diff mbox series

[3/4] target: iscsi: allow negotiate AuthMethod=None

Message ID 20220718152555.17084-4-d.bogdanov@yadro.com (mailing list archive)
State Accepted
Headers show
Series Improve iSCSI target code | expand

Commit Message

Dmitry Bogdanov July 18, 2022, 3:25 p.m. UTC 
Allow to negotiate AuthMethod=None at CSG=0 (Security Negotiation) when
authentication is not required. That is some CHAP test in Windows HLK.

Signed-off-by: Dmitry Bogdanov <d.bogdanov@yadro.com>
---
 drivers/target/iscsi/iscsi_target_login.c | 13 +++++++++++++
 drivers/target/iscsi/iscsi_target_nego.c  |  2 +-
 drivers/target/iscsi/iscsi_target_nego.h  |  2 +-
 3 files changed, 15 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/drivers/target/iscsi/iscsi_target_login.c b/drivers/target/iscsi/iscsi_target_login.c
index 6b94eecc4790..d5d617f98195 100644
--- a/drivers/target/iscsi/iscsi_target_login.c
+++ b/drivers/target/iscsi/iscsi_target_login.c
@@ -341,6 +341,7 @@  static int iscsi_login_zero_tsih_s2(
 {
 	struct iscsi_node_attrib *na;
 	struct iscsit_session *sess = conn->sess;
+	struct iscsi_param *param;
 	bool iser = false;
 
 	sess->tpg = conn->tpg;
@@ -374,6 +375,18 @@  static int iscsi_login_zero_tsih_s2(
 
 	na = iscsit_tpg_get_node_attrib(sess);
 
+	/*
+	 * If ACL allows non-authorized access in TPG with CHAP,
+	 * then set None to AuthMethod.
+	 */
+	param = iscsi_find_param_from_key(AUTHMETHOD, conn->param_list);
+	if (param && !strstr(param->value, NONE)) {
+		if (!iscsi_conn_auth_required(conn))
+			if (iscsi_change_param_sprintf(conn, "AuthMethod=%s",
+						       NONE))
+				return -1;
+	}
+
 	/*
 	 * Need to send TargetPortalGroupTag back in first login response
 	 * on any iSCSI connection where the Initiator provides TargetName.
diff --git a/drivers/target/iscsi/iscsi_target_nego.c b/drivers/target/iscsi/iscsi_target_nego.c
index 767646438391..a167fab80588 100644
--- a/drivers/target/iscsi/iscsi_target_nego.c
+++ b/drivers/target/iscsi/iscsi_target_nego.c
@@ -814,7 +814,7 @@  static int iscsi_target_do_authentication(
 	return 0;
 }
 
-static bool iscsi_conn_auth_required(struct iscsit_conn *conn)
+bool iscsi_conn_auth_required(struct iscsit_conn *conn)
 {
 	struct iscsi_node_acl *nacl;
 	struct se_node_acl *se_nacl;
diff --git a/drivers/target/iscsi/iscsi_target_nego.h b/drivers/target/iscsi/iscsi_target_nego.h
index 21d3cab90d08..41c3db3ddeaa 100644
--- a/drivers/target/iscsi/iscsi_target_nego.h
+++ b/drivers/target/iscsi/iscsi_target_nego.h
@@ -22,5 +22,5 @@  extern int iscsi_target_locate_portal(struct iscsi_np *, struct iscsit_conn *,
 extern int iscsi_target_start_negotiation(
 		struct iscsi_login *, struct iscsit_conn *);
 extern void iscsi_target_nego_release(struct iscsit_conn *);
-
+extern bool iscsi_conn_auth_required(struct iscsit_conn *conn);
 #endif /* ISCSI_TARGET_NEGO_H */