Bug 193021 - usr.sbin/ctld/login.c do not reply TargetPortalGroupTag in Login response
Summary: usr.sbin/ctld/login.c do not reply TargetPortalGroupTag in Login response
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 10.0-RELEASE
Hardware: amd64 Any
: --- Affects Many People
Assignee: Edward Tomasz Napierala
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-26 16:47 UTC by Chen Wen
Modified: 2014-09-17 07:41 UTC (History)
2 users (show)

See Also:


Attachments
Proposed fix. (1.94 KB, patch)
2014-09-09 15:59 UTC, Edward Tomasz Napierala
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Chen Wen 2014-08-26 16:47:01 UTC
Hi

I am a mac user, when I try to use xtendsan iSCSI initiator to connect native iSCSI target, I found that the login response pdu do not have TargetPortalGroupTag key-pair.

xtendsan told me TargetPortalGroupTag is missing and disconnected.

I try to do a workaround to it and it works.

Add some codes in usr.sbin/ctld/login.c:login_negotiate()

login_negotiate(struct connection *conn, struct pdu *request)
{
        struct pdu *response;
        struct iscsi_bhs_login_response *bhslr2;
        struct keys *request_keys, *response_keys;
        int i;
        bool skipped_security;
        char *portal_group_tag;
        int rv;

        if (request == NULL) {
                log_debugx("beginning parameter negotiation; "
                    "waiting for Login PDU");
                request = login_receive(conn, false);
                skipped_security = false;
        } else
                skipped_security = true;

        request_keys = keys_new();
        keys_load(request_keys, request);

        response = login_new_response(request);
        bhslr2 = (struct iscsi_bhs_login_response *)response->pdu_bhs;
        bhslr2->bhslr_flags |= BHSLR_FLAGS_TRANSIT;
        bhslr2->bhslr_tsih = htons(0xbadd);
        login_set_csg(response, BHSLR_STAGE_OPERATIONAL_NEGOTIATION);
        login_set_nsg(response, BHSLR_STAGE_FULL_FEATURE_PHASE);
        response_keys = keys_new();
        if (conn->conn_session_type == CONN_SESSION_TYPE_NORMAL) {
                if (conn->conn_target->t_alias != NULL)
                        keys_add(response_keys,
                            "TargetAlias", conn->conn_target->t_alias);
                rv = asprintf(&portal_group_tag, "%d",
                    conn->conn_portal->p_portal_group->pg_tag);
                if (rv <= 0)
                        log_err(1, "asprintf");
                keys_add(response_keys,
                    "TargetPortalGroupTag", portal_group_tag);
                free(portal_group_tag);
        }   
    for (i = 0; i < KEYS_MAX; i++) {
                if (request_keys->keys_names[i] == NULL)
                        break;

                login_negotiate_key(request, request_keys->keys_names[i],
                    request_keys->keys_values[i], skipped_security,
                    response_keys);
        }

I don’t read whole iSCSI RFC, is this right to add missing TargetPortalGroupTag?
Maybe you have better solution to fix this, please help me and thanks.
Comment 1 Edward Tomasz Napierala freebsd_committer 2014-09-09 14:54:36 UTC
Could you run ctld with debug, preferably like this:

pkill ctld
while :; do ctld -d; done

Then try to connect, and paste the output?  There is something really weird going on during negotiation; the change in your patch shouldn't be needed.
Comment 2 Chen Wen 2014-09-09 15:35:20 UTC
[chenpc@pcbsd /usr/src/usr.sbin/ctld]$ sudo ctld -d
ctld: obtaining previously configured CTL luns from the kernel
ctld: CTL port 0 wasn't managed by ctld; ignoring
ctld: CTL port 1 wasn't managed by ctld; ignoring
ctld: CTL port 2 wasn't managed by ctld; ignoring
ctld: CTL port 3 wasn't managed by ctld; ignoring
ctld: CTL port 4 is not active (0); ignoring
ctld: CTL port 5 is not active (0); ignoring
ctld: CTL port 6 is not active (0); ignoring
ctld: found CTL lun 0, backing lun 0, target iqn.2012-06.com.qnap:macdata
ctld: found CTL lun 1, backing lun 0, target iqn.2012-06.com.qnap:osx
ctld: found CTL lun 2, backing lun 0, target iqn.2012-06.com.qnap:windows7
ctld: obtaining configuration from /etc/ctl.conf
ctld: /etc/ctl.conf is world-readable
ctld: auth-group "default" not defined; going with defaults
ctld: portal-group "default" not defined; going with defaults
ctld: opening pidfile /var/run/ctld.pid
ctld: resizing lun 0, target iqn.2012-06.com.qnap:macdata, CTL lun 0
ctld: resizing lun 0, target iqn.2012-06.com.qnap:osx, CTL lun 1
ctld: resizing lun 0, target iqn.2012-06.com.qnap:windows7, CTL lun 2
ctld: not listening on portal-group "default", not assigned to any target
ctld: listening on 0.0.0.0, portal-group "pg0"
ctld: incoming connection; not forking due to -d flag
ctld: accepted connection from 192.168.1.114; portal group "pg0"
ctld: 192.168.1.114: setting session timeout to 60 seconds
ctld: 192.168.1.114: Capsicum capability mode enabled
ctld: 192.168.1.114: beginning Login Phase; waiting for Login PDU
ctld: 192.168.1.114: key received: "SessionType=Normal"
ctld: 192.168.1.114: key received: "InitiatorName=iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4"
ctld: 192.168.1.114: key received: "TargetName=iqn.2012-06.com.qnap:osx"
ctld: 192.168.1.114: key received: "InitiatorAlias=Chens-Mac-Pro.local"
ctld: 192.168.1.114: key received: "MaxConnections=1"
ctld: 192.168.1.114: key received: "InitialR2T=No"
ctld: 192.168.1.114: key received: "ImmediateData=Yes"
ctld: 192.168.1.114: key received: "MaxBurstLength=1048576"
ctld: 192.168.1.114: key received: "FirstBurstLength=1048576"
ctld: 192.168.1.114: key received: "DefaultTime2Wait=2"
ctld: 192.168.1.114: key received: "DefaultTime2Retain=20"
ctld: 192.168.1.114: key received: "MaxOutstandingR2T=1"
ctld: 192.168.1.114: key received: "DataPDUInOrder=Yes"
ctld: 192.168.1.114: key received: "DataSequenceInOrder=Yes"
ctld: 192.168.1.114: key received: "ErrorRecoveryLevel=0"
ctld: 192.168.1.114: key received: "MaxRecvDataSegmentLength=1048576"
ctld: 192.168.1.114: key received: "HeaderDigest=None"
ctld: 192.168.1.114: key received: "DataDigest=None"
ctld: 192.168.1.114: key received: "OFMarker=No"
ctld: 192.168.1.114: key received: "IFMarker=No"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): initiator requests to connect to target "iqn.2012-06.com.qnap:osx"; auth-group "no-authentication"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): auth-group does not define initiator name restrictions
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): auth-group does not define initiator portal restrictions
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): initiator skipped the authentication, and we don't need it; proceeding with negotiation
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "SessionType=Normal"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "InitiatorName=iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "TargetName=iqn.2012-06.com.qnap:osx"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "InitiatorAlias=Chens-Mac-Pro.local"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "MaxConnections=1"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "InitialR2T=No"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "ImmediateData=Yes"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "MaxBurstLength=1048576"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "FirstBurstLength=1048576"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "DefaultTime2Wait=2"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "DefaultTime2Retain=20"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "MaxOutstandingR2T=1"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "DataPDUInOrder=Yes"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "DataSequenceInOrder=Yes"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "ErrorRecoveryLevel=0"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "MaxRecvDataSegmentLength=1048576"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "HeaderDigest=None"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "DataDigest=None"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "OFMarker=No"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key received: "IFMarker=No"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "MaxConnections=1"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "InitialR2T=Yes"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "ImmediateData=Yes"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "MaxBurstLength=1048576"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): capping FirstBurstLength from 1048576 to 131072
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "FirstBurstLength=131072"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "DefaultTime2Wait=2"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "DefaultTime2Retain=0"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "MaxOutstandingR2T=1"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "DataPDUInOrder=Yes"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "DataSequenceInOrder=Yes"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "ErrorRecoveryLevel=0"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): capping MaxDataSegmentLength from 1048576 to 131072
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "MaxRecvDataSegmentLength=131072"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): initiator prefers not to do header digest; we'll comply
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "HeaderDigest=None"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): initiator prefers not to do data digest; we'll comply
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "DataDigest=None"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "OFMarker=No"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): key to send: "IFMarker=No"
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): operational parameter negotiation done; transitioning to Full Feature Phase
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): connection handed off to the kernel
ctld: 192.168.1.114 (iqn.1995-12.com.attotech:xtendsan:ser.g8809lqk5j4): nothing more to do; exiting
Comment 3 Edward Tomasz Napierala freebsd_committer 2014-09-09 15:59:27 UTC
Created attachment 147129 [details]
Proposed fix.
Comment 4 Edward Tomasz Napierala freebsd_committer 2014-09-09 16:01:15 UTC
Ah, now I see it.  You actually tracked it down correctly, except that your change made ctld send those twice in some cases.  Could you verify if the attached patch fixes the problem?  Thanks!
Comment 5 Chen Wen 2014-09-09 16:11:23 UTC
(In reply to Edward Tomasz Napierala from comment #4)
> Ah, now I see it.  You actually tracked it down correctly, except that your
> change made ctld send those twice in some cases.  Could you verify if the
> attached patch fixes the problem?  Thanks!

This patch works on my atto initiator!

Thanks you!
Comment 6 commit-hook freebsd_committer 2014-09-09 16:45:58 UTC
A commit references this bug:

Author: trasz
Date: Tue Sep  9 16:45:37 UTC 2014
New revision: 271319
URL: http://svnweb.freebsd.org/changeset/base/271319

Log:
  Fix ctld(8) to not forget to send TargetPortalGroupTag and TargetAlias
  when the initiator skips security negotiation.  This fixes interoperability
  with Xtend SAN initiator.

  PR:		193021
  MFC after:	1 week
  Sponsored by:	The FreeBSD Foundation

Changes:
  head/usr.sbin/ctld/login.c
Comment 7 commit-hook freebsd_committer 2014-09-17 07:06:16 UTC
A commit references this bug:

Author: trasz
Date: Wed Sep 17 07:06:03 UTC 2014
New revision: 271701
URL: http://svnweb.freebsd.org/changeset/base/271701

Log:
  MFC r271319:

  Fix ctld(8) to not forget to send TargetPortalGroupTag and TargetAlias
  when the initiator skips security negotiation.  This fixes interoperability
  with Xtend SAN initiator.

  PR:		193021
  Approved by:	re (marius)
  Sponsored by:	The FreeBSD Foundation

Changes:
_U  stable/10/
  stable/10/usr.sbin/ctld/login.c