[stgt] CHAP doesn't work as expected ?! Or user error :) ?
FUJITA Tomonori
fujita.tomonori at lab.ntt.co.jp
Fri Feb 19 03:36:11 CET 2010
On Wed, 17 Feb 2010 14:13:41 +0900
FUJITA Tomonori <fujita.tomonori at lab.ntt.co.jp> wrote:
> Seems that stgt at vger.kernel.org dropped this mail due to attachment.
>
> On Tue, 16 Feb 2010 10:47:11 -0800
> Chandra Seetharaman <sekharan at us.ibm.com> wrote:
>
> > On Tue, 2010-02-16 at 10:38 +0900, FUJITA Tomonori wrote:
> > > Hey,
> > >
> > > On Mon, 15 Feb 2010 11:46:51 -0800
> > > Chandra Seetharaman <sekharan at us.ibm.com> wrote:
> > >
> > > > I just started testing some of the features of stgt.
> > > >
> > > > While trying stgt, realized that stgt provides the option of "CHAP" or
> > > > "None" to the initiator. open-iscsi SW initiator chooses the lower
> > > > "None", thereby it ends up not using the CHAP that I specified for the
> > > > target in stgt.
> > > >
> > > > How do I tell stgt to _not_ provide "None" as an option ? IOW, makes
> > > > sure CHAP _is_ used by the initiator ?
> > >
> > > Are you taking about a discovery or normal session?
> >
> > Discovery session.
>
> Ah, stgt doesn't support Discovery session authentication (like IET).
>
> Do you need this feature? If so, I can implement it (some time this
> month probably).
Ok, here's a patch. It's hacky a bit though.
root at rose:~/git/tgt# ./usr/tgtadm --op show --mode sys
System:
State: ready
iSNS:
iSNS=Off
iSNSServerIP=
iSNSServerPort=3205
iSNSAccessControl=Off
root at rose:~/git/tgt# ./usr/tgtadm --op new --mode account --user fujita --password tomo
root at rose:~/git/tgt# ./usr/tgtadm --op bind --mode account --user fujita
root at rose:~/git/tgt# ./usr/tgtadm --op show --mode sys
System:
State: ready
Account information:
fujita
iSNS:
iSNS=Off
iSNSServerIP=
iSNSServerPort=3205
iSNSAccessControl=Off
=
From: FUJITA Tomonori <fujita.tomonori at lab.ntt.co.jp>
Subject: [PATCH] add discovery authentication support
Signed-off-by: FUJITA Tomonori <fujita.tomonori at lab.ntt.co.jp>
---
usr/iscsi/iscsid.c | 4 ++++
usr/target.c | 44 +++++++++++++++++++++++++++++++++++++++++---
usr/tgtadm.c | 12 ++++--------
usr/tgtadm.h | 2 ++
4 files changed, 51 insertions(+), 11 deletions(-)
diff --git a/usr/iscsi/iscsid.c b/usr/iscsi/iscsid.c
index 2adc6a8..2ceb8be 100644
--- a/usr/iscsi/iscsid.c
+++ b/usr/iscsi/iscsid.c
@@ -38,6 +38,7 @@
#include "util.h"
#include "driver.h"
#include "scsi.h"
+#include "tgtadm.h"
#include "crc32c.h"
#define MAX_QUEUE_CMD 128
@@ -467,6 +468,9 @@ static void login_start(struct iscsi_connection *conn)
}
}
+ if (conn->session_type == SESSION_DISCOVERY)
+ conn->tid = GLOBAL_TID;
+
if (conn->session_type == SESSION_NORMAL) {
if (!target_name) {
rsp->status_class = ISCSI_STATUS_CLS_INITIATOR_ERR;
diff --git a/usr/target.c b/usr/target.c
index c848757..60e3179 100644
--- a/usr/target.c
+++ b/usr/target.c
@@ -42,6 +42,8 @@
static LIST_HEAD(device_type_list);
+static struct target global_target;
+
int device_type_register(struct device_type_template *t)
{
list_add_tail(&t->device_type_siblings, &device_type_list);
@@ -1165,7 +1167,10 @@ int account_lookup(int tid, int type, char *user, int ulen, char *password, int
struct target *target;
struct account_entry *ac;
- target = target_lookup(tid);
+ if (tid == GLOBAL_TID)
+ target = &global_target;
+ else
+ target = target_lookup(tid);
if (!target)
return -ENOENT;
@@ -1272,7 +1277,10 @@ int account_ctl(int tid, int type, char *user, int bind)
struct account_entry *ac;
int i, err = 0;
- target = target_lookup(tid);
+ if (tid == GLOBAL_TID)
+ target = &global_target;
+ else
+ target = target_lookup(tid);
if (!target)
return TGTADM_NO_TARGET;
@@ -1323,6 +1331,9 @@ void account_del(char *user)
account_ctl(target->tid, ACCOUNT_TYPE_OUTGOING, ac->user, 0);
}
+ account_ctl(GLOBAL_TID, ACCOUNT_TYPE_INCOMING, ac->user, 0);
+ account_ctl(GLOBAL_TID, ACCOUNT_TYPE_OUTGOING, ac->user, 0);
+
list_del(&ac->account_siblings);
free(ac->user);
free(ac->password);
@@ -1333,7 +1344,10 @@ int account_available(int tid, int dir)
{
struct target *target;
- target = target_lookup(tid);
+ if (tid == GLOBAL_TID)
+ target = &global_target;
+ else
+ target = target_lookup(tid);
if (!target)
return 0;
@@ -1869,6 +1883,17 @@ int system_show(int mode, char *buf, int rest)
shprintf(total, buf, rest, _TAB1 "State: %s\n",
system_state_name(sys_state));
+ if (global_target.account.nr_inaccount) {
+ int i, aid;
+ shprintf(total, buf, rest,
+ "Account information:\n");
+ for (i = 0; i < global_target.account.nr_inaccount; i++) {
+ aid = global_target.account.in_aids[i];
+ shprintf(total, buf, rest, _TAB1 "%s\n",
+ __account_lookup_id(aid)->user);
+ }
+ }
+
return total;
overflow:
return max;
@@ -1883,3 +1908,16 @@ int is_system_inactive(void)
{
return list_empty(&target_list);
}
+
+__attribute__((constructor)) static void target_constructor(void)
+{
+ static int global_target_aids[DEFAULT_NR_ACCOUNT];
+
+ memset(global_target_aids, 0, sizeof(global_target_aids));
+ global_target.account.in_aids = global_target_aids;
+ global_target.account.max_inaccount = DEFAULT_NR_ACCOUNT;
+
+ global_target.tid = GLOBAL_TID;
+
+ INIT_LIST_HEAD(&global_target.acl_list);
+}
diff --git a/usr/tgtadm.c b/usr/tgtadm.c
index dd46985..5d85c5f 100644
--- a/usr/tgtadm.c
+++ b/usr/tgtadm.c
@@ -647,10 +647,8 @@ int main(int argc, char **argv)
eprintf("'user' option is necessary\n");
exit(EINVAL);
}
- if (tid <= 0) {
- eprintf("'tid' option is necessary\n");
- exit(EINVAL);
- }
+ if (tid == -1)
+ tid = GLOBAL_TID;
break;
case OP_UNBIND:
rc = verify_mode_params(argc, argv, "Lmou");
@@ -663,10 +661,8 @@ int main(int argc, char **argv)
eprintf("'user' option is necessary\n");
exit(EINVAL);
}
- if (tid <= 0) {
- eprintf("'tid' option is necessary\n");
- exit(EINVAL);
- }
+ if (tid == -1)
+ tid = GLOBAL_TID;
break;
default:
eprintf("option %d not supported in account mode\n", op);
diff --git a/usr/tgtadm.h b/usr/tgtadm.h
index 60b984d..8e04a3c 100644
--- a/usr/tgtadm.h
+++ b/usr/tgtadm.h
@@ -4,6 +4,8 @@
#define TGT_IPC_NAMESPACE "/tmp/.TGT_IPC_ABSTRACT_NAMESPACE"
#define TGT_LLD_NAME_LEN 64
+#define GLOBAL_TID (~0U)
+
#include "tgtadm_error.h"
enum tgtadm_op {
--
1.6.5
--
To unsubscribe from this list: send the line "unsubscribe stgt" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the stgt
mailing list