64_pton(b64, bin, bin_len); + if (bin_len < 0) { + log_warnx("malformed base64 variable"); + free(bin); + return (-1); + } + *binp = bin; + *bin_lenp = bin_len; + return (0); +} + /* * XXX: Review this _carefully_. */ @@ -116,8 +141,12 @@ chap_hex2bin(const char *hex, void **bin char *bin; size_t bin_off, bin_len; + if (strncasecmp(hex, "0b", strlen("0b")) == 0) + return (chap_b642bin(hex + 2, binp, bin_lenp)); + if (strncasecmp(hex, "0x", strlen("0x")) != 0) { - log_warnx("malformed variable, should start with \"0x\""); + log_warnx("malformed variable, should start with \"0x\"" + " or \"0b\""); return (-1); } @@ -160,6 +189,25 @@ chap_hex2bin(const char *hex, void **bin return (0); } +#ifdef USE_BASE64 +static char * +chap_bin2hex(const char *bin, size_t bin_len) +{ + unsigned char *b64, *tmp; + size_t b64_len; + + b64_len = (bin_len + 2) / 3 * 4 + 3; /* +2 for "0b", +1 for '\0'. */ + b64 = malloc(b64_len); + if (b64 == NULL) + log_err(1, "malloc"); + + tmp = b64; + tmp += sprintf(tmp, "0b"); + b64_ntop(bin, bin_len, tmp, b64_len - 2); + + return (b64); +} +#else static char * chap_bin2hex(const char *bin, size_t bin_len) { @@ -181,6 +229,7 @@ chap_bin2hex(const char *bin, size_t bin return (hex); } +#endif /* !USE_BASE64 */ struct chap * chap_new(void) Modified: stable/10/usr.sbin/iscsid/chap.c ============================================================================== --- stable/10/usr.sbin/iscsid/chap.c Sun Nov 23 01:08:42 2014 (r274908) +++ stable/10/usr.sbin/iscsid/chap.c Sun Nov 23 04:17:39 2014 (r274909) @@ -33,6 +33,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include +#include #include #include #include @@ -105,6 +107,29 @@ chap_hex2int(const char hex) } } +static int +chap_b642bin(const char *b64, void **binp, size_t *bin_lenp) +{ + char *bin; + int b64_len, bin_len; + + b64_len = strlen(b64); + bin_len = (b64_len + 3) / 4 * 3; + bin = calloc(bin_len, 1); + if (bin == NULL) + log_err(1, "calloc"); + + bin_len = b64_pton(b64, bin, bin_len); + if (bin_len < 0) { + log_warnx("malformed base64 variable"); + free(bin); + return (-1); + } + *binp = bin; + *bin_lenp = bin_len; + return (0); +} + /* * XXX: Review this _carefully_. */ @@ -116,8 +141,12 @@ chap_hex2bin(const char *hex, void **bin char *bin; size_t bin_off, bin_len; + if (strncasecmp(hex, "0b", strlen("0b")) == 0) + return (chap_b642bin(hex + 2, binp, bin_lenp)); + if (strncasecmp(hex, "0x", strlen("0x")) != 0) { - log_warnx("malformed variable, should start with \"0x\""); + log_warnx("malformed variable, should start with \"0x\"" + " or \"0b\""); return (-1); } @@ -160,6 +189,25 @@ chap_hex2bin(const char *hex, void **bin return (0); } +#ifdef USE_BASE64 +static char * +chap_bin2hex(const char *bin, size_t bin_len) +{ + unsigned char *b64, *tmp; + size_t b64_len; + + b64_len = (bin_len + 2) / 3 * 4 + 3; /* +2 for "0b", +1 for '\0'. */ + b64 = malloc(b64_len); + if (b64 == NULL) + log_err(1, "malloc"); + + tmp = b64; + tmp += sprintf(tmp, "0b"); + b64_ntop(bin, bin_len, tmp, b64_len - 2); + + return (b64); +} +#else static char * chap_bin2hex(const char *bin, size_t bin_len) { @@ -181,6 +229,7 @@ chap_bin2hex(const char *bin, size_t bin return (hex); } +#endif /* !USE_BASE64 */ struct chap * chap_new(void)