ctld: normalize iSCSI TargetName on login
ClosedPublic
Actions

Authored by js on Fri, Apr 17, 2:04 PM.

Details

Reviewers

jhb
asomers

Commits

rG0baae6223a63: ctld: normalize iSCSI TargetName on login
rGeb837cb8b207: ctld: normalize iSCSI TargetName on login

Summary

Case-insensitive TargetName matching on logins was accidentally removed, let's fix that by normalizing TargetName again according to RFC 3722.

PR: 294522
Fixes: 4b1aac931465f39c5c26bfa1d5539a428d340f20
Sponsored by: ConnectWise
MFC after: 1 week

Test Plan

Tested by using the following ctl.conf:

portal-group pg0 {
  listen 127.0.0.1
  discovery-auth-group no-authentication
}
auth-group ag0 {
  auth-type none
}
target iqn.2018-10.myhost-test {
  auth-group ag0
  portal-group pg0
}

and connecting to the share using iscsictl -A -t iqn.2018-10.MyHoSt-TeSt -p localhost -e on (and other variations).

Also ran ctladm test suite, all tests passed.

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

js created this revision.Fri, Apr 17, 2:04 PM

Herald added a subscriber: imp. · View Herald TranscriptFri, Apr 17, 2:04 PM

js requested review of this revision.Fri, Apr 17, 2:04 PM

This looks good to me. But one question: do we need to do the same for NVMEoF?

I don't know if there is a normalization requirement for nqn. I'll see if I can find something while I wait on review from jhb.

For NVMe, we probably should not case-fold when processing a CONNECT command. Possibly I should remove it add_controller() as well. This is the language from the NVMe spec (version 2.0c, section 4.5):

NVMe hosts, controllers and NVM subsystems compare (e.g., for equality) NVMe Qualified Names used
by NVMe as binary strings without any text processing or text comparison logic that is specific to the
Unicode character set or locale (e.g., case folding or conversion to lower case, Unicode normalization). Any
such text processing:
a) may occur as part of entry of NVMe Qualified Names into NVMe hosts and NVM subsystems; and
b) should not occur as part of receiving NVMe Qualified Names via an NVMe connection, as shown
in Figure 137.
Upon entry (e.g., at point 1 in Figure 137, described as “input” in RFC4122), NVMe host software may
process an NVMe Qualified Name (e.g., for conversion to lower case based on the Unicode locale). Upon
entry (e.g., at point 3 in Figure 137, described as “input” in RFC4122), a controller may process an NVMe
Qualified Name (e.g., for conversion to lower case based on the Unicode locale). Upon receipt by the host
(e.g., at point 2 in Figure 137) of an NVMe Qualified Name from the controller, no text process (e.g., no
case folding) should occur. Upon receipt by the controller (e.g., at point 4 in Figure 137) of an NVMe
Qualified Name from the host, no text processing (e.g., no case folding) should occur.

Technically the add_controller() case is a), but processing the CONNECT would be b). However, for add_controller the current loop is not locale-aware and tolower() assumes ASCII, not UTF-8. So probably I should just remove it add_controller().

usr.sbin/ctld/login.cc
970	I wonder if we should add a helper function (maybe even in libutil++.hh) that walks a std::string and lower cases it as this is now the 3rd copy we have of this.

This revision is now accepted and ready to land.Thu, Apr 23, 4:20 PM

asomers accepted this revision.Thu, Apr 23, 7:55 PM

Closed by commit rGeb837cb8b207: ctld: normalize iSCSI TargetName on login (authored by js). · Explain WhyFri, Apr 24, 7:48 AM

This revision was automatically updated to reflect the committed changes.

js added a commit: rGeb837cb8b207: ctld: normalize iSCSI TargetName on login.

js added a commit: rG0baae6223a63: ctld: normalize iSCSI TargetName on login.Fri, May 1, 5:53 AM