From 562dd468338dabe6efc56af92ce5a7eff62f4e61 Mon Sep 17 00:00:00 2001
From: Peter Lieven <pl@kamp.de>
Date: Wed, 28 Nov 2012 10:58:33 +0100
Subject: [PATCH] PDU avoid incrementing itt to 0xffffffff

This patch avoid incrementing itt to 0xffffffff which is
a reserved value for immediate pdus. Avoid incrementing
it to 0xfffffff to avoid unexpected behaviour.

Signed-off-by: Peter Lieven <pl@kamp.de>
---
 include/iscsi-private.h |  3 +++
 lib/connect.c           |  4 ++--
 lib/login.c             |  2 +-
 lib/pdu.c               | 16 ++++++++++++++--
 4 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/include/iscsi-private.h b/include/iscsi-private.h
index 2928a36..a35eb4c 100644
--- a/include/iscsi-private.h
+++ b/include/iscsi-private.h
@@ -328,6 +328,9 @@ iscsi_add_to_outqueue(struct iscsi_context *iscsi, struct iscsi_pdu *pdu);
 int
 iscsi_serial32_compare(u_int32_t s1, u_int32_t s2);
 
+u_int32_t
+iscsi_itt_post_increment(struct iscsi_context *iscsi);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/lib/connect.c b/lib/connect.c
index 4a7f878..d52baad 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -279,7 +279,7 @@ try_again:
 			continue;
 		}
 
-		pdu->itt   = iscsi->itt++;
+		pdu->itt   = iscsi_itt_post_increment(iscsi);
 		iscsi_pdu_set_itt(pdu, pdu->itt);
 
 		pdu->cmdsn = iscsi->cmdsn++;
@@ -309,7 +309,7 @@ try_again:
 			continue;
 		}
 
-		pdu->itt   = iscsi->itt++;
+		pdu->itt   = iscsi_itt_post_increment(iscsi);
 		iscsi_pdu_set_itt(pdu, pdu->itt);
 
 		pdu->cmdsn = iscsi->cmdsn++;
diff --git a/lib/login.c b/lib/login.c
index c918747..66e2146 100644
--- a/lib/login.c
+++ b/lib/login.c
@@ -1067,7 +1067,7 @@ iscsi_process_login_reply(struct iscsi_context *iscsi, struct iscsi_pdu *pdu,
 	if ((in->hdr[1] & ISCSI_PDU_LOGIN_TRANSIT)
 	&& (in->hdr[1] & ISCSI_PDU_LOGIN_NSG_FF) == ISCSI_PDU_LOGIN_NSG_FF) {
 		iscsi->is_loggedin = 1;
-		iscsi->itt++;
+		iscsi_itt_post_increment(iscsi);
 		iscsi->header_digest  = iscsi->want_header_digest;
 		ISCSI_LOG(iscsi, 2, "login successful");
 		pdu->callback(iscsi, SCSI_STATUS_GOOD, NULL, pdu->private_data);
diff --git a/lib/pdu.c b/lib/pdu.c
index c28cd4f..a7b6022 100644
--- a/lib/pdu.c
+++ b/lib/pdu.c
@@ -48,6 +48,18 @@ iscsi_serial32_compare(u_int32_t s1, u_int32_t s2) {
 	return -1;
 }
 
+u_int32_t
+iscsi_itt_post_increment(struct iscsi_context *iscsi) {
+	u_int32_t old_itt = iscsi->itt;
+	iscsi->itt++;
+	/* 0xffffffff is a reserved value */
+	if (iscsi->itt == 0xffffffff) {
+		iscsi->itt = 0;
+	}
+	return old_itt;
+}
+
+
 struct iscsi_pdu *
 iscsi_allocate_pdu_with_itt_flags_size(struct iscsi_context *iscsi, enum iscsi_opcode opcode,
 				  enum iscsi_opcode response_opcode, uint32_t itt, uint32_t flags, size_t payload_size)
@@ -107,14 +119,14 @@ struct iscsi_pdu *
 iscsi_allocate_pdu(struct iscsi_context *iscsi, enum iscsi_opcode opcode,
 		   enum iscsi_opcode response_opcode)
 {
-	return iscsi_allocate_pdu_with_itt_flags(iscsi, opcode, response_opcode, iscsi->itt++, 0);
+	return iscsi_allocate_pdu_with_itt_flags(iscsi, opcode, response_opcode, iscsi_itt_post_increment(iscsi), 0);
 }	
 
 struct iscsi_pdu *
 iscsi_allocate_pdu_size(struct iscsi_context *iscsi, enum iscsi_opcode opcode,
 		   enum iscsi_opcode response_opcode, size_t payload_size)
 {
-	return iscsi_allocate_pdu_with_itt_flags_size(iscsi, opcode, response_opcode, iscsi->itt++, 0, payload_size);
+	return iscsi_allocate_pdu_with_itt_flags_size(iscsi, opcode, response_opcode, iscsi_itt_post_increment(iscsi), 0, payload_size);
 }