the interoperation between the NetBSD iSCSI target and the Linux
open-iscsi initiator.
Add details about inter-operation with the NetBSD iSCSI initiator.
Add dates to all entries.
Add last updated date to the COMPATIBILITY file.
of the physical size of the regular file. This is useful for presenting
ISO images to initiators, as in the following:
In /etc/iscsi/targets:
# present an ISO image
extent2 /usr/sets/20071214/release/iso/i386cd.iso 0 size
target2 ro extent2 any
% priv /etc/rc.d/iscsi_target restart
Stopping iscsi_target.
Starting iscsi_target.
Reading configuration from `/etc/iscsi/targets'
target0:rw:any
extent0:/tmp/iscsi-target0:0:104857600
target1:rw:any
extent1:/tmp/iscsi-target1:0:52428800
target2:ro:any
extent2:/usr/sets/20071214/release/iso/i386cd.iso:0:354906112
DISK: 1 logical unit (204800 blocks, 512 bytes/block), type iscsi fs
DISK: LUN 0: 100 MB disk storage for "target0"
DISK: 1 logical unit (102400 blocks, 512 bytes/block), type iscsi fs
DISK: LUN 0: 50 MB disk storage for "target1"
DISK: 1 logical unit (693176 blocks, 512 bytes/block), type iscsi fs
DISK: LUN 0: 338 MB readonly disk storage for "target2"
TARGET: TargetName is iqn.1994-04.org.netbsd.iscsi-target
%
Please note that the NetBSD initiator can mount (via vnd) an iSCSI target
presented in this manner. The Microsoft iSCSI initiator sees the read-only
target as a normal SCSI disk, and fails (not surprisingly) to initialize
the disk. It's now possible to make ISO images available via iSCSI, and
NetBSD will DTRT.
In read-only targets, don't attempt to seek to the last block and rewrite
it, it may not work.
Don't assign 8 MB of unused space for use in each iSCSI disk - just use
1MB, which will be enough for the scatter gather iovecs.
Get rid of some dead code.
originally from Poul-Henning Kamp, as found in pkgsrc/pkgtools/digest.
This should address some of the MD5 problems that are being seen on
some hosts at login time.
Re-run autoconf, autoheader and configure.
Name) in the targets configuration file.
Now an entry of the form:
target0=iqn.binky rw extent0 any
will mean that target0 gets presented with the iqn of "iqn.binky".
This can be useful for shorter aliases for IQNs. With thanks to Peter
Eisch for the idea.
Note that the target's base IQN can still be set with the -t parameter
to iscsi-target.
particular, initialize the target name properly in g_target, and add
functions for setting the target name and retrieving a list of
available targets.
Thanks to agc for catching this.
When determining what to put in to param->negotiated, it is *NOT*
sufficient to just pick one of offer_tx or offer_rx -- we may need to
use answer_rx or answer_tx as the negotiated parameter. Failure to
pay attention to which case we are handling means we will occasionally
get "old parameter values" stuffed into responses, resulting in
obscure behavior (such as getting luns mixed up after a normal
connection is made) that is very difficult to replicate.
macro which was never changed. This is the QAD fix, longer term we will
move to use native md5 routines if available.
Should go some way to fixing authentication problems when using an
initiator and target of different endianness.
Revert Max LBA calculation when returning the Maximum LBA from the target
to the iinitiator, following an email conversation with Jonathan Kollasch,
who points out a number of things:
+ the NetBSD scsipi driver reads the value returned by the drive and adds
one to it, so that standard SCSI drives return the 0-based Max LBA in a
READ CAPACITY command.
+ it is up to the initiator to add 1 to the Max LBA to find out the size
of the LUN (Jonathan verified this by using the UNH iSCSI initiator on
to a NetBSD target)
+ an analogous change to the NetBSD initiator (revision 1.4 of
iscsifs.c) is needed.
is not used by the NetBSD reachover framework).
Get rid of the misplaced bin directory during the build phase, it's not
necessary.
Add commands to build the NetBSD iSCSI initiator.
Initial import of the Automated Testing Framework, version 0.3, a project
that provides a framework to easily implement test cases for the NetBSD
operating system and some tools to run them and generate reports with the
results.
Note that this is just the framework (libraries and tools), which is and
will be maintained externally. The tests themselves will come later, will
be put under the 'tests' hierarchy and will be managed exclusively under
the NetBSD CVS tree given that they are tied to the operating system.
The work done until version 0.1 was sponsored by the Google Summer of Code
2007 program and mentored by martin@.
- reject absolute names in +CONTENT
- fix size issues with pkg_add -u and buffer handling
- print file name of failed renames in pkgdb during pkg_add -u
- remove warning when running pkg_add as non-root
- remove more traces of master/slave mode
- update URLs for new ftp.netbsd.org layout
- make warning of broken symlinks separate from warning for non-existant
files
- FETCH_PRE_ARGS option for download-vulnerability-list
- print only base package name in FILE_NAME for pkg_info -X
- don't leak memory in Dewey, it is called a lot more often now and
makes a difference
- just allocate in vfcexec and free, don't bother caching the exec
buffer
- remove some FTP debugging code
- make more allocation errors in the pkgdb iteration code fatal
- glob patterns and simple patterns are checked for being version-free
as well
- try harder to get setgid permissions correctly when extracting as
non-root
- fix waitpid to correctly handle EINTR
code to retry on SIOCGIFCONF not returning all interfaces is broken,
this unreasonably large buffer should handle the case of a machine
with lots of (usually virtual) interfaces. dhcpd 4 uses a different
method to get interface configuration, so this kludge should go away
on upgrade.
Fix based on understanding of the code, but has been compile-tested
only, to address failure report received from Michael Graff.
Pay closer attention to the TSIH value that is assigned by the target -
rather than a simple (session id + 1) value, which cycles after 16 sessions
are used, use a central counter, and increment that whenever a TSIH is
apportioned. This fixes some problems for me with multiple targets being
ignored, and only the first target being used. Tested with the Microsoft
initiator, and the embryonic NetBSD initiator.
Use more enumerated types, rather than cpp definitions.
Use enumerated types also in preference to magic numbers.
In the iSCSI test harness, use the -t argument to specify a disk target
exported by the NetBSD iSCSI target. This allows us to test for the
situation outlined above.
Add my copyright to the test harness - there's no Intel code left anymore.
Modify the way initiator login and logout information is presented to the
user. This is only of concern to people who use this with the target in
non-detached (non-daemon) mode.
Get rid of the MODE_SENSE_10 and MODE_SELECT_10 cases in the disk switch,
since they do not return responses in the correct format yet.
functions. Code contributed by Aleksey Cheusov in PR#36394, and slightly
tweaked for closer-to-KNF conventions by me. Also slightly improved checks
of error returns.
- include <stdbool.h> so bool is available _KERNEL for sys/condvar.h
- include <sys/mutex.h> before defining _KERNEL so it won't try to
include <machine/intr.h> which isn't available to userland.
fixes builds on sparc64.
+ fix a reported problem with newer versions of FreeBSD which require
a block of data to be read and written, rather than a single byte.
+ add support for Extended Inquiry Data VPD Page (0x86), reported to be
necessary to interoperate with the AIX initiator.
+ add preliminary support for the Write and Verify SCSI operation (0x2e).
writable, do the touch(1) dance with 512 bytes of information, rather
than just a single byte - the single byte read and write causes
problems on newer versions of FreeBSD, I am informed. Patch from
Andrey Yakovlev, cleaned up to compile by myself.
Add support for Extended Inquiry Data VPD Page (0x86), reported to be
necessary to interoperate with the AIX initiator.
Add preliminary support for the Write and Verify SCSI operation (0x2e).
http://www.ludd.ltu.se/~ragge/pcc/
This is based on the original Portable C Compiler by S. C. Johnson,
written in the late 70's. Even though much of the compiler has been
rewritten, some of the basics still remain.
The goal of pcc is to produce a small, simple, fast and understandable
C99 compiler under a BSD licence.
next ifreq is sizeof(struct ifreq) after the current one unless the
sockaddr is bigger than the union in ifreq that holds it.
In the original 4.4BSD code, this interpretation results in the same
behavior as the "is the sockaddr bigger than struct sockaddr", because
sizeof(struct sockaddr) and sizeof(ifc->ifr_ifru) are the same.
Add comments pointing out problems in the 'need bigger buffer' code,
and copying excessive amounts of data.
correct service - allows us to bind to the correct port, and not the
iSCSI control port.
Update version to 20070815, and re-run autoconf and autoheader.
+ if the attempt to getaddrinfo() on (host,port) fails, try various
combinations of (host,service)
+ clean up lint
+ set sess->d when we get traffic in, rather than just at iSCSI login
Only the library, tar, the test suites for each and the NEWS are
imported, the rest is not used or currently not useful.
Patches for an aliasing violation and a ctype interface violation
are included, they are scheduled to be part of the next release.
diffs to upstream.
This turns out to be a no-op, and it shouldn't be here at all because
the DEC/NetBSD specific FDDI padding is dealt with in libpcap already.
2206. [security] "allow-query-cache" and "allow-recursion" now
cross inherit from each other.
If allow-query-cache is not set in named.conf then
allow-recursion is used if set, otherwise allow-query
is used if set, otherwise the default (localnets;
localhost;) is used.
If allow-recursion is not set in named.conf then
allow-query-cache is used if set, otherwise allow-query
is used if set, otherwise the default (localnets;
localhost;) is used.
[RT #16987]
2203. [security] Query id generation was cryptographically weak.
[RT # 16915]
2202. [security] The default acls for allow-query-cache and
allow-recursion were not being applied. [RT #16960]
2193. [port] win32: BINDInstall.exe is now linked statically.
[RT #16906]
2192. [port] win32: use vcredist_x86.exe to install Visual
Studio's redistributable dlls if building with
Visual Stdio 2005 or later.
insufficient check of snprintf()'s return value, see gentoo bug #184815.
The exploit provided appearently doesn't trigger the overflow in
NetBSD; this might be due to different error return behavior of snprintf
implementations, or due to the fact that out tcpdump is still 3.8.3
while the bug was reported against 3.9.x. The fix looks correct in any
case.
The exploit caused an endless loop at another place instead, due
to an obvious bug, so fix this too.
Also apply another patch which was applied to the 3.8 branch upstream
but never released: rev. 1.72.2.5, infinite loop protection for ldp and bgp
We should update tcpdump to 3.9.x.
This is part one of moving the authoritive version from
src/usr.sbin/pkg_install to pkgsrc/pkgtools/pkg_install/files.
Discussed with and agreed by: jlam@, agc@, adrianp@
Raised issue to and not objected by: core@
yamt's reading of RFC 3720 is correct (see section 12.10, InitialR2T).
The desired transfer length in the initial ready to transmit
negotiation should not include any immediate data.
before system header file inclusion magically causing what "read" is
#defined to to pick up a read-like prototype. For sanity's sake, put
prototypes for revolting trace_mr stuff in their own header file (instead
of nowhere at all and using the trick referenced above).
"state lock" flag (if-bound, gr-bound, floating) at the end of a
NAT rule. The new syntax is backwards-compatbile with the old
syntax.
PF (kernel): change the macro BOUND_IFACE() to the inline function
bound_iface(), and add a new argument, the applicable NAT rule.
Use both the flags on the applicable filter rule and on the applicable
NAT rule to decide whether or not to bind a state to the interface
or the group where it is created.
a "long long" - giving a compilation warning.
Check for the presence of PRIu64 and use that in preference.
Adjust code to avoid multiple printf() calls.
Use unsigned format specifiers in all cases.
running instead of overwriten the PID file, removing IPv4 address
from the network interface(s) and leaving the system in a broken state.
This fixes PR bin/26504 by Jun-ichiro itojun Hagino. Patch supplied
by Rivo Nurges during NetBSD's second Bugathon.
* Assertion failure in ISC BIND SIG query processing (CVE-2006-4095)
- Recursive servers
Queries for SIG records will trigger an assertion failure if more
than one RRset is returned. However exposure can be minimized by
restricting which sources can ask for recursion.
- Authoritative servers
If a nameserver is serving a RFC 2535 DNSSEC zone and is queried
for the SIG records where there are multiple RRsets, then the
named program will trigger an assertion failure when it tries
to construct the response.
* INSIST failure in ISC BIND recursive query handling code (CVE-2006-4096)
It is possible to trigger an INSIST failure by sending enough
recursive queries such that the response to the query arrives after
all the clients waiting for the response have left the recursion
queue. However exposure can be minimized by restricting which sources
can ask for recursion.
ok'ed christos@
implemented for IPv6, but works fine for IPv4)
+ now poll any connections opened in the target. select is used if
poll is not available
+ remove ramdisk type of backing store, since it was never used, and
is of no use for our needs
+ bump version to 20060727
- The array must be NULL terminated because other code depends on it.
- Use this terminator to check if we're at the end of the array instead
of doing sizeof(pf_timeouts) / sizeof(pf_timeouts[0]).
enabled (ipf -E) before ipnat is used; this detail is automated by the
rc scripts, but not by ipnat itself. ipf's author agrees this is a doc
bug.
Closes PR kern/33409.
serve simultaneously to DEFAULT_TARGET_MAX_SESSIONS, add a -s argument to
iscsi-target(8) to specify the maximum number of sessions.
Also bump default from 4 to 16.
following Dan Carosone's suggestion of the uint64_t array.
Abstract a bit more from the HTOBE64() macro intrigue, for platforms
like Solaris/x86 which have fun in this part.
Tested only with little-endian initiators for now.
Bump version to 20060526.
initiator (used on Solaris 10 Update 1) - the initiator demands that a
UUID is returned, so give it one.
Add autoconf glue for that, and a compat uuid_create(3) and
uuid_to_string(3).
This still spews a lot of output via the target's syslog, but persevere,
since it does actually make the target work with the Solaris initiator:
solaris10# format
Searching for disks...done
AVAILABLE DISK SELECTIONS:
0. c1d0 <DEFAULT cyl 29728 alt 2 hd 64 sec 63>
/pci@0,0/pci-ide@1f,1/ide@0/cmdk@0,0
1. c2t5d0 <DEFAULT cyl 96 alt 2 hd 64 sec 32>
/iscsi/disk@0000iqn.1994-04.org.netbsd.iscsi-target%3Atarget00001,0
Specify disk (enter its number): ^D
solaris10# df -k /mnt
Filesystem kbytes used avail capacity Mounted on
/dev/dsk/c2t5d0s0 91407 1041 81226 2% /mnt
solaris10# uname -a
SunOS solaris10 5.10 Generic_118844-26 i86pc i386 i86pc
solaris10#
Thanks to lint that caught this on big-endian arches. Little-endian
compiled, but I guess that converting your loop counter into
big-endian inside the loop is not exactly what you want to do.
- add a CAVEATS section to pf(4) and note it
- in the description in pf.conf(5) say it is unsupported
- remove it from the grammar in pf.conf(5).
Approved by Peter Postma.
+ Properly pad the names with spaces (with thanks to Bill Studenmund)
+ Use the official T10 vendor name, "NetBSD".
+ Minor cleanup in the INQUIRY command
+ Rather than just punting on the REPORT LUNs SCSI command, emulate it
properly. This change makes the target work with the Solaris initiator:
AVAILABLE DISK SELECTIONS:
0. c1d0 <DEFAULT cyl 29728 alt 2 hd 64 sec 63>
/pci@0,0/pci-ide@1f,1/ide@0/cmdk@0,0
1. c2t5d0 <DEFAULT cyl 97 alt 2 hd 64 sec 32>
/iscsi/disk@0000iqn.1994-04.org.netbsd.iscsi-target%3Atarget00001,0
Specify disk (enter its number): 1
aren't quite as forgiving as i386 - when using a 16 bit value, use 16 bit
alignment6, not 32 bit. Makes the NetBSD iSCSI target function perfectly
with the Microsoft initiator when run on Solaris 9 on Sparc.