[iSCSI] Offer CHAP authentication only if we have a username and password

Some EMC targets will fail if we advertise that we can authenticate with CHAP, but the target is configured to allow unauthenticated access to that target. We advertise AuthMethod=CHAP,None; the target should (I think) select AuthMethod=None for unprotected targets. IETD does this, but an EMC Celerra NS83 doesn't. Fix by offering only AuthMethod=None if the user hasn't supplied a username and password; this means that we won't be offering CHAP authentication unless the user is expecting to use it (in which case the target is presumably configured appropriately). Many thanks to Alessandro Iurlano <alessandro.iurlano@gmail.com> for reporting and helping to diagnose this problem.
2025-02-13 17:18:12 +00:00 · 2008-04-24 13:48:29 +01:00 · 2008-04-24 13:48:29 +01:00 · 00ed567069
commit 00ed567069
parent eec9814a0e
1 changed files with 5 additions and 4 deletions
--- a/src/net/tcp/iscsi.c
+++ b/src/net/tcp/iscsi.c
@ -456,17 +456,18 @@ static int iscsi_build_login_request_strings ( struct iscsi_session *iscsi,
 				    "InitiatorName=%s%c"
 				    "TargetName=%s%c"
 				    "SessionType=Normal%c"
-				    "AuthMethod=CHAP,None%c",
+				    "AuthMethod=%sNone%c",
 				    iscsi_initiator_iqn(), 0,
-				    iscsi->target_iqn, 0, 0, 0 );
+				    iscsi->target_iqn, 0, 0,
+				    ( ( iscsi->username && iscsi->password ) ?
+				      "CHAP," : "" ), 0 );
 	}

 	if ( iscsi->status & ISCSI_STATUS_STRINGS_CHAP_ALGORITHM ) {
 		used += ssnprintf ( data + used, len - used, "CHAP_A=5%c", 0 );
 	}
 	
-	if ( ( iscsi->status & ISCSI_STATUS_STRINGS_CHAP_RESPONSE ) &&
-	     iscsi->username ) {
+	if ( ( iscsi->status & ISCSI_STATUS_STRINGS_CHAP_RESPONSE ) ) {
 		used += ssnprintf ( data + used, len - used,
 				    "CHAP_N=%s%cCHAP_R=0x",
 				    iscsi->username, 0 );