diff options
| author | trasz <trasz@FreeBSD.org> | 2014-11-09 13:30:02 +0000 |
|---|---|---|
| committer | trasz <trasz@FreeBSD.org> | 2014-11-09 13:30:02 +0000 |
| commit | add2b53fb7022cb659fda66a9eb2ca35dcb9724c (patch) | |
| tree | 4b0d853506d1a2ab7528bd763cad689831bf8fcc /usr.sbin/ctld/login.c | |
| parent | 4eec651ec388a7406d989f93aef0d62f748080fc (diff) | |
| download | FreeBSD-src-add2b53fb7022cb659fda66a9eb2ca35dcb9724c.zip FreeBSD-src-add2b53fb7022cb659fda66a9eb2ca35dcb9724c.tar.gz | |
Fix several nits in redirection handling - don't use wrong CSG,
and avoid use-after-free.
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Diffstat (limited to 'usr.sbin/ctld/login.c')
| -rw-r--r-- | usr.sbin/ctld/login.c | 41 |
1 files changed, 14 insertions, 27 deletions
diff --git a/usr.sbin/ctld/login.c b/usr.sbin/ctld/login.c index edba16b..fc41f51 100644 --- a/usr.sbin/ctld/login.c +++ b/usr.sbin/ctld/login.c @@ -620,11 +620,10 @@ login_redirect(struct pdu *request, const char *target_address) struct keys *response_keys; response = login_new_response(request); + login_set_csg(response, login_csg(request)); bhslr2 = (struct iscsi_bhs_login_response *)response->pdu_bhs; bhslr2->bhslr_status_class = 0x01; bhslr2->bhslr_status_detail = 0x01; - login_set_csg(response, BHSLR_STAGE_OPERATIONAL_NEGOTIATION); - login_set_nsg(response, BHSLR_STAGE_OPERATIONAL_NEGOTIATION); response_keys = keys_new(); keys_add(response_keys, "TargetAddress", target_address); @@ -679,7 +678,7 @@ login_negotiate(struct connection *conn, struct pdu *request) struct iscsi_bhs_login_response *bhslr2; struct keys *request_keys, *response_keys; int i; - bool skipped_security; + bool redirected, skipped_security; if (request == NULL) { log_debugx("beginning operational parameter negotiation; " @@ -689,6 +688,18 @@ login_negotiate(struct connection *conn, struct pdu *request) } else skipped_security = true; + /* + * RFC 3720, 10.13.5. Status-Class and Status-Detail, says + * the redirection SHOULD be accepted by the initiator before + * authentication, but MUST be be accepted afterwards; that's + * why we're doing it here and not earlier. + */ + redirected = login_target_redirect(conn, request); + if (redirected) { + log_debugx("initiator redirected; exiting"); + exit(0); + } + request_keys = keys_new(); keys_load(request_keys, request); @@ -876,12 +887,6 @@ login(struct connection *conn) keys_delete(request_keys); - redirected = login_target_redirect(conn, request); - if (redirected) { - log_debugx("initiator redirected; exiting"); - exit(0); - } - log_debugx("initiator skipped the authentication, " "and we don't need it; proceeding with negotiation"); login_negotiate(conn, request); @@ -893,12 +898,6 @@ login(struct connection *conn) * Initiator might want to to authenticate, * but we don't need it. */ - redirected = login_target_redirect(conn, request); - if (redirected) { - log_debugx("initiator redirected; exiting"); - exit(0); - } - log_debugx("authentication not required; " "transitioning to operational parameter negotiation"); @@ -987,17 +986,5 @@ login(struct connection *conn) login_chap(conn, ag); - /* - * RFC 3720, 10.13.5. Status-Class and Status-Detail, says - * the redirection SHOULD be accepted by the initiator before - * authentication, but MUST be be accepted afterwards; that's - * why we're doing it here and not earlier. - */ - redirected = login_target_redirect(conn, request); - if (redirected) { - log_debugx("initiator redirected; exiting"); - exit(0); - } - login_negotiate(conn, NULL); } |
