Add support for CHAP using SHA1

Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
sahlberg · Jan 3, 2025 · 95a0d98 · 95a0d98
1 parent a92b413
commit 95a0d98
Show file tree

Hide file tree

Showing 12 changed files with 967 additions and 50 deletions.
diff --git a/README.md b/README.md
@@ -47,6 +47,7 @@ target_user=<account>
 target_password=<password>
 header_digest=<crc32c|none>
 data_digest=<crc32c|none>
+auth=<md5|sha1>
 Transport:
 iser
 

diff --git a/include/iscsi-private.h b/include/iscsi-private.h
@@ -72,7 +72,7 @@ struct iscsi_in_pdu {
 void iscsi_free_iscsi_in_pdu(struct iscsi_context *iscsi, struct iscsi_in_pdu *in);
 
 /* size of chap response field */
-#define CHAP_R_SIZE 16
+#define MAX_CHAP_R_SIZE 20 /* md5:16  sha1:20 */
 
 /* max length of chap challange */
 #define MAX_CHAP_C_LENGTH 2048
@@ -90,14 +90,15 @@ struct iscsi_context {
 	char alias[MAX_STRING_SIZE+1];
 	char bind_interfaces[MAX_STRING_SIZE+1];
 
+        enum iscsi_chap_auth chap_auth;
 	char user[MAX_STRING_SIZE+1];
 	char passwd[MAX_STRING_SIZE+1];
 	char chap_c[MAX_CHAP_C_LENGTH+1];
 
 	char target_user[MAX_STRING_SIZE+1];
 	char target_passwd[MAX_STRING_SIZE+1];
-	uint32_t target_chap_i;
-	unsigned char target_chap_r[CHAP_R_SIZE];
+	int target_chap_i;
+	char target_chap_r[MAX_CHAP_R_SIZE];
 
 	char error_string[MAX_STRING_SIZE+1];
 

diff --git a/include/iscsi.h b/include/iscsi.h
@@ -183,6 +183,21 @@ EXTERN int
 iscsi_set_initial_r2t(struct iscsi_context *iscsi, enum iscsi_initial_r2t initial_r2t);
 
 
+enum iscsi_chap_auth {
+	ISCSI_CHAP_MD5 = 5,
+	ISCSI_CHAP_SHA_1 = 6,
+#if 0        
+	ISCSI_CHAP_SHA_256 = 7,
+	ISCSI_CHAP_SHA3_256 = 8,
+#endif        
+};
+
+EXTERN enum iscsi_chap_auth
+iscsi_get_auth(struct iscsi_context *iscsi);
+
+EXTERN void
+iscsi_set_auth(struct iscsi_context *iscsi, enum iscsi_chap_auth auth);
+
 /*
  * This function is used to parse an iSCSI URL into a iscsi_url structure.
  * iSCSI URL format :

diff --git a/include/sha-private.h b/include/sha-private.h
@@ -0,0 +1,28 @@
+/*************************** sha-private.h ***************************/
+/********************** See RFC 4634 for details *********************/
+#ifndef _SHA_PRIVATE__H
+#define _SHA_PRIVATE__H
+/*
+ * These definitions are defined in FIPS-180-2, section 4.1.
+ * Ch() and Maj() are defined identically in sections 4.1.1,
+ * 4.1.2 and 4.1.3.
+ *
+ * The definitions used in FIPS-180-2 are as follows:
+ */
+
+#ifndef USE_MODIFIED_MACROS
+#define SHA_Ch(x,y,z)        (((x) & (y)) ^ ((~(x)) & (z)))
+#define SHA_Maj(x,y,z)       (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+
+#else /* USE_MODIFIED_MACROS */
+/*
+ * The following definitions are equivalent and potentially faster.
+ */
+
+#define SHA_Ch(x, y, z)      (((x) & ((y) ^ (z))) ^ (z))
+#define SHA_Maj(x, y, z)     (((x) & ((y) | (z))) | ((y) & (z)))
+#endif /* USE_MODIFIED_MACROS */
+
+#define SHA_Parity(x, y, z)  ((x) ^ (y) ^ (z))
+
+#endif /* _SHA_PRIVATE__H */