During unidirectional CHAP configuration on RHEL5.2, I found following
odd behaviour.
 "If initiator CHAP is enabled and Target CHAP is _not_ enabled ,
Authentication Passes".

I looked at code, trace and RFC and here is my observation.

Here is what initiator and taget passes to each other while iscsi
phase. Assuming CHAP is only enabled on initiator and not on target.
1) Initiator pass "CHAP,NONE" as Authentication parameter.
2) Target replies with "NONE".
3) Both will settle on "NONE" as Authentication parameter.

RFC specifies that, if both (initiator/target) don't agree on same
authentication protocol, iscsi login should fail.
So in this case, RHEL 5.2 iscsi initiator should ideally pass only
"CHAP" as Authentication parameter to target, so that if target says
"NONE", negotiation should fail.

Can someone please confirm if this is working as per design?

configuration :
RHEL 5.2

Thank you
You received this message because you are subscribed to the Google Groups 
"open-iscsi" group.
To post to this group, send email to open-iscsi@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/open-iscsi

Reply via email to