d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix several nits in redirection handling - don't use wrong CSG,

Browse Source 
and avoid use-after-free.

MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
This commit is contained in:
Edward Tomasz Napierala 2014-11-09 13:30:02 +00:00
parent 6dbdbf825d
commit 7889a0832f
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=274309
1 changed files with 14 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
usr.sbin/ctld/login.c
View File

@ -620,11 +620,10 @@ login_redirect(struct pdu *request, const char *target_address)
struct keys *response_keys;
response = login_new_response(request);
login_set_csg(response, login_csg(request));
bhslr2 = (struct iscsi_bhs_login_response *)response->pdu_bhs;
bhslr2->bhslr_status_class = 0x01;
bhslr2->bhslr_status_detail = 0x01;
login_set_csg(response, BHSLR_STAGE_OPERATIONAL_NEGOTIATION);
login_set_nsg(response, BHSLR_STAGE_OPERATIONAL_NEGOTIATION);
response_keys = keys_new();
keys_add(response_keys, "TargetAddress", target_address);
@ -679,7 +678,7 @@ login_negotiate(struct connection *conn, struct pdu *request)
struct iscsi_bhs_login_response *bhslr2;
struct keys *request_keys, *response_keys;
int i;
bool skipped_security;
bool redirected, skipped_security;
if (request == NULL) {
log_debugx("beginning operational parameter negotiation; "
@ -689,6 +688,18 @@ login_negotiate(struct connection *conn, struct pdu *request)
} else
skipped_security = true;
/*
* RFC 3720, 10.13.5. Status-Class and Status-Detail, says
* the redirection SHOULD be accepted by the initiator before
* authentication, but MUST be be accepted afterwards; that's
* why we're doing it here and not earlier.
*/
redirected = login_target_redirect(conn, request);
if (redirected) {
log_debugx("initiator redirected; exiting");
exit(0);
}
request_keys = keys_new();
keys_load(request_keys, request);
@ -876,12 +887,6 @@ login(struct connection *conn)
keys_delete(request_keys);
redirected = login_target_redirect(conn, request);
if (redirected) {
log_debugx("initiator redirected; exiting");
exit(0);
}
log_debugx("initiator skipped the authentication, "
"and we don't need it; proceeding with negotiation");
login_negotiate(conn, request);
@ -893,12 +898,6 @@ login(struct connection *conn)
* Initiator might want to to authenticate,
* but we don't need it.
*/
redirected = login_target_redirect(conn, request);
if (redirected) {
log_debugx("initiator redirected; exiting");
exit(0);
}
log_debugx("authentication not required; "
"transitioning to operational parameter negotiation");
@ -987,17 +986,5 @@ login(struct connection *conn)
login_chap(conn, ag);
/*
* RFC 3720, 10.13.5. Status-Class and Status-Detail, says
* the redirection SHOULD be accepted by the initiator before
* authentication, but MUST be be accepted afterwards; that's
* why we're doing it here and not earlier.
*/
redirected = login_target_redirect(conn, request);
if (redirected) {
log_debugx("initiator redirected; exiting");
exit(0);
}
login_negotiate(conn, NULL);
}