diff options
author | Nicholas Bellinger <nab@linux-iscsi.org> | 2014-05-28 15:07:40 -0400 |
---|---|---|
committer | Nicholas Bellinger <nab@linux-iscsi.org> | 2014-06-03 22:18:43 -0400 |
commit | 91f0abfda1709131edbd62ad3515da2b8e6c0261 (patch) | |
tree | b3d63f7b7841ad446dd18bf1c0f51a67d3b4be82 /drivers/target | |
parent | 51a07f84649d2be206c4c2ad9a612956db0c2f8c (diff) |
iscsi-target: Reject zero-length payloads during SecurityNegotiation
This patch changes iscsi_target_handle_csg_zero() to explicitly
reject login requests in SecurityNegotiation with a zero-length
payload, following the language in RFC-3720 Section 8.2:
Whenever an iSCSI target gets a response whose keys, or their
values, are not according to the step definition, it MUST answer
with a Login reject with the "Initiator Error" or "Missing Parameter"
status.
Previously when a zero-length login request in CSG=0 was received,
the target would send a login response with CSG=0 + T_BIT=0 asking
the initiator to complete authentication, and not fail the login
until MAX_LOGIN_PDUS was reached. This change will now immediately
fail the login attempt with ISCSI_STATUS_CLS_INITIATOR_ERR status.
Reported-by: Tejas Vaykole <tejas.vaykole@calsoftinc.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Diffstat (limited to 'drivers/target')
-rw-r--r-- | drivers/target/iscsi/iscsi_target_nego.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/drivers/target/iscsi/iscsi_target_nego.c b/drivers/target/iscsi/iscsi_target_nego.c index 75b685960e80..fcffd0412d83 100644 --- a/drivers/target/iscsi/iscsi_target_nego.c +++ b/drivers/target/iscsi/iscsi_target_nego.c | |||
@@ -773,6 +773,12 @@ static int iscsi_target_handle_csg_zero( | |||
773 | } | 773 | } |
774 | 774 | ||
775 | goto do_auth; | 775 | goto do_auth; |
776 | } else if (!payload_length) { | ||
777 | pr_err("Initiator sent zero length security payload," | ||
778 | " login failed\n"); | ||
779 | iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_INITIATOR_ERR, | ||
780 | ISCSI_LOGIN_STATUS_AUTH_FAILED); | ||
781 | return -1; | ||
776 | } | 782 | } |
777 | 783 | ||
778 | if (login->first_request) | 784 | if (login->first_request) |