[4/4] target: iscsi: not require target authentication

Message ID	20220718152555.17084-5-d.bogdanov@yadro.com (mailing list archive)
State	Accepted
Headers	show Return-Path: <linux-scsi-owner@kernel.org> From: Dmitry Bogdanov <d.bogdanov@yadro.com> To: Martin Petersen <martin.petersen@oracle.com>, <target-devel@vger.kernel.org> CC: <linux-scsi@vger.kernel.org>, <linux@yadro.com>, Dmitry Bogdanov <d.bogdanov@yadro.com> Subject: [PATCH 4/4] target: iscsi: not require target authentication Date: Mon, 18 Jul 2022 18:25:55 +0300 Message-ID: <20220718152555.17084-5-d.bogdanov@yadro.com> In-Reply-To: <20220718152555.17084-1-d.bogdanov@yadro.com> References: <20220718152555.17084-1-d.bogdanov@yadro.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: bulk
Series	Improve iSCSI target code \| expand [0/4] Improve iSCSI target code [1/4] scsi: target: iscsi: add support extended CDB AHS [2/4] scsi: target: iscsi: support base64 in CHAP [3/4] target: iscsi: allow negotiate AuthMethod=None [4/4] target: iscsi: not require target authentication

Message ID

20220718152555.17084-5-d.bogdanov@yadro.com (mailing list archive)

State

Accepted

Headers

From: Dmitry Bogdanov <d.bogdanov@yadro.com>
To: Martin Petersen <martin.petersen@oracle.com>,
        <target-devel@vger.kernel.org>
CC: <linux-scsi@vger.kernel.org>, <linux@yadro.com>,
        Dmitry Bogdanov <d.bogdanov@yadro.com>
Subject: [PATCH 4/4] target: iscsi: not require target authentication
Date: Mon, 18 Jul 2022 18:25:55 +0300
Message-ID: <20220718152555.17084-5-d.bogdanov@yadro.com>
In-Reply-To: <20220718152555.17084-1-d.bogdanov@yadro.com>
References: <20220718152555.17084-1-d.bogdanov@yadro.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
Precedence: bulk

Series

Improve iSCSI target code | expand

Commit Message

Dmitry Bogdanov July 18, 2022, 3:25 p.m. UTC

RFC7143 states that Initiator decides what type of authentication to
choice:
The initiator MUST continue with:
    CHAP_N=<N> CHAP_R=<R>
or, if it requires target authentication, with:
    CHAP_N=<N> CHAP_R=<R> CHAP_I=<I> CHAP_C=<C>

Allow one way authentication if mutual authentication is configured.
That passes some tests from Windows HLK for Mutual CHAP with iSNS.

Signed-off-by: Dmitry Bogdanov <d.bogdanov@yadro.com>
---
 drivers/target/iscsi/iscsi_target_auth.c |  8 +++++++-
 drivers/target/iscsi/iscsi_target_nego.c | 10 +++++-----
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c
index a5b72968f356..c8a248bd11be 100644
--- a/drivers/target/iscsi/iscsi_target_auth.c
+++ b/drivers/target/iscsi/iscsi_target_auth.c
@@ -416,7 +416,13 @@  static int chap_server_compute_hash(
 	/*
 	 * Get CHAP_I.
 	 */
-	if (extract_param(nr_in_ptr, "CHAP_I", 10, identifier, &type) < 0) {
+	ret = extract_param(nr_in_ptr, "CHAP_I", 10, identifier, &type);
+	if (ret == -ENOENT) {
+		pr_debug("Could not find CHAP_I. Initiator uses One way authentication.\n");
+		auth_ret = 0;
+		goto out;
+	}
+	if (ret < 0) {
 		pr_err("Could not find CHAP_I.\n");
 		goto out;
 	}
diff --git a/drivers/target/iscsi/iscsi_target_nego.c b/drivers/target/iscsi/iscsi_target_nego.c
index a167fab80588..f2919319ad38 100644
--- a/drivers/target/iscsi/iscsi_target_nego.c
+++ b/drivers/target/iscsi/iscsi_target_nego.c
@@ -62,15 +62,15 @@  int extract_param(
 	int len;
 
 	if (!in_buf || !pattern || !out_buf || !type)
-		return -1;
+		return -EINVAL;
 
 	ptr = strstr(in_buf, pattern);
 	if (!ptr)
-		return -1;
+		return -ENOENT;
 
 	ptr = strstr(ptr, "=");
 	if (!ptr)
-		return -1;
+		return -EINVAL;
 
 	ptr += 1;
 	if (*ptr == '0' && (*(ptr+1) == 'x' || *(ptr+1) == 'X')) {
@@ -84,12 +84,12 @@  int extract_param(
 
 	len = strlen_semi(ptr);
 	if (len < 0)
-		return -1;
+		return -EINVAL;
 
 	if (len >= max_length) {
 		pr_err("Length of input: %d exceeds max_length:"
 			" %d\n", len, max_length);
-		return -1;
+		return -EINVAL;
 	}
 	memcpy(out_buf, ptr, len);
 	out_buf[len] = '\0';

[4/4] target: iscsi: not require target authentication

Commit Message

Patch