Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support (mutual) authentication #6

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

support (mutual) authentication #6

wants to merge 1 commit into from

Conversation

commonism
Copy link

  • userid,password
  • mutual_userid,mutual_password

@commonism
support (mutual) authentication
656800e 
  - userid,password
  - mutual_userid,mutual_password
@OndrejHome OndrejHome self-assigned this Oct 24, 2021
@OndrejHome
Copy link
Owner

Hello @commonism,

Thank you for opening the PR and the effort of providing interesting code!
Sorry for my delayed response on this. Due to current workload on my side I will need some time to review this (you may expect my response within 2 weeks).

By having only a brief look I expect that there will be minor conflict with files that are currently in develop branch which I have used to provide preview of some recent changes, but I don't think it would be complicated to merge them - I'll have a look at that.

In the meantime could you please let me know on which system(s) you have tested the changes provided in this PR? (for example: CentOS 7.9, CentOS 8.4, ...) This is for me to know on which systems to expect this to be working when testing.

Ondrej

@OndrejHome
Copy link
Owner

Hello @commonism,

Thank you for your patience.

I have tested so far only unidirectional authentication, but for mutual one the results can be extrapolated.

  1. It seems that it is possible only to set authentication values but not remove them. For example: userid: 'test' will set the use to test, but there is no way to remove user value from userid. I have tried userid: '' and just not specifying userid at none worked - old value was still present. Would it be possible to adjust code to allow also removal of the auth attributes?

  2. Could you please add few examples into 'EXAMPLES' section showing the use of the new attributes? Such as 'adding unidirectional authentication', 'adding mutual authentication', 'removing authentication settings'.

NOTE: You can get cleaner output from targetcli get auth when you specify the auth parameters as shown below.

# targetcli /iscsi/iqn.2003-01.org.linux-iscsi.fastvm-centos-7-9-86.x8664:sn.8794b958d5c5/tpg1/acls iqn.1994-05.com.redhat:ee5772c5261 get auth userid password mutual_userid mutual_password 
userid=test
password=www
mutual_userid=
mutual_password=

If you have any questions or comments to above please let me know. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@OndrejHome OndrejHome

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@commonism @OndrejHome