Commit e622de2c authored by Konrad Sztyber's avatar Konrad Sztyber Committed by Jim Harris
Browse files

nvmf: method for getting controller's DH-HMAC-CHAP key 



nvmf_subsystem_get_dhchap_key() now takes an extra parameter describing
which key to return (host or controller).

Signed-off-by: default avatarKonrad Sztyber <konrad.sztyber@intel.com>
Change-Id: I936ab57fe1dbddfc382f0b2bae02b387de0d98c3
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/22809


Reviewed-by: default avatarSeung yeon Shin <syeon.shin@samsung.com>
Tested-by: default avatarSPDK CI Jenkins <sys_sgci@intel.com>
Community-CI: Mellanox Build Bot
Reviewed-by: default avatarJim Harris <jim.harris@samsung.com>
Reviewed-by: default avatarBen Walker <ben@nvidia.com>
parent aa13730d

lib/nvmf/auth.c

+1 −1
Original line number Diff line number Diff line
@@ -353,7 +353,7 @@ nvmf_auth_reply_exec(struct spdk_nvmf_request *req, struct spdk_nvmf_dhchap_repl 
		goto out;

	}



	key = nvmf_subsystem_get_dhchap_key(ctrlr->subsys, ctrlr->hostnqn);

	key = nvmf_subsystem_get_dhchap_key(ctrlr->subsys, ctrlr->hostnqn, NVMF_AUTH_KEY_HOST);

	if (key == NULL) {

		AUTH_ERRLOG(qpair, "couldn't get DH-HMAC-CHAP key\n");

		nvmf_auth_request_fail1(req, SPDK_NVMF_AUTH_FAILED);

lib/nvmf/nvmf_internal.h

+6 −1
Original line number Diff line number Diff line
@@ -414,7 +414,12 @@ void nvmf_subsystem_remove_all_listeners(struct spdk_nvmf_subsystem *subsystem, 
struct spdk_nvmf_ctrlr *nvmf_subsystem_get_ctrlr(struct spdk_nvmf_subsystem *subsystem,

		uint16_t cntlid);

bool nvmf_subsystem_host_auth_required(struct spdk_nvmf_subsystem *subsystem, const char *hostnqn);

struct spdk_key *nvmf_subsystem_get_dhchap_key(struct spdk_nvmf_subsystem *subsys, const char *nqn);

enum nvmf_auth_key_type {

	NVMF_AUTH_KEY_HOST,

	NVMF_AUTH_KEY_CTRLR,

};

struct spdk_key *nvmf_subsystem_get_dhchap_key(struct spdk_nvmf_subsystem *subsys, const char *nqn,

		enum nvmf_auth_key_type type);

struct spdk_nvmf_subsystem_listener *nvmf_subsystem_find_listener(

	struct spdk_nvmf_subsystem *subsystem,

	const struct spdk_nvme_transport_id *trid);

lib/nvmf/subsystem.c

+14 −3
Original line number Diff line number Diff line
@@ -1254,15 +1254,26 @@ nvmf_subsystem_host_auth_required(struct spdk_nvmf_subsystem *subsystem, const c 
}



struct spdk_key *

nvmf_subsystem_get_dhchap_key(struct spdk_nvmf_subsystem *subsystem, const char *hostnqn)

nvmf_subsystem_get_dhchap_key(struct spdk_nvmf_subsystem *subsystem, const char *hostnqn,

			      enum nvmf_auth_key_type type)

{

	struct spdk_nvmf_host *host;

	struct spdk_key *key = NULL;



	pthread_mutex_lock(&subsystem->mutex);

	host = nvmf_subsystem_find_host(subsystem, hostnqn);

	if (host != NULL && host->dhchap_key != NULL) {

		key = spdk_key_dup(host->dhchap_key);

	if (host != NULL) {

		switch (type) {

		case NVMF_AUTH_KEY_HOST:

			key = host->dhchap_key;

			break;

		case NVMF_AUTH_KEY_CTRLR:

			key = host->dhchap_ctrlr_key;

			break;

		}

		if (key != NULL) {

			key = spdk_key_dup(key);

		}

	}

	pthread_mutex_unlock(&subsystem->mutex);

test/unit/lib/nvmf/auth.c/auth_ut.c

+1 −1
Original line number Diff line number Diff line
@@ -15,7 +15,7 @@ DEFINE_STUB(spdk_nvme_dhchap_get_dhgroup_name, const char *, (int d), NULL); 
DEFINE_STUB(spdk_nvme_dhchap_get_digest_length, uint8_t, (int d), 0);

DEFINE_STUB_V(spdk_keyring_put_key, (struct spdk_key *k));

DEFINE_STUB(nvmf_subsystem_get_dhchap_key, struct spdk_key *,

	    (struct spdk_nvmf_subsystem *s, const char *h), NULL);

	    (struct spdk_nvmf_subsystem *s, const char *h, enum nvmf_auth_key_type t), NULL);

DEFINE_STUB(spdk_nvme_dhchap_generate_dhkey, struct spdk_nvme_dhchap_dhkey *,

	    (enum spdk_nvmf_dhchap_dhgroup dhgroup), NULL);

DEFINE_STUB_V(spdk_nvme_dhchap_dhkey_free, (struct spdk_nvme_dhchap_dhkey **key));