From f3a497cbc55ec77ae6053346f3d4deb4f4d4f234 Mon Sep 17 00:00:00 2001 From: Hannes Reinecke Date: Mon, 5 Oct 2009 09:08:36 +0200 Subject: [PATCH] Allow empty username for CHAP in discovery For discovery we also might need to set empty usernames; not all iSCSI target implementations allow to set a username for CHAP (also called 'one-way CHAP' there). Signed-off-by: Hannes Reinecke diff --git a/usr/discovery.c b/usr/discovery.c index dab6249..6415113 100644 --- a/usr/discovery.c +++ b/usr/discovery.c @@ -615,8 +615,7 @@ setup_authentication(iscsi_session_t *session, session->bidirectional_auth = 1; /* sanity check the config */ - if ((config->auth.username[0] == '\0') - || (config->auth.password_length == 0)) { + if (config->auth.password_length == 0) { log_error( "discovery process to %s:%d has incoming " "authentication credentials but has no outgoing " @@ -635,9 +634,12 @@ setup_authentication(iscsi_session_t *session, } /* copy in whatever credentials we have */ - strlcpy(session->username, config->auth.username, - sizeof (session->username)); - session->username[sizeof (session->username) - 1] = '\0'; + if (config->auth.username && strlen(config->auth.username)) { + strlcpy(session->username, config->auth.username, + sizeof (session->username)); + session->username[sizeof (session->username) - 1] = '\0'; + } else + session->username[0] = '\0'; if ((session->password_length = config->auth.password_length)) memcpy(session->password, config->auth.password, session->password_length); commit 0dbedccecc66e83af1750c4413d9eacf0fac88bc Author: Hannes Reinecke Date: Tue Sep 29 15:40:09 2009 +0200 Allow empty username for CHAP Some iSCSI implementations (eg HP) is using an empty username for CHAP negotiations. So we should be allowing the same. Signed-off-by: Hannes Reinecke diff --git a/usr/auth.c b/usr/auth.c index 4b9afb5..cc232a0 100644 --- a/usr/auth.c +++ b/usr/auth.c @@ -1892,8 +1892,10 @@ acl_set_user_name(struct iscsi_acl *client, const char *username) return AUTH_STATUS_ERROR; } - if (strlcpy(client->username, username, AUTH_STR_MAX_LEN) >= - AUTH_STR_MAX_LEN) { + if (!username) + client->username[0] = '\0'; + else if (strlcpy(client->username, username, AUTH_STR_MAX_LEN) >= + AUTH_STR_MAX_LEN) { client->phase = AUTH_PHASE_ERROR; return AUTH_STATUS_ERROR; } diff --git a/usr/initiator.c b/usr/initiator.c index f05b87c..43f454a 100644 --- a/usr/initiator.c +++ b/usr/initiator.c @@ -250,8 +250,7 @@ __setup_authentication(iscsi_session_t *session, if (auth_cfg->username_in[0] || auth_cfg->password_in_length) { /* sanity check the config */ - if ((auth_cfg->username[0] == '\0') - || (auth_cfg->password_length == 0)) { + if (auth_cfg->password_length == 0) { log_debug(1, "node record has incoming " "authentication credentials but has no outgoing "