Bug 732912 - [REGRESSION] After incorrect login for CHAP authentication message 'Successfully loged in' is showed.
Summary: [REGRESSION] After incorrect login for CHAP authentication message 'Successfu...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: iscsi-initiator-utils
Version: 6.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Andy Grover
QA Contact: Petr Beňas
URL:
Whiteboard:
Depends On:
Blocks: 691780
TreeView+ depends on / blocked
 
Reported: 2011-08-24 06:51 UTC by Ľuboš Kardoš
Modified: 2016-08-01 01:26 UTC (History)
7 users (show)

Fixed In Version: iscsi-initiator-utils-6.2.0.872-25.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-12-06 17:58:24 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1722 normal SHIPPED_LIVE iscsi-initiator-utils bug fix and enhancement update 2011-12-06 01:02:10 UTC

Description Ľuboš Kardoš 2011-08-24 06:51:15 UTC
Steps to Reproduce:

Start installation, advance to partitioning screen,
click Advanced storage configuration button,
select Add iSCSI target option and click Add drive button,
specify Target IP Address,
click Start discovery, click Login, 
as authentication select CHAP pair,
CHAP username fill out with incorrect username.
CHAP password fill out with incorrect password.

Actual results:
Message 'Successfully loged in and attached the following nodes: ...' is showed.
Nothing is in the tab Other SAN Devices.
Reboot is needed when you want to fill out login information for this device again. 

Expected results:
Message 'Login incorrect' should be showed.
No reboot should be needed for repetition of login after filling incorrect information.

Comment 2 Ales Kozumplik 2011-08-24 07:40:11 UTC
Lubos,

can you please try this against rhel6.1GA to see if this is a regression?

Thanks,
Ales

Comment 3 Ľuboš Kardoš 2011-08-24 08:34:58 UTC
Hi Ales,
For rhel6.1 is it OK, message 'iSCSI login has failed for the following nodes:' is showed for incorrect login.

Comment 4 Ales Kozumplik 2011-08-24 08:50:07 UTC
Indeed, this is a regression, I can reproduce it.

Comment 5 Ales Kozumplik 2011-08-24 11:31:20 UTC
I can reproduce this with iscsiadm, on a rhel6.2 nightly:

[root@parted ~]# iscsiadm -m node
iscsiadm: No records found
[root@parted ~]# iscsiadm -m discovery -t st -p 10.34.39.3
Starting iscsid:                                           [  OK  ]
10.34.39.3:3260,1 iqn.2011-01.com.redhat:cobra03.target1
10.34.39.3:3260,1 iqn.2011-01.com.redhat:cobra03.target2
[root@parted ~]# iscsiadm -m node
10.34.39.3:3260,1 iqn.2011-01.com.redhat:cobra03.target1
10.34.39.3:3260,1 iqn.2011-01.com.redhat:cobra03.target2
[root@parted ~]# iscsiadm -m node -l
Logging in to [iface: default, target: iqn.2011-01.com.redhat:cobra03.target1, portal: 10.34.39.3,3260] (multiple)
Logging in to [iface: default, target: iqn.2011-01.com.redhat:cobra03.target2, portal: 10.34.39.3,3260] (multiple)
Login to [iface: default, target: iqn.2011-01.com.redhat:cobra03.target1, portal: 10.34.39.3,3260] successful.
Login to [iface: default, target: iqn.2011-01.com.redhat:cobra03.target2, portal: 10.34.39.3,3260] successful.
[root@parted ~]# iscsiadm -m session
tcp: [1] 10.34.39.3:3260,1 iqn.2011-01.com.redhat:cobra03.target1
[root@parted ~]# 

Note that it first seemed that we managed to login to iqn.2011-01.com.redhat:cobra03.target2 despite that this target needs a CHAP authentication and no authentication is set in /etc/iscsi/iscsid.conf. The output of calling 'iscsiadm -m session' seems to confirm this. 

Mike, I think this is a regression somewhere in the initiator, on a path common to libiscsi_node_login() and to that what happens when iscsiadm is invoked manually, perhaps just an ignored return value somewhere. This appears in dmesg:

 connection2:0: detected conn error (1020)

Reassigning to iscsi-initiator-utils. If I am getting something wrong then throw it back please.

Comment 6 Mike Christie 2011-08-25 05:16:10 UTC
What target are you using and what CHAP settings did you use for it?

On the initiator side are you setting:

node.session.auth.username
node.session.auth.password

Or 

node.session.auth.username_in
node.session.auth.password_in

Or both?

What about on the target? Are you setting the incoming or outgoing?

Comment 7 Ales Kozumplik 2011-08-25 07:19:23 UTC
(In reply to comment #6)
> What target are you using and what CHAP settings did you use for it?

It's a rhel6 machine with scsi-target-utils-1.0.14-2.el6.x86_64

> On the initiator side are you setting:
> 
> node.session.auth.username
> node.session.auth.password
> 
> Or 
> 
> node.session.auth.username_in
> node.session.auth.password_in

None of those, the lines were commented out.

> What about on the target? Are you setting the incoming or outgoing?

I have this set:

<target iqn.2011-01.com.redhat:cobra03.target1>
    backing-store /var/akozumpl/iscsi-target1
    scsi_sn COBRA03_ISCSI_TARGET_1
    scsi_id COBRA03_ISCSI_TARGET_1_ID
</target>

<target iqn.2011-01.com.redhat:cobra03.target2>
    backing-store /var/akozumpl/iscsi-target2
    incominguser akozumpl anaconda
</target>

Comment 8 Mike Christie 2011-08-26 05:29:20 UTC
Looks like it was just added in 6.2. It is due to some patch that

Comment 9 Mike Christie 2011-08-26 05:34:56 UTC
(In reply to comment #8)
> Looks like it was just added in 6.2. It is due to some patch that

Hit save too soon. I meant to write that it was caused by the patches that added qla4xxx support. Testing a patch now.

Comment 10 Mike Christie 2011-09-02 04:37:57 UTC
This is fixed in iscsi-initiator-utils-6.2.0.872-25.el6.

Comment 13 Petr Beňas 2011-09-14 09:14:29 UTC
Reproduced in iscsi-initiator-utils-6.2.0.872-24.el6.x86_64 and verified in iscsi-initiator-utils-6.2.0.872-25.el6.x86_64.

Comment 14 errata-xmlrpc 2011-12-06 17:58:24 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1722.html


Note You need to log in before you can comment on or make changes to this bug.