Checking for the presence of the NUL character should be done
without accessing beyond the PDU datain. Use memchr instead
of strlen, and compute the length only if a NUL character is
actually there.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Assume target names are URL encoded with '%' as the special character.
Any sequence of '%' followed by two bytes in the target name will be replaced
with the byte that the second two bytes represent in hexadecimal.
Example
iqn.ronnie.test%3A1234
will be translated to iqn.ronnie.test:1234
This makes sure that CHAP authentication is disabled if the system
is running in FIPS 140-2 mode. MD5 is not a secure algorithm according
to the standard.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This patch avoid incrementing itt to 0xffffffff which is
a reserved value for immediate pdus. Avoid incrementing
it to 0xfffffff to avoid unexpected behaviour.
Signed-off-by: Peter Lieven <pl@kamp.de>
RFC3720 says that cmdsn comparison must be done using
serial32 arithmetic. This will definetly avoid a deadlock
if cmdsn wraps from 2^32-1 to 0.
Signed-off-by: Peter Lieven <pl@kamp.de>
This has the nice side effect to remove the compiler warning
"dereferencing type-punned pointer will break strict-aliasing rules"
which occur since gcc-4.7.
There are 79 locations where the warning occurs. All of them are in
statements where the htonl/htons/ntohl/ntohs functions are used, e.g.:
in lib/pdu.c itt = ntohl(*(uint32_t *)&in->hdr[16]);
in lib/scsi-lowlevel.c *(uint32_t *)&task->cdb[2] = htonl(lba);
The warning is not related to the htonl/htons/ntohl/ntohs functions but
to the casting/dereferencing operation. If the dereferenced variable is
already a pointer, the warning does not not occur, e.g. this one:
in lib/pdu.c itt = ntohl(*(uint32_t *)&in->data[16]);
The warning is caused by the -fstrict-aliasing option. The
-fstrict-aliasing option is enabled at optimization levels -O2, -O3, -Os.
Signed-off-by: Bernhard Kohl <bernhard.kohl@gmx.net>
This patch adds a wrapper around all memory allocations and frees.
The idea is to get warned immediately if the application leaks memory.
Additionally the wrapper functions make it easy to add different
memory allocators or memory pools in the future.
If the login phase takes multiple login requests we should keep the ITT the same for all login requets and not increment it.
A multi-phase login is only a single task eventhough it may be spread across multiple login requetst.
While most targets are forgiving and still work if we increment the ITT for each login command, some targets such as SOLARIS/COMSTAR is NOT forgiving if we break the protocol in this situation.
Fix the ITT handling so that we dont make SOLARIS/COMSTAR upset.
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
We will use this later to decide when we should send unsolicited imemdiate
data to the target. Currently we always send unsolicited immediate data
but targets configured to not allow immediate data may refuce this and
turn an error.
and accept what Target responds.
Store the result of the negotiated setting in the iscsi context
so we can use it later to determine how to send solicited/unsolicited
data.
Add these settings to the iscsi context structure and initialize them to
sane valued.
When sending login commands to the target, use these values instead
of hardcoded values.
Parse when the target sends a login reply back to us and update these variables
if the target asks us to.
This allows us to detect when our defaults are too big for the target
and adjust the settings we use so we match the target.
Some targets have a very small accepted default for some settings.
During login, we will initially send these keys with our dafult values.
These targets will then respond back by refusing to transition to the next
login phase, and by telling us back what the maximum of these values should be.
In this case we have to try the login again but use the smaller values we got
from the target.
Othervise, if we try again, ignoring the value from the target, and just repeat
using our defaults the target will abort the login with a "initiator error".
Add unidirectional chap support so we can authenticate to the target.
Make the login phase more "intelligent" so we can iterate over login
pdus until we have reached full feature phase
Add a new helper functions to parse a iscsi url and break it down
into elements in a structure
Update iscsi-inq to allow CHAP authentication
We pass header and data separately now so no need to check id size
is less than header size.
Add error reporting of login type and error string describing
the error when login status has failed.
Input processing used to keep all data in one single input buffer, which
makes it hard to handle nested events as well as reading directly from the
socket into the application buffer without an extra copy.
Create a new iscsi_in_pdu structure where we store the header, and any data
for the recevied pdu and store them in a proper input queue.
Change the signature for all processing functions to tahe a iscsi_in_pdu
structure for the received pdu instead of just a pointer to a buffer.
