[PATCH] Fix outgoing authentication bugs

FUJITA Tomonori fujita.tomonori
Thu Apr 5 07:11:48 CEST 2007 

In the case of outgoing authentication, account_lookup() copies a user name.

Signed-off-by: FUJITA Tomonori <fujita.tomonori at lab.ntt.co.jp>
---
 usr/iscsi/chap.c |    6 ++++--
 usr/target.c     |    6 ++++--
 usr/tgtd.h       |    2 +-
 3 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/usr/iscsi/chap.c b/usr/iscsi/chap.c
index c92275d..fc6fd8f 100644
--- a/usr/iscsi/chap.c
+++ b/usr/iscsi/chap.c
@@ -405,7 +405,8 @@ static int chap_initiator_auth_check_response(struct iscsi_connection *conn)
 	}
 
 	memset(pass, 0, sizeof(pass));
-	err = account_lookup(conn->tid, AUTH_DIR_INCOMING, value, pass, ISCSI_NAME_LEN);
+	err = account_lookup(conn->tid, AUTH_DIR_INCOMING, value, 0, pass,
+			     ISCSI_NAME_LEN);
 	if (err) {
 		eprintf("No valid user/pass combination for initiator %s "
 			    "found\n", conn->initiator);
@@ -502,7 +503,8 @@ static int chap_target_auth_create_response(struct iscsi_connection *conn)
 
 	memset(pass, 0, sizeof(pass));
 	memset(name, 0, sizeof(name));
-	err = account_lookup(conn->tid, AUTH_DIR_OUTGOING, name, pass, ISCSI_NAME_LEN);
+	err = account_lookup(conn->tid, AUTH_DIR_OUTGOING, name, sizeof(name),
+			     pass, sizeof(pass));
 	if (err) {
 		log_warning("CHAP target auth.: "
 			    "no outgoing credentials configured%s",
diff --git a/usr/target.c b/usr/target.c
index 8c1adf6..0178291 100644
--- a/usr/target.c
+++ b/usr/target.c
@@ -698,7 +698,7 @@ static struct account_entry *__account_lookup_user(char *user)
 	return NULL;
 }
 
-int account_lookup(int tid, int type, char *user, char *password, int plen)
+int account_lookup(int tid, int type, char *user, int ulen, char *password, int plen)
 {
 	int i;
 	struct target *target;
@@ -718,8 +718,10 @@ int account_lookup(int tid, int type, char *user, char *password, int plen)
 		}
 	} else {
 		ac = __account_lookup_id(target->account.out_aid);
-		if (ac)
+		if (ac) {
+			strncpy(user, ac->user, ulen);
 			goto found;
+		}
 	}
 
 	return -ENOENT;
diff --git a/usr/tgtd.h b/usr/tgtd.h
index 7eecc0a..546c078 100644
--- a/usr/tgtd.h
+++ b/usr/tgtd.h
@@ -158,7 +158,7 @@ extern int acl_add(int tid, char *address);
 extern void acl_del(int tid, char *address);
 extern char *acl_get(int tid, int idx);
 
-extern int account_lookup(int tid, int type, char *user, char *password, int plen);
+extern int account_lookup(int tid, int type, char *user, int ulen, char *password, int plen);
 extern int account_add(char *user, char *password);
 extern void account_del(char *user);
 extern int account_ctl(int tid, int type, char *user, int bind);
-- 
1.4.4.3

More information about the stgt mailing list