MFC r273459:

Untangle iSCSI authentication code by splitting off the CHAP
implementation.

Sponsored by:	The FreeBSD Foundation

usr.sbin/ctld/Makefile

@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PROG=		ctld
-SRCS=		ctld.c discovery.c kernel.c keys.c log.c login.c parse.y pdu.c token.l y.tab.h
+SRCS=		chap.c ctld.c discovery.c kernel.c keys.c log.c login.c parse.y pdu.c token.l y.tab.h
 CFLAGS+=	-I${.CURDIR}
 CFLAGS+=	-I${.CURDIR}/../../sys
 CFLAGS+=	-I${.CURDIR}/../../sys/cam/ctl

usr.sbin/ctld/chap.c

@@ -0,0 +1,386 @@
+/*-
+ * Copyright (c) 2014 The FreeBSD Foundation
+ * All rights reserved.
+ *
+ * This software was developed by Edward Tomasz Napierala under sponsorship
+ * from the FreeBSD Foundation.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <assert.h>
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/md5.h>
+#include <openssl/rand.h>
+
+#include "ctld.h"
+
+static void
+chap_compute_md5(const char id, const char *secret,
+    const void *challenge, size_t challenge_len, void *response,
+    size_t response_len)
+{
+	MD5_CTX ctx;
+	int rv;
+
+	assert(response_len == MD5_DIGEST_LENGTH);
+
+	MD5_Init(&ctx);
+	MD5_Update(&ctx, &id, sizeof(id));
+	MD5_Update(&ctx, secret, strlen(secret));
+	MD5_Update(&ctx, challenge, challenge_len);
+	rv = MD5_Final(response, &ctx);
+	if (rv != 1)
+		log_errx(1, "MD5_Final");
+}
+
+static int
+chap_hex2int(const char hex)
+{
+	switch (hex) {
+	case '0':
+		return (0x00);
+	case '1':
+		return (0x01);
+	case '2':
+		return (0x02);
+	case '3':
+		return (0x03);
+	case '4':
+		return (0x04);
+	case '5':
+		return (0x05);
+	case '6':
+		return (0x06);
+	case '7':
+		return (0x07);
+	case '8':
+		return (0x08);
+	case '9':
+		return (0x09);
+	case 'a':
+	case 'A':
+		return (0x0a);
+	case 'b':
+	case 'B':
+		return (0x0b);
+	case 'c':
+	case 'C':
+		return (0x0c);
+	case 'd':
+	case 'D':
+		return (0x0d);
+	case 'e':
+	case 'E':
+		return (0x0e);
+	case 'f':
+	case 'F':
+		return (0x0f);
+	default:
+		return (-1);
+	}
+}
+
+/*
+ * XXX: Review this _carefully_.
+ */
+static int
+chap_hex2bin(const char *hex, void **binp, size_t *bin_lenp)
+{
+	int i, hex_len, nibble;
+	bool lo = true; /* As opposed to 'hi'. */
+	char *bin;
+	size_t bin_off, bin_len;
+
+	if (strncasecmp(hex, "0x", strlen("0x")) != 0) {
+		log_warnx("malformed variable, should start with \"0x\"");
+		return (-1);
+	}
+
+	hex += strlen("0x");
+	hex_len = strlen(hex);
+	if (hex_len < 1) {
+		log_warnx("malformed variable; doesn't contain anything "
+		    "but \"0x\"");
+		return (-1);
+	}
+
+	bin_len = hex_len / 2 + hex_len % 2;
+	bin = calloc(bin_len, 1);
+	if (bin == NULL)
+		log_err(1, "calloc");
+
+	bin_off = bin_len - 1;
+	for (i = hex_len - 1; i >= 0; i--) {
+		nibble = chap_hex2int(hex[i]);
+		if (nibble < 0) {
+			log_warnx("malformed variable, invalid char \"%c\"",
+			    hex[i]);
+			free(bin);
+			return (-1);
+		}
+
+		assert(bin_off < bin_len);
+		if (lo) {
+			bin[bin_off] = nibble;
+			lo = false;
+		} else {
+			bin[bin_off] |= nibble << 4;
+			bin_off--;
+			lo = true;
+		}
+	}
+
+	*binp = bin;
+	*bin_lenp = bin_len;
+	return (0);
+}
+
+static char *
+chap_bin2hex(const char *bin, size_t bin_len)
+{
+	unsigned char *hex, *tmp, ch;
+	size_t hex_len;
+	size_t i;
+
+	hex_len = bin_len * 2 + 3; /* +2 for "0x", +1 for '\0'. */
+	hex = malloc(hex_len);
+	if (hex == NULL)
+		log_err(1, "malloc");
+
+	tmp = hex;
+	tmp += sprintf(tmp, "0x");
+	for (i = 0; i < bin_len; i++) {
+		ch = bin[i];
+		tmp += sprintf(tmp, "%02x", ch);
+	}
+
+	return (hex);
+}
+
+struct chap *
+chap_new(void)
+{
+	struct chap *chap;
+	int rv;
+
+	chap = calloc(sizeof(*chap), 1);
+	if (chap == NULL)
+		log_err(1, "calloc");
+
+	/*
+	 * Generate the challenge.
+	 */
+	rv = RAND_bytes(chap->chap_challenge, sizeof(chap->chap_challenge));
+	if (rv != 1) {
+		log_errx(1, "RAND_bytes failed: %s",
+		    ERR_error_string(ERR_get_error(), NULL));
+	}
+	rv = RAND_bytes(&chap->chap_id, sizeof(chap->chap_id));
+	if (rv != 1) {
+		log_errx(1, "RAND_bytes failed: %s",
+		    ERR_error_string(ERR_get_error(), NULL));
+	}
+
+	return (chap);
+}
+
+char *
+chap_get_id(const struct chap *chap)
+{
+	char *chap_i;
+	int ret;
+
+	ret = asprintf(&chap_i, "%d", chap->chap_id);
+	if (ret < 0)
+		log_err(1, "asprintf");
+
+	return (chap_i);
+}
+
+char *
+chap_get_challenge(const struct chap *chap)
+{
+	char *chap_c;
+
+	chap_c = chap_bin2hex(chap->chap_challenge,
+	    sizeof(chap->chap_challenge));
+
+	return (chap_c);
+}
+
+static int
+chap_receive_bin(struct chap *chap, void *response, size_t response_len)
+{
+
+	if (response_len != sizeof(chap->chap_response)) {
+		log_debugx("got CHAP response with invalid length; "
+		    "got %zd, should be %zd",
+		    response_len, sizeof(chap->chap_response));
+		return (1);
+	}
+
+	memcpy(chap->chap_response, response, response_len);
+	return (0);
+}
+
+int
+chap_receive(struct chap *chap, const char *response)
+{
+	void *response_bin;
+	size_t response_bin_len;
+	int error;
+
+	error = chap_hex2bin(response, &response_bin, &response_bin_len);
+	if (error != 0) {
+		log_debugx("got incorrectly encoded CHAP response \"%s\"",
+		    response);
+		return (1);
+	}
+
+	error = chap_receive_bin(chap, response_bin, response_bin_len);
+	free(response_bin);
+
+	return (error);
+}
+
+int
+chap_authenticate(struct chap *chap, const char *secret)
+{
+	char expected_response[MD5_DIGEST_LENGTH];
+
+	chap_compute_md5(chap->chap_id, secret,
+	    chap->chap_challenge, sizeof(chap->chap_challenge),
+	    expected_response, sizeof(expected_response));
+
+	if (memcmp(chap->chap_response,
+	    expected_response, sizeof(expected_response)) != 0) {
+		return (-1);
+	}
+
+	return (0);
+}
+
+void
+chap_delete(struct chap *chap)
+{
+
+	free(chap);
+}
+
+struct rchap *
+rchap_new(const char *secret)
+{
+	struct rchap *rchap;
+
+	rchap = calloc(sizeof(*rchap), 1);
+	if (rchap == NULL)
+		log_err(1, "calloc");
+
+	rchap->rchap_secret = checked_strdup(secret);
+
+	return (rchap);
+}
+
+static void
+rchap_receive_bin(struct rchap *rchap, const unsigned char id,
+    const void *challenge, size_t challenge_len)
+{
+
+	rchap->rchap_id = id;
+	rchap->rchap_challenge = calloc(challenge_len, 1);
+	if (rchap->rchap_challenge == NULL)
+		log_err(1, "calloc");
+	memcpy(rchap->rchap_challenge, challenge, challenge_len);
+	rchap->rchap_challenge_len = challenge_len;
+}
+
+int
+rchap_receive(struct rchap *rchap, const char *id, const char *challenge)
+{
+	unsigned char id_bin;
+	void *challenge_bin;
+	size_t challenge_bin_len;
+
+	int error;
+
+	id_bin = strtoul(id, NULL, 10);
+
+	error = chap_hex2bin(challenge, &challenge_bin, &challenge_bin_len);
+	if (error != 0) {
+		log_debugx("got incorrectly encoded CHAP challenge \"%s\"",
+		    challenge);
+		return (1);
+	}
+
+	rchap_receive_bin(rchap, id_bin, challenge_bin, challenge_bin_len);
+	free(challenge_bin);
+
+	return (0);
+}
+
+static void
+rchap_get_response_bin(struct rchap *rchap,
+    void **responsep, size_t *response_lenp)
+{
+	void *response_bin;
+	size_t response_bin_len = MD5_DIGEST_LENGTH;
+
+	response_bin = calloc(response_bin_len, 1);
+	if (response_bin == NULL)
+		log_err(1, "calloc");
+
+	chap_compute_md5(rchap->rchap_id, rchap->rchap_secret,
+	    rchap->rchap_challenge, rchap->rchap_challenge_len,
+	    response_bin, response_bin_len);
+
+	*responsep = response_bin;
+	*response_lenp = response_bin_len;
+}
+
+char *
+rchap_get_response(struct rchap *rchap)
+{
+	void *response;
+	size_t response_len;
+	char *chap_r;
+
+	rchap_get_response_bin(rchap, &response, &response_len);
+	chap_r = chap_bin2hex(response, response_len);
+	free(response);
+
+	return (chap_r);
+}
+
+void
+rchap_delete(struct rchap *rchap)
+{
+
+	free(rchap->rchap_secret);
+	free(rchap->rchap_challenge);
+	free(rchap);
+}

usr.sbin/ctld/ctld.h

@@ -39,6 +39,7 @@
 #include <sys/socket.h>
 #include <stdbool.h>
 #include <libutil.h>
+#include <openssl/md5.h>
 
 #define	DEFAULT_CONFIG_PATH		"/etc/ctl.conf"
 #define	DEFAULT_PIDFILE			"/var/run/ctld.pid"
@@ -207,6 +208,35 @@ struct keys {
 	size_t		keys_data_len;
 };
 
+#define	CHAP_CHALLENGE_LEN	1024
+
+struct chap {
+	unsigned char	chap_id;
+	char		chap_challenge[CHAP_CHALLENGE_LEN];
+	char		chap_response[MD5_DIGEST_LENGTH];
+};
+
+struct rchap {
+	char		*rchap_secret;
+	unsigned char	rchap_id;
+	void		*rchap_challenge;
+	size_t		rchap_challenge_len;
+};
+
+struct chap		*chap_new(void);
+char			*chap_get_id(const struct chap *chap);
+char			*chap_get_challenge(const struct chap *chap);
+int			chap_receive(struct chap *chap, const char *response);
+int			chap_authenticate(struct chap *chap,
+			    const char *secret);
+void			chap_delete(struct chap *chap);
+
+struct rchap		*rchap_new(const char *secret);
+int			rchap_receive(struct rchap *rchap,
+			    const char *id, const char *challenge);
+char			*rchap_get_response(struct rchap *rchap);
+void			rchap_delete(struct rchap *rchap);
+
 struct conf		*conf_new(void);
 struct conf		*conf_new_from_file(const char *path);
 struct conf		*conf_new_from_kernel(void);

usr.sbin/ctld/login.c

@@ -39,9 +39,6 @@ __FBSDID("$FreeBSD$");
 #include <string.h>
 #include <unistd.h>
 #include <netinet/in.h>
-#include <openssl/err.h>
-#include <openssl/md5.h>
-#include <openssl/rand.h>
 
 #include "ctld.h"
 #include "iscsi_proto.h"
@@ -229,150 +226,6 @@ login_list_prefers(const char *list,
 	return (-1);
 }
 
-static int
-login_hex2int(const char hex)
-{
-	switch (hex) {
-	case '0':
-		return (0x00);
-	case '1':
-		return (0x01);
-	case '2':
-		return (0x02);
-	case '3':
-		return (0x03);
-	case '4':
-		return (0x04);
-	case '5':
-		return (0x05);
-	case '6':
-		return (0x06);
-	case '7':
-		return (0x07);
-	case '8':
-		return (0x08);
-	case '9':
-		return (0x09);
-	case 'a':
-	case 'A':
-		return (0x0a);
-	case 'b':
-	case 'B':
-		return (0x0b);
-	case 'c':
-	case 'C':
-		return (0x0c);
-	case 'd':
-	case 'D':
-		return (0x0d);
-	case 'e':
-	case 'E':
-		return (0x0e);
-	case 'f':
-	case 'F':
-		return (0x0f);
-	default:
-		return (-1);
-	}
-}
-
-/*
- * XXX: Review this _carefully_.
- */
-static int
-login_hex2bin(const char *hex, char **binp, size_t *bin_lenp)
-{
-	int i, hex_len, nibble;
-	bool lo = true; /* As opposed to 'hi'. */
-	char *bin;
-	size_t bin_off, bin_len;
-
-	if (strncasecmp(hex, "0x", strlen("0x")) != 0) {
-		log_warnx("malformed variable, should start with \"0x\"");
-		return (-1);
-	}
-
-	hex += strlen("0x");
-	hex_len = strlen(hex);
-	if (hex_len < 1) {
-		log_warnx("malformed variable; doesn't contain anything "
-		    "but \"0x\"");
-		return (-1);
-	}
-
-	bin_len = hex_len / 2 + hex_len % 2;
-	bin = calloc(bin_len, 1);
-	if (bin == NULL)
-		log_err(1, "calloc");
-
-	bin_off = bin_len - 1;
-	for (i = hex_len - 1; i >= 0; i--) {
-		nibble = login_hex2int(hex[i]);
-		if (nibble < 0) {
-			log_warnx("malformed variable, invalid char \"%c\"",
-			    hex[i]);
-			return (-1);
-		}
-
-		assert(bin_off < bin_len);
-		if (lo) {
-			bin[bin_off] = nibble;
-			lo = false;
-		} else {
-			bin[bin_off] |= nibble << 4;
-			bin_off--;
-			lo = true;
-		}
-	}
-
-	*binp = bin;
-	*bin_lenp = bin_len;
-	return (0);
-}
-
-static char *
-login_bin2hex(const char *bin, size_t bin_len)
-{
-	unsigned char *hex, *tmp, ch;
-	size_t hex_len;
-	size_t i;
-
-	hex_len = bin_len * 2 + 3; /* +2 for "0x", +1 for '\0'. */
-	hex = malloc(hex_len);
-	if (hex == NULL)
-		log_err(1, "malloc");
-
-	tmp = hex;
-	tmp += sprintf(tmp, "0x");
-	for (i = 0; i < bin_len; i++) {
-		ch = bin[i];
-		tmp += sprintf(tmp, "%02x", ch);
-	}
-
-	return (hex);
-}
-
-static void
-login_compute_md5(const char id, const char *secret,
-    const void *challenge, size_t challenge_len, void *response,
-    size_t response_len)
-{
-	MD5_CTX ctx;
-	int rv;
-
-	assert(response_len == MD5_DIGEST_LENGTH);
-
-	MD5_Init(&ctx);
-	MD5_Update(&ctx, &id, sizeof(id));
-	MD5_Update(&ctx, secret, strlen(secret));
-	MD5_Update(&ctx, challenge, challenge_len);
-	rv = MD5_Final(response, &ctx);
-	if (rv != 1)
-		log_errx(1, "MD5_Final");
-}
-
-#define	LOGIN_CHALLENGE_LEN	1024
-
 static struct pdu *
 login_receive_chap_a(struct connection *conn)
 {
@@ -400,21 +253,21 @@ login_receive_chap_a(struct connection *conn)
 }
 
 static void
-login_send_chap_c(struct pdu *request, const unsigned char id,
+login_send_chap_c(struct pdu *request, struct chap *chap)
-    const void *challenge, const size_t challenge_len)
 {
 	struct pdu *response;
 	struct keys *response_keys;
-	char *chap_c, chap_i[4];
+	char *chap_c, *chap_i;
 
-	chap_c = login_bin2hex(challenge, challenge_len);
+	chap_c = chap_get_challenge(chap);
-	snprintf(chap_i, sizeof(chap_i), "%d", id);
+	chap_i = chap_get_id(chap);
 
 	response = login_new_response(request);
 	response_keys = keys_new();
 	keys_add(response_keys, "CHAP_A", "5");
 	keys_add(response_keys, "CHAP_I", chap_i);
 	keys_add(response_keys, "CHAP_C", chap_c);
+	free(chap_i);
 	free(chap_c);
 	keys_save(response_keys, response);
 	pdu_send(response);
@@ -423,15 +276,12 @@ login_send_chap_c(struct pdu *request, const unsigned char id,
 }
 
 static struct pdu *
-login_receive_chap_r(struct connection *conn,
+login_receive_chap_r(struct connection *conn, struct auth_group *ag,
-    struct auth_group *ag, const unsigned char id, const void *challenge,
+    struct chap *chap, const struct auth **authp)
-    const size_t challenge_len, const struct auth **cap)
 {
 	struct pdu *request;
 	struct keys *request_keys;
 	const char *chap_n, *chap_r;
-	char *response_bin, expected_response_bin[MD5_DIGEST_LENGTH];
-	size_t response_bin_len;
 	const struct auth *auth;
 	int error;
 
@@ -449,7 +299,7 @@ login_receive_chap_r(struct connection *conn,
 		login_send_error(request, 0x02, 0x07);
 		log_errx(1, "received CHAP Login PDU without CHAP_R");
 	}
-	error = login_hex2bin(chap_r, &response_bin, &response_bin_len);
+	error = chap_receive(chap, chap_r);
 	if (error != 0) {
 		login_send_error(request, 0x02, 0x07);
 		log_errx(1, "received CHAP Login PDU with malformed CHAP_R");
@@ -469,21 +319,17 @@ login_receive_chap_r(struct connection *conn,
 
 	assert(auth->a_secret != NULL);
 	assert(strlen(auth->a_secret) > 0);
-	login_compute_md5(id, auth->a_secret, challenge,
-	    challenge_len, expected_response_bin,
-	    sizeof(expected_response_bin));
 
-	if (memcmp(response_bin, expected_response_bin,
+	error = chap_authenticate(chap, auth->a_secret);
-	    sizeof(expected_response_bin)) != 0) {
+	if (error != 0) {
 		login_send_error(request, 0x02, 0x01);
 		log_errx(1, "CHAP authentication failed for user \"%s\"",
 		    auth->a_user);
 	}
 
 	keys_delete(request_keys);
-	free(response_bin);
 
-	*cap = auth;
+	*authp = auth;
 	return (request);
 }
 
@@ -494,10 +340,9 @@ login_send_chap_success(struct pdu *request,
 	struct pdu *response;
 	struct keys *request_keys, *response_keys;
 	struct iscsi_bhs_login_response *bhslr2;
+	struct rchap *rchap;
 	const char *chap_i, *chap_c;
-	char *chap_r, *challenge, response_bin[MD5_DIGEST_LENGTH];
+	char *chap_r;
-	size_t challenge_len;
-	unsigned char id;
 	int error;
 
 	response = login_new_response(request);
@@ -530,21 +375,18 @@ login_send_chap_success(struct pdu *request,
 			    "is not set", auth->a_user);
 		}
 
-		id = strtoul(chap_i, NULL, 10);
+		log_debugx("performing mutual authentication as user \"%s\"",
-		error = login_hex2bin(chap_c, &challenge, &challenge_len);
+		    auth->a_mutual_user);
+
+		rchap = rchap_new(auth->a_mutual_secret);
+		error = rchap_receive(rchap, chap_i, chap_c);
 		if (error != 0) {
 			login_send_error(request, 0x02, 0x07);
 			log_errx(1, "received CHAP Login PDU with malformed "
-			    "CHAP_C");
+			    "CHAP_I or CHAP_C");
 		}
-
+		chap_r = rchap_get_response(rchap);
-		log_debugx("performing mutual authentication as user \"%s\"",
+		rchap_delete(rchap);
-		    auth->a_mutual_user);
-		login_compute_md5(id, auth->a_mutual_secret, challenge,
-		    challenge_len, response_bin, sizeof(response_bin));
-
-		chap_r = login_bin2hex(response_bin,
-		    sizeof(response_bin));
 		response_keys = keys_new();
 		keys_add(response_keys, "CHAP_N", auth->a_mutual_user);
 		keys_add(response_keys, "CHAP_R", chap_r);
@@ -564,10 +406,8 @@ static void
 login_chap(struct connection *conn, struct auth_group *ag)
 {
 	const struct auth *auth;
+	struct chap *chap;
 	struct pdu *request;
-	char challenge_bin[LOGIN_CHALLENGE_LEN];
-	unsigned char id;
-	int rv;
 
 	/*
 	 * Receive CHAP_A PDU.
@@ -578,34 +418,21 @@ login_chap(struct connection *conn, struct auth_group *ag)
 	/*
 	 * Generate the challenge.
 	 */
-	rv = RAND_bytes(challenge_bin, sizeof(challenge_bin));
+	chap = chap_new();
-	if (rv != 1) {
-		login_send_error(request, 0x03, 0x02);
-		log_errx(1, "RAND_bytes failed: %s",
-		    ERR_error_string(ERR_get_error(), NULL));
-	}
-	rv = RAND_bytes(&id, sizeof(id));
-	if (rv != 1) {
-		login_send_error(request, 0x03, 0x02);
-		log_errx(1, "RAND_bytes failed: %s",
-		    ERR_error_string(ERR_get_error(), NULL));
-	}
 
 	/*
 	 * Send the challenge.
 	 */
 	log_debugx("sending CHAP_C, binary challenge size is %zd bytes",
-	    sizeof(challenge_bin));
+	    sizeof(chap->chap_challenge));
-	login_send_chap_c(request, id, challenge_bin,
+	login_send_chap_c(request, chap);
-	    sizeof(challenge_bin));
 	pdu_delete(request);
 
 	/*
 	 * Receive CHAP_N/CHAP_R PDU and authenticate.
 	 */
 	log_debugx("waiting for CHAP_N/CHAP_R");
-	request = login_receive_chap_r(conn, ag, id, challenge_bin,
+	request = login_receive_chap_r(conn, ag, chap, &auth);
-	    sizeof(challenge_bin), &auth);
 
 	/*
 	 * Yay, authentication succeeded!
@@ -614,6 +441,7 @@ login_chap(struct connection *conn, struct auth_group *ag)
 	    "transitioning to Negotiation Phase", auth->a_user);
 	login_send_chap_success(request, auth);
 	pdu_delete(request);
+	chap_delete(chap);
 }
 
 static void

usr.sbin/iscsid/Makefile

@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PROG=		iscsid
-SRCS=		discovery.c iscsid.c keys.c log.c login.c pdu.c
+SRCS=		chap.c discovery.c iscsid.c keys.c log.c login.c pdu.c
 CFLAGS+=	-I${.CURDIR}
 CFLAGS+=	-I${.CURDIR}/../../sys/cam
 CFLAGS+=	-I${.CURDIR}/../../sys/dev/iscsi

usr.sbin/iscsid/chap.c

@@ -0,0 +1,386 @@
+/*-
+ * Copyright (c) 2014 The FreeBSD Foundation
+ * All rights reserved.
+ *
+ * This software was developed by Edward Tomasz Napierala under sponsorship
+ * from the FreeBSD Foundation.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <assert.h>
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/md5.h>
+#include <openssl/rand.h>
+
+#include "iscsid.h"
+
+static void
+chap_compute_md5(const char id, const char *secret,
+    const void *challenge, size_t challenge_len, void *response,
+    size_t response_len)
+{
+	MD5_CTX ctx;
+	int rv;
+
+	assert(response_len == MD5_DIGEST_LENGTH);
+
+	MD5_Init(&ctx);
+	MD5_Update(&ctx, &id, sizeof(id));
+	MD5_Update(&ctx, secret, strlen(secret));
+	MD5_Update(&ctx, challenge, challenge_len);
+	rv = MD5_Final(response, &ctx);
+	if (rv != 1)
+		log_errx(1, "MD5_Final");
+}
+
+static int
+chap_hex2int(const char hex)
+{
+	switch (hex) {
+	case '0':
+		return (0x00);
+	case '1':
+		return (0x01);
+	case '2':
+		return (0x02);
+	case '3':
+		return (0x03);
+	case '4':
+		return (0x04);
+	case '5':
+		return (0x05);
+	case '6':
+		return (0x06);
+	case '7':
+		return (0x07);
+	case '8':
+		return (0x08);
+	case '9':
+		return (0x09);
+	case 'a':
+	case 'A':
+		return (0x0a);
+	case 'b':
+	case 'B':
+		return (0x0b);
+	case 'c':
+	case 'C':
+		return (0x0c);
+	case 'd':
+	case 'D':
+		return (0x0d);
+	case 'e':
+	case 'E':
+		return (0x0e);
+	case 'f':
+	case 'F':
+		return (0x0f);
+	default:
+		return (-1);
+	}
+}
+
+/*
+ * XXX: Review this _carefully_.
+ */
+static int
+chap_hex2bin(const char *hex, void **binp, size_t *bin_lenp)
+{
+	int i, hex_len, nibble;
+	bool lo = true; /* As opposed to 'hi'. */
+	char *bin;
+	size_t bin_off, bin_len;
+
+	if (strncasecmp(hex, "0x", strlen("0x")) != 0) {
+		log_warnx("malformed variable, should start with \"0x\"");
+		return (-1);
+	}
+
+	hex += strlen("0x");
+	hex_len = strlen(hex);
+	if (hex_len < 1) {
+		log_warnx("malformed variable; doesn't contain anything "
+		    "but \"0x\"");
+		return (-1);
+	}
+
+	bin_len = hex_len / 2 + hex_len % 2;
+	bin = calloc(bin_len, 1);
+	if (bin == NULL)
+		log_err(1, "calloc");
+
+	bin_off = bin_len - 1;
+	for (i = hex_len - 1; i >= 0; i--) {
+		nibble = chap_hex2int(hex[i]);
+		if (nibble < 0) {
+			log_warnx("malformed variable, invalid char \"%c\"",
+			    hex[i]);
+			free(bin);
+			return (-1);
+		}
+
+		assert(bin_off < bin_len);
+		if (lo) {
+			bin[bin_off] = nibble;
+			lo = false;
+		} else {
+			bin[bin_off] |= nibble << 4;
+			bin_off--;
+			lo = true;
+		}
+	}
+
+	*binp = bin;
+	*bin_lenp = bin_len;
+	return (0);
+}
+
+static char *
+chap_bin2hex(const char *bin, size_t bin_len)
+{
+	unsigned char *hex, *tmp, ch;
+	size_t hex_len;
+	size_t i;
+
+	hex_len = bin_len * 2 + 3; /* +2 for "0x", +1 for '\0'. */
+	hex = malloc(hex_len);
+	if (hex == NULL)
+		log_err(1, "malloc");
+
+	tmp = hex;
+	tmp += sprintf(tmp, "0x");
+	for (i = 0; i < bin_len; i++) {
+		ch = bin[i];
+		tmp += sprintf(tmp, "%02x", ch);
+	}
+
+	return (hex);
+}
+
+struct chap *
+chap_new(void)
+{
+	struct chap *chap;
+	int rv;
+
+	chap = calloc(sizeof(*chap), 1);
+	if (chap == NULL)
+		log_err(1, "calloc");
+
+	/*
+	 * Generate the challenge.
+	 */
+	rv = RAND_bytes(chap->chap_challenge, sizeof(chap->chap_challenge));
+	if (rv != 1) {
+		log_errx(1, "RAND_bytes failed: %s",
+		    ERR_error_string(ERR_get_error(), NULL));
+	}
+	rv = RAND_bytes(&chap->chap_id, sizeof(chap->chap_id));
+	if (rv != 1) {
+		log_errx(1, "RAND_bytes failed: %s",
+		    ERR_error_string(ERR_get_error(), NULL));
+	}
+
+	return (chap);
+}
+
+char *
+chap_get_id(const struct chap *chap)
+{
+	char *chap_i;
+	int ret;
+
+	ret = asprintf(&chap_i, "%d", chap->chap_id);
+	if (ret < 0)
+		log_err(1, "asprintf");
+
+	return (chap_i);
+}
+
+char *
+chap_get_challenge(const struct chap *chap)
+{
+	char *chap_c;
+
+	chap_c = chap_bin2hex(chap->chap_challenge,
+	    sizeof(chap->chap_challenge));
+
+	return (chap_c);
+}
+
+static int
+chap_receive_bin(struct chap *chap, void *response, size_t response_len)
+{
+
+	if (response_len != sizeof(chap->chap_response)) {
+		log_debugx("got CHAP response with invalid length; "
+		    "got %zd, should be %zd",
+		    response_len, sizeof(chap->chap_response));
+		return (1);
+	}
+
+	memcpy(chap->chap_response, response, response_len);
+	return (0);
+}
+
+int
+chap_receive(struct chap *chap, const char *response)
+{
+	void *response_bin;
+	size_t response_bin_len;
+	int error;
+
+	error = chap_hex2bin(response, &response_bin, &response_bin_len);
+	if (error != 0) {
+		log_debugx("got incorrectly encoded CHAP response \"%s\"",
+		    response);
+		return (1);
+	}
+
+	error = chap_receive_bin(chap, response_bin, response_bin_len);
+	free(response_bin);
+
+	return (error);
+}
+
+int
+chap_authenticate(struct chap *chap, const char *secret)
+{
+	char expected_response[MD5_DIGEST_LENGTH];
+
+	chap_compute_md5(chap->chap_id, secret,
+	    chap->chap_challenge, sizeof(chap->chap_challenge),
+	    expected_response, sizeof(expected_response));
+
+	if (memcmp(chap->chap_response,
+	    expected_response, sizeof(expected_response)) != 0) {
+		return (-1);
+	}
+
+	return (0);
+}
+
+void
+chap_delete(struct chap *chap)
+{
+
+	free(chap);
+}
+
+struct rchap *
+rchap_new(const char *secret)
+{
+	struct rchap *rchap;
+
+	rchap = calloc(sizeof(*rchap), 1);
+	if (rchap == NULL)
+		log_err(1, "calloc");
+
+	rchap->rchap_secret = checked_strdup(secret);
+
+	return (rchap);
+}
+
+static void
+rchap_receive_bin(struct rchap *rchap, const unsigned char id,
+    const void *challenge, size_t challenge_len)
+{
+
+	rchap->rchap_id = id;
+	rchap->rchap_challenge = calloc(challenge_len, 1);
+	if (rchap->rchap_challenge == NULL)
+		log_err(1, "calloc");
+	memcpy(rchap->rchap_challenge, challenge, challenge_len);
+	rchap->rchap_challenge_len = challenge_len;
+}
+
+int
+rchap_receive(struct rchap *rchap, const char *id, const char *challenge)
+{
+	unsigned char id_bin;
+	void *challenge_bin;
+	size_t challenge_bin_len;
+
+	int error;
+
+	id_bin = strtoul(id, NULL, 10);
+
+	error = chap_hex2bin(challenge, &challenge_bin, &challenge_bin_len);
+	if (error != 0) {
+		log_debugx("got incorrectly encoded CHAP challenge \"%s\"",
+		    challenge);
+		return (1);
+	}
+
+	rchap_receive_bin(rchap, id_bin, challenge_bin, challenge_bin_len);
+	free(challenge_bin);
+
+	return (0);
+}
+
+static void
+rchap_get_response_bin(struct rchap *rchap,
+    void **responsep, size_t *response_lenp)
+{
+	void *response_bin;
+	size_t response_bin_len = MD5_DIGEST_LENGTH;
+
+	response_bin = calloc(response_bin_len, 1);
+	if (response_bin == NULL)
+		log_err(1, "calloc");
+
+	chap_compute_md5(rchap->rchap_id, rchap->rchap_secret,
+	    rchap->rchap_challenge, rchap->rchap_challenge_len,
+	    response_bin, response_bin_len);
+
+	*responsep = response_bin;
+	*response_lenp = response_bin_len;
+}
+
+char *
+rchap_get_response(struct rchap *rchap)
+{
+	void *response;
+	size_t response_len;
+	char *chap_r;
+
+	rchap_get_response_bin(rchap, &response, &response_len);
+	chap_r = chap_bin2hex(response, response_len);
+	free(response);
+
+	return (chap_r);
+}
+
+void
+rchap_delete(struct rchap *rchap)
+{
+
+	free(rchap->rchap_secret);
+	free(rchap->rchap_challenge);
+	free(rchap);
+}

usr.sbin/iscsid/iscsid.h

@@ -34,6 +34,7 @@
 
 #include <stdbool.h>
 #include <stdint.h>
+#include <openssl/md5.h>
 
 #include <iscsi_ioctl.h>
 
@@ -60,8 +61,7 @@ struct connection {
 	size_t			conn_max_data_segment_length;
 	size_t			conn_max_burst_length;
 	size_t			conn_first_burst_length;
-	char			conn_mutual_challenge[CONN_MUTUAL_CHALLENGE_LEN];
+	struct chap		*conn_mutual_chap;
-	unsigned char		conn_mutual_id;
 };
 
 struct pdu {
@@ -80,6 +80,35 @@ struct keys {
 	size_t			keys_data_len;
 };
 
+#define	CHAP_CHALLENGE_LEN	1024
+
+struct chap {
+	unsigned char	chap_id;
+	char		chap_challenge[CHAP_CHALLENGE_LEN];
+	char		chap_response[MD5_DIGEST_LENGTH];
+};
+
+struct rchap {
+	char		*rchap_secret;
+	unsigned char	rchap_id;
+	void		*rchap_challenge;
+	size_t		rchap_challenge_len;
+};
+
+struct chap		*chap_new(void);
+char			*chap_get_id(const struct chap *chap);
+char			*chap_get_challenge(const struct chap *chap);
+int			chap_receive(struct chap *chap, const char *response);
+int			chap_authenticate(struct chap *chap,
+			    const char *secret);
+void			chap_delete(struct chap *chap);
+
+struct rchap		*rchap_new(const char *secret);
+int			rchap_receive(struct rchap *rchap,
+			    const char *id, const char *challenge);
+char			*rchap_get_response(struct rchap *rchap);
+void			rchap_delete(struct rchap *rchap);
+
 struct keys		*keys_new(void);
 void			keys_delete(struct keys *key);
 void			keys_load(struct keys *keys, const struct pdu *pdu);

usr.sbin/iscsid/login.c

@@ -39,9 +39,6 @@ __FBSDID("$FreeBSD$");
 #include <stdlib.h>
 #include <string.h>
 #include <netinet/in.h>
-#include <openssl/err.h>
-#include <openssl/md5.h>
-#include <openssl/rand.h>
 
 #include "iscsid.h"
 #include "iscsi_proto.h"
@@ -328,148 +325,6 @@ login_list_prefers(const char *list,
 	return (-1);
 }
 
-static int
-login_hex2int(const char hex)
-{
-	switch (hex) {
-	case '0':
-		return (0x00);
-	case '1':
-		return (0x01);
-	case '2':
-		return (0x02);
-	case '3':
-		return (0x03);
-	case '4':
-		return (0x04);
-	case '5':
-		return (0x05);
-	case '6':
-		return (0x06);
-	case '7':
-		return (0x07);
-	case '8':
-		return (0x08);
-	case '9':
-		return (0x09);
-	case 'a':
-	case 'A':
-		return (0x0a);
-	case 'b':
-	case 'B':
-		return (0x0b);
-	case 'c':
-	case 'C':
-		return (0x0c);
-	case 'd':
-	case 'D':
-		return (0x0d);
-	case 'e':
-	case 'E':
-		return (0x0e);
-	case 'f':
-	case 'F':
-		return (0x0f);
-	default:
-		return (-1);
-	}
-}
-
-/*
- * XXX: Review this _carefully_.
- */
-static int
-login_hex2bin(const char *hex, char **binp, size_t *bin_lenp)
-{
-	int i, hex_len, nibble;
-	bool lo = true; /* As opposed to 'hi'. */
-	char *bin;
-	size_t bin_off, bin_len;
-
-	if (strncasecmp(hex, "0x", strlen("0x")) != 0) {
-		log_warnx("malformed variable, should start with \"0x\"");
-		return (-1);
-	}
-
-	hex += strlen("0x");
-	hex_len = strlen(hex);
-	if (hex_len < 1) {
-		log_warnx("malformed variable; doesn't contain anything "
-		    "but \"0x\"");
-		return (-1);
-	}
-
-	bin_len = hex_len / 2 + hex_len % 2;
-	bin = calloc(bin_len, 1);
-	if (bin == NULL)
-		log_err(1, "calloc");
-
-	bin_off = bin_len - 1;
-	for (i = hex_len - 1; i >= 0; i--) {
-		nibble = login_hex2int(hex[i]);
-		if (nibble < 0) {
-			log_warnx("malformed variable, invalid char \"%c\"",
-			    hex[i]);
-			return (-1);
-		}
-
-		assert(bin_off < bin_len);
-		if (lo) {
-			bin[bin_off] = nibble;
-			lo = false;
-		} else {
-			bin[bin_off] |= nibble << 4;
-			bin_off--;
-			lo = true;
-		}
-	}
-
-	*binp = bin;
-	*bin_lenp = bin_len;
-	return (0);
-}
-
-static char *
-login_bin2hex(const char *bin, size_t bin_len)
-{
-	unsigned char *hex, *tmp, ch;
-	size_t hex_len;
-	size_t i;
-
-	hex_len = bin_len * 2 + 3; /* +2 for "0x", +1 for '\0'. */
-	hex = malloc(hex_len);
-	if (hex == NULL)
-		log_err(1, "malloc");
-
-	tmp = hex;
-	tmp += sprintf(tmp, "0x");
-	for (i = 0; i < bin_len; i++) {
-		ch = bin[i];
-		tmp += sprintf(tmp, "%02x", ch);
-	}
-
-	return (hex);
-}
-
-static void
-login_compute_md5(const char id, const char *secret,
-    const void *challenge, size_t challenge_len, void *response,
-    size_t response_len)
-{
-	MD5_CTX ctx;
-	int rv;
-
-	assert(response_len == MD5_DIGEST_LENGTH);
-
-	MD5_Init(&ctx);
-	MD5_Update(&ctx, &id, sizeof(id));
-	MD5_Update(&ctx, secret, strlen(secret));
-	MD5_Update(&ctx, challenge, challenge_len);
-	rv = MD5_Final(response, &ctx);
-	if (rv != 1)
-		log_errx(1, "MD5_Final");
-}
-
 static void
 login_negotiate_key(struct connection *conn, const char *name,
     const char *value)
@@ -686,12 +541,11 @@ login_send_chap_r(struct pdu *response)
 	struct connection *conn;
 	struct pdu *request;
 	struct keys *request_keys, *response_keys;
+	struct rchap *rchap;
 	const char *chap_a, *chap_c, *chap_i;
-	char *chap_r, *challenge, response_bin[MD5_DIGEST_LENGTH];
+	char *chap_r;
-	size_t challenge_len;
+	int error;
-	int error, rv;
+        char *mutual_chap_c, *mutual_chap_i;
-	unsigned char id;
-        char *mutual_chap_c, mutual_chap_i[4];
 
 	/*
 	 * As in the rest of the initiator, 'request' means
@@ -719,17 +573,19 @@ login_send_chap_r(struct pdu *response)
 	if (chap_i == NULL)
 		log_errx(1, "received CHAP packet without CHAP_I");
 
-	if (strcmp(chap_a, "5") != 0)
+	if (strcmp(chap_a, "5") != 0) {
 		log_errx(1, "received CHAP packet "
 		    "with unsupported CHAP_A \"%s\"", chap_a);
-	id = strtoul(chap_i, NULL, 10);
+	}
-	error = login_hex2bin(chap_c, &challenge, &challenge_len);
+
-	if (error != 0)
+	rchap = rchap_new(conn->conn_conf.isc_secret);
-		log_errx(1, "received CHAP packet with malformed CHAP_C");
+	error = rchap_receive(rchap, chap_i, chap_c);
-	login_compute_md5(id, conn->conn_conf.isc_secret,
+	if (error != 0) {
-	    challenge, challenge_len, response_bin, sizeof(response_bin));
+		log_errx(1, "received CHAP packet "
-	free(challenge);
+		    "with malformed CHAP_I or CHAP_C");
-	chap_r = login_bin2hex(response_bin, sizeof(response_bin));
+	}
+	chap_r = rchap_get_response(rchap);
+	rchap_delete(rchap);
 
 	keys_delete(response_keys);
 
@@ -746,26 +602,15 @@ login_send_chap_r(struct pdu *response)
 	if (conn->conn_conf.isc_mutual_user[0] != '\0') {
 		log_debugx("requesting mutual authentication; "
 		    "binary challenge size is %zd bytes",
-		    sizeof(conn->conn_mutual_challenge));
+		    sizeof(conn->conn_mutual_chap->chap_challenge));
 
-		rv = RAND_bytes(conn->conn_mutual_challenge,
+		assert(conn->conn_mutual_chap == NULL);
-		    sizeof(conn->conn_mutual_challenge));
+		conn->conn_mutual_chap = chap_new();
-		if (rv != 1) {
+		mutual_chap_i = chap_get_id(conn->conn_mutual_chap);
-			log_errx(1, "RAND_bytes failed: %s",
+		mutual_chap_c = chap_get_challenge(conn->conn_mutual_chap);
-			    ERR_error_string(ERR_get_error(), NULL));
-		}
-		rv = RAND_bytes(&conn->conn_mutual_id,
-		    sizeof(conn->conn_mutual_id));
-		if (rv != 1) {
-			log_errx(1, "RAND_bytes failed: %s",
-			    ERR_error_string(ERR_get_error(), NULL));
-		}
-		mutual_chap_c = login_bin2hex(conn->conn_mutual_challenge,
-		    sizeof(conn->conn_mutual_challenge));
-		snprintf(mutual_chap_i, sizeof(mutual_chap_i),
-		    "%d", conn->conn_mutual_id);
 		keys_add(request_keys, "CHAP_I", mutual_chap_i);
 		keys_add(request_keys, "CHAP_C", mutual_chap_c);
+		free(mutual_chap_i);
 		free(mutual_chap_c);
 	}
 
@@ -781,8 +626,6 @@ login_verify_mutual(const struct pdu *response)
 	struct connection *conn;
 	struct keys *response_keys;
 	const char *chap_n, *chap_r;
-	char *response_bin, expected_response_bin[MD5_DIGEST_LENGTH];
-	size_t response_bin_len;
 	int error;
 
 	conn = response->pdu_connection;
@@ -796,28 +639,26 @@ login_verify_mutual(const struct pdu *response)
         chap_r = keys_find(response_keys, "CHAP_R");
         if (chap_r == NULL)
                 log_errx(1, "received CHAP Response PDU without CHAP_R");
-        error = login_hex2bin(chap_r, &response_bin, &response_bin_len);
+
-        if (error != 0)
+	error = chap_receive(conn->conn_mutual_chap, chap_r);
-                log_errx(1, "received CHAP Response PDU with malformed CHAP_R");
+	if (error != 0)
+                log_errx(1, "received CHAP Response PDU with invalid CHAP_R");
 
 	if (strcmp(chap_n, conn->conn_conf.isc_mutual_user) != 0) {
 		fail(conn, "Mutual CHAP failed");
 		log_errx(1, "mutual CHAP authentication failed: wrong user");
 	}
 
-	login_compute_md5(conn->conn_mutual_id,
+	error = chap_authenticate(conn->conn_mutual_chap,
-	    conn->conn_conf.isc_mutual_secret, conn->conn_mutual_challenge,
+	    conn->conn_conf.isc_mutual_secret);
-	    sizeof(conn->conn_mutual_challenge), expected_response_bin,
+	if (error != 0) {
-	    sizeof(expected_response_bin));
-
-        if (memcmp(response_bin, expected_response_bin,
-            sizeof(expected_response_bin)) != 0) {
 		fail(conn, "Mutual CHAP failed");
                 log_errx(1, "mutual CHAP authentication failed: wrong secret");
 	}
 
-        keys_delete(response_keys);
+	keys_delete(response_keys);
-        free(response_bin);
+	chap_delete(conn->conn_mutual_chap);
+	conn->conn_mutual_chap = NULL;
 
 	log_debugx("mutual CHAP authentication succeeded");
 }