summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNicholas Bellinger <nab@linux-iscsi.org>2014-05-28 23:07:40 +0400
committerNicholas Bellinger <nab@linux-iscsi.org>2014-06-04 06:18:43 +0400
commit91f0abfda1709131edbd62ad3515da2b8e6c0261 (patch)
treeb3d63f7b7841ad446dd18bf1c0f51a67d3b4be82
parent51a07f84649d2be206c4c2ad9a612956db0c2f8c (diff)
downloadlinux-91f0abfda1709131edbd62ad3515da2b8e6c0261.tar.xz
iscsi-target: Reject zero-length payloads during SecurityNegotiation
This patch changes iscsi_target_handle_csg_zero() to explicitly reject login requests in SecurityNegotiation with a zero-length payload, following the language in RFC-3720 Section 8.2: Whenever an iSCSI target gets a response whose keys, or their values, are not according to the step definition, it MUST answer with a Login reject with the "Initiator Error" or "Missing Parameter" status. Previously when a zero-length login request in CSG=0 was received, the target would send a login response with CSG=0 + T_BIT=0 asking the initiator to complete authentication, and not fail the login until MAX_LOGIN_PDUS was reached. This change will now immediately fail the login attempt with ISCSI_STATUS_CLS_INITIATOR_ERR status. Reported-by: Tejas Vaykole <tejas.vaykole@calsoftinc.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
-rw-r--r--drivers/target/iscsi/iscsi_target_nego.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/drivers/target/iscsi/iscsi_target_nego.c b/drivers/target/iscsi/iscsi_target_nego.c
index 75b685960e80..fcffd0412d83 100644
--- a/drivers/target/iscsi/iscsi_target_nego.c
+++ b/drivers/target/iscsi/iscsi_target_nego.c
@@ -773,6 +773,12 @@ static int iscsi_target_handle_csg_zero(
}
goto do_auth;
+ } else if (!payload_length) {
+ pr_err("Initiator sent zero length security payload,"
+ " login failed\n");
+ iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR,
+ ISCSI_LOGIN_STATUS_AUTH_FAILED);
+ return -1;
}
if (login->first_request)