backport patches from epoch2

Signed-off-by: Wenchao Hao <haowenchao@huawei.com>

0027-use-openssl-for-random-data-generation.patch

@@ -0,0 +1,68 @@
+From 9457552a6543fe739a1f090bb657e634a70ffafe Mon Sep 17 00:00:00 2001
+From: David Disseldorp <ddiss@suse.de>
+Date: Wed, 22 Jul 2020 15:45:47 +0200
+Subject: [PATCH 1/8] use openssl for random data generation
+
+48a4e5b475836bcb952fb53a8bde45bdf68fe38f added an openssl dependency, so
+use it for obtaining random buffers via RAND_bytes().
+
+Suggested-by: Marcus Meissner <meissner@suse.de>
+Signed-off-by: David Disseldorp <ddiss@suse.de>
+---
+ usr/auth.c | 19 ++++++++++++++++---
+ 1 file changed, 16 insertions(+), 3 deletions(-)
+
+diff --git a/usr/auth.c b/usr/auth.c
+index a222c53..a1d99e9 100644
+--- a/usr/auth.c
++++ b/usr/auth.c
+@@ -43,6 +43,7 @@ static const char acl_authmethod_set_chap_alg_list[] = "CHAP";
+ static const char acl_reject_option_name[] = "Reject";
+ 
+ #include <openssl/evp.h>
++#include <openssl/rand.h>
+ static int auth_hash_init(EVP_MD_CTX **context, int chap_alg);
+ static void auth_hash_update(EVP_MD_CTX *context, unsigned char *md, unsigned int);
+ static unsigned int auth_hash_final(unsigned char *, EVP_MD_CTX *context);
+@@ -1008,6 +1009,7 @@ acl_rmt_auth(struct iscsi_acl *client)
+ 	enum auth_dbg_status dbg_status;
+ 	const char *chap_rsp_key_val;
+ 	const char *chap_username_key_val;
++	int ssl_ret = 0;
+ 
+ 	switch (client->rmt_state) {
+ 	case AUTH_RMT_STATE_SEND_ALG:
+@@ -1023,7 +1025,13 @@ acl_rmt_auth(struct iscsi_acl *client)
+ 			client->rmt_state = AUTH_RMT_STATE_DONE;
+ 			break;
+ 		}
+-		get_random_bytes(id_data, 1);
++
++		ssl_ret = RAND_bytes(id_data, sizeof(id_data));
++		if (ssl_ret != 1) {
++			client->rmt_state = AUTH_RMT_STATE_ERROR;
++			client->dbg_status = AUTH_DBG_STATUS_AUTH_FAIL;
++			break;
++		}
+ 		client->send_chap_identifier = id_data[0];
+ 		snprintf(client->scratch_key_value, AUTH_STR_MAX_LEN, "%lu",
+ 			 (unsigned long)client->send_chap_identifier);
+@@ -1032,8 +1040,13 @@ acl_rmt_auth(struct iscsi_acl *client)
+ 				  client->scratch_key_value);
+ 
+ 		client->send_chap_challenge.length = client->chap_challenge_len;
+-		get_random_bytes(client->send_chap_challenge.large_binary,
+-				 client->send_chap_challenge.length);
++		ssl_ret = RAND_bytes(client->send_chap_challenge.large_binary,
++				     client->send_chap_challenge.length);
++		if (ssl_ret != 1) {
++			client->rmt_state = AUTH_RMT_STATE_ERROR;
++			client->dbg_status = AUTH_DBG_STATUS_AUTH_FAIL;
++			break;
++		}
+ 		acl_set_key_value(&client->send_key_block,
+ 				  AUTH_KEY_TYPE_CHAP_CHALLENGE, "");
+ 
+-- 
+1.8.3.1
+

0028-drop-unused-get_random_bytes.patch

@@ -0,0 +1,71 @@
+From cc51cace064c4a3c459f3c9085006dfb62747525 Mon Sep 17 00:00:00 2001
+From: David Disseldorp <ddiss@suse.de>
+Date: Wed, 22 Jul 2020 15:58:19 +0200
+Subject: [PATCH 2/8] drop unused get_random_bytes()
+
+openssl's RAND_bytes() is now used instead, so this can be dropped.
+
+Suggested-by: Marcus Meissner <meissner@suse.de>
+Signed-off-by: David Disseldorp <ddiss@suse.de>
+---
+ usr/auth.c | 37 -------------------------------------
+ 1 file changed, 37 deletions(-)
+
+diff --git a/usr/auth.c b/usr/auth.c
+index a1d99e9..2f7506f 100644
+--- a/usr/auth.c
++++ b/usr/auth.c
+@@ -48,7 +48,6 @@ static int auth_hash_init(EVP_MD_CTX **context, int chap_alg);
+ static void auth_hash_update(EVP_MD_CTX *context, unsigned char *md, unsigned int);
+ static unsigned int auth_hash_final(unsigned char *, EVP_MD_CTX *context);
+ 
+-void get_random_bytes(unsigned char *data, unsigned int length);
+ size_t strlcpy(char *, const char *, size_t);
+ size_t strlcat(char *, const char *, size_t);
+ 
+@@ -218,42 +217,6 @@ static unsigned int auth_hash_final(unsigned char *hash, EVP_MD_CTX *context) {
+ 	return md_len;
+ }
+ 
+-void
+-get_random_bytes(unsigned char *data, unsigned int length)
+-{
+-
+-	long r;
+-        unsigned n;
+-	int fd, r_size = sizeof(r);
+-
+-	fd = open("/dev/urandom", O_RDONLY);
+-        while (length > 0) {
+-
+-		if (fd == -1 || read(fd, &r, r_size) != r_size)
+-			r = rand();
+-                r = r ^ (r >> 8);
+-                r = r ^ (r >> 4);
+-                n = r & 0x7;
+-
+-		if (fd == -1 || read(fd, &r, r_size) != r_size)
+-			r = rand();
+-                r = r ^ (r >> 8);
+-                r = r ^ (r >> 5);
+-                n = (n << 3) | (r & 0x7);
+-
+-		if (fd == -1 || read(fd, &r, r_size) != r_size)
+-			r = rand();
+-                r = r ^ (r >> 8);
+-                r = r ^ (r >> 5);
+-                n = (n << 2) | (r & 0x3);
+-
+-                *data++ = n;
+-                length--;
+-        }
+-	if (fd)
+-		close(fd);
+-}
+-
+ static const char acl_none_option_name[] = "None";
+ 
+ static int
+-- 
+1.8.3.1
+

0029-Preparing-for-version-2.1.2.patch

@@ -0,0 +1,90 @@
+From 802688debcd88c48edabe86deb7e7ed47ebadc26 Mon Sep 17 00:00:00 2001
+From: Lee Duncan <lduncan@suse.com>
+Date: Fri, 24 Jul 2020 17:39:50 -0700
+Subject: [PATCH 3/8] Preparing for version 2.1.2
+
+---
+ Changelog                 | 43 +++++++++++++++++++++++++++++++++++++++++++
+ libopeniscsiusr/version.h |  2 +-
+ usr/version.h             |  2 +-
+ 3 files changed, 45 insertions(+), 2 deletions(-)
+
+diff --git a/Changelog b/Changelog
+index 9af7bf1..29133ee 100644
+--- a/Changelog
++++ b/Changelog
+@@ -1,3 +1,46 @@
++open-iscsi-2.1.0 - open-iscsi-2.1.2
++
++Christian Glombek (1):
++      Add iscsi-init.service
++
++David Disseldorp (2):
++      use openssl for random data generation
++      drop unused get_random_bytes()
++
++Lee Duncan (10):
++      Fix iscsi.service so it handles restarts better
++      Fix issue where "iscsi-iname -p" core dumps.
++      Add Wants=remote-fs-pre.target for sequencing.
++      Change include of <sys/poll.h> to <poll.h>
++      Fix type mismatch under musl.
++      More changes for musl.
++      Ignore iface.example in iface match checks
++      Fix issue with zero-length arrays at end of struct
++      Fix a compiler complaint about writing one byte
++      Fix compiler complaint about string copy in iscsiuio
++
++Luis.wu (1):
++      Update iscsi-iname.c
++
++Rafael David Tinoco (1):
++      Misspelled socket name might cause confusion to inexperienced user.
++
++Wu Bo (2):
++      iscsi-iname: fix iscsi-iname -p access NULL pointer without given IQN prefix
++      log:modify iSCSI shared memory permissions for logs
++
++fredvx (1):
++      Fix SIGPIPE loop in signal handler
++
++gulams (1):
++      Proper disconnect of TCP connection
++
++wubo009 (3):
++      iscsi: Add break to while loop
++      iscsi: fix fd leak
++      iscsi/libopeniscsiusr:add libopeniscsiuser_node.h to HEADERS
++
++
+ open-iscsi-2.1.0 - open-iscsi-2.1.1
+ 
+ # output from "git shortlog --no-merges 2.1.0..HEAD"
+diff --git a/libopeniscsiusr/version.h b/libopeniscsiusr/version.h
+index 9be3905..97031b0 100644
+--- a/libopeniscsiusr/version.h
++++ b/libopeniscsiusr/version.h
+@@ -25,6 +25,6 @@
+  * This may not be the same value as the kernel versions because
+  * some other maintainer could merge a patch without going through us
+  */
+-#define ISCSI_VERSION_STR	"2.1.1"
++#define ISCSI_VERSION_STR	"2.1.2"
+ 
+ #endif  /* End of __ISCSI_OPEN_USR_VERSION_H__ */
+diff --git a/usr/version.h b/usr/version.h
+index 4fa9179..115a11c 100644
+--- a/usr/version.h
++++ b/usr/version.h
+@@ -6,7 +6,7 @@
+  * This may not be the same value as the kernel versions because
+  * some other maintainer could merge a patch without going through us
+  */
+-#define ISCSI_VERSION_STR	"2.1.1"
++#define ISCSI_VERSION_STR	"2.1.2"
+ #define ISCSI_VERSION_FILE	"/sys/module/scsi_transport_iscsi/version"
+ 
+ #endif
+-- 
+1.8.3.1
+

0030-iscsid-Check-Invalid-Session-id-for-stop-connection.patch

@@ -0,0 +1,64 @@
+From 9ac758cc472d991d7eaa9a1da17279cbbdbc7ebf Mon Sep 17 00:00:00 2001
+From: gulams <64251312+gulams@users.noreply.github.com>
+Date: Thu, 3 Sep 2020 21:28:52 +0530
+Subject: [PATCH 5/8] iscsid: Check Invalid Session id for stop connection
+
+Description:
+If the initiator is rebooting then after the reboot, it will try to
+resync (recreate) the existing the connections by reading the sysfs.
+While initiator is doing this, i.e when the initiator tries to connect
+to the target but if the target service is not yet started, then the
+initiator connection will fail. The session id is also not yet assigned
+and it will be at its initial value 0xFFFFFFFF which is invalid. The
+session id is assigned a valid value only after a successful connection.
+Since the connection is failed, the initiator code will queue the
+connection for re-open. The connection state is still at
+ISCSI_CONN_STATE_XPT_WAIT as its very first login attemp after the
+reboot.
+Due to my Pull #206 request the code will invoke the stop connection to
+decrement the socket_fd reference count to properly close the connecion
+(details are in pull request #206). But since the session id is not
+valid, the stop connection will fail and the code will go ahead and
+queue the re-open without attempting the connect again. This is repeated
+till 120 seconds (stop connection failing and requeuing the reopen
+without invoking connect) and the connection will be shutdown resulting
+the storage unavailable.
+
+Fix:
+We need to check the validity of the session id before calling the stop
+connection. If the session id is valid then only invoke the stop
+connection. Due to this, the code will go ahead and attempt the connet
+call. If the target service comes up anytime in 120 seconds, then the
+connect will be successful and we will get connected to the target.
+---
+ usr/initiator.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/usr/initiator.c b/usr/initiator.c
+index 5f4bdca..684647c 100644
+--- a/usr/initiator.c
++++ b/usr/initiator.c
+@@ -692,6 +692,7 @@ static void iscsi_login_eh(struct iscsi_conn *conn, struct queue_task *qtask,
+ 			   int err)
+ {
+ 	struct iscsi_session *session = conn->session;
++	int stop_flag = 0;
+ 
+ 	log_debug(3, "iscsi_login_eh");
+ 	/*
+@@ -711,7 +712,11 @@ static void iscsi_login_eh(struct iscsi_conn *conn, struct queue_task *qtask,
+ 			    !iscsi_retry_initial_login(conn))
+ 				session_conn_shutdown(conn, qtask, err);
+ 			else {
+-				session_conn_reopen(conn, qtask, STOP_CONN_TERM);
++				stop_flag = (session->id < INVALID_SESSION_ID) ? STOP_CONN_TERM : 0;
++				log_debug(6, "connection %p socket_fd: %d, "
++					  "session id: %d stop_flag: %d\n",
++					  conn, conn->socket_fd, session->id, stop_flag);
++				session_conn_reopen(conn, qtask, stop_flag);
+ 			}
+ 			break;
+ 		case R_STAGE_SESSION_REDIRECT:
+-- 
+1.8.3.1
+

0031-iscsiadm-buffer-overflow-regression-when-discovering.patch

@@ -0,0 +1,28 @@
+From 0c032f5f4f826199868099f0af10c4a913209573 Mon Sep 17 00:00:00 2001
+From: Chris Leech <cleech@redhat.com>
+Date: Mon, 14 Sep 2020 14:09:56 -0700
+Subject: [PATCH 6/8] iscsiadm buffer overflow regression when discovering many
+ targets at once
+
+int_list type didn't zero the output string, so as the rec struct was reused
+repeatedly during discovery it would keep growing with repeated values
+triggering a strcat buffer overflow
+---
+ usr/idbm.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/usr/idbm.c b/usr/idbm.c
+index 6309be0..42c2699 100644
+--- a/usr/idbm.c
++++ b/usr/idbm.c
+@@ -169,6 +169,7 @@ static struct idbm *db;
+ #define __recinfo_int_list(_key,_info,_rec,_name,_show,_tbl,_n,_mod) do { \
+ 	_info[_n].type = TYPE_INT_LIST; \
+ 	strlcpy(_info[_n].name, _key, NAME_MAXVAL); \
++	_info[_n].value[0] = '\0'; \
+ 	for (unsigned long _i = 0; _i < ARRAY_LEN(_rec->_name); _i++) {	\
+ 		if (_rec->_name[_i] != (unsigned)~0) {			\
+ 			for (unsigned long _j = 0; _j < ARRAY_LEN(_tbl); _j++) {	\
+-- 
+1.8.3.1
+

open-iscsi.spec

@@ -4,7 +4,7 @@
 
 Name:    open-iscsi
 Version: 2.1.1
-Release: 3
+Release: 4
 Summary: ISCSI software initiator daemon and utility programs
 License: GPLv2+ and BSD
 URL:     http://www.open-iscsi.org
@@ -35,6 +35,11 @@ Patch23: 0023-Proper-disconnect-of-TCP-connection.patch
 Patch24: 0024-Add-iscsi-init.service.patch
 Patch25: 0025-Fix-issue-with-zero-length-arrays-at-end-of-struct.patch
 Patch26: 0026-Fix-a-compiler-complaint-about-writing-one-byte.patch
+Patch27: 0027-use-openssl-for-random-data-generation.patch
+Patch28: 0028-drop-unused-get_random_bytes.patch
+Patch29: 0029-Preparing-for-version-2.1.2.patch
+Patch30: 0030-iscsid-Check-Invalid-Session-id-for-stop-connection.patch
+Patch31: 0031-iscsiadm-buffer-overflow-regression-when-discovering.patch
 
 BuildRequires: flex bison doxygen kmod-devel systemd-units gcc git isns-utils-devel systemd-devel
 BuildRequires: autoconf automake libtool libmount-devel openssl-devel pkg-config gdb
@@ -167,6 +172,11 @@ fi
 %{_mandir}/man8/*
 
 %changelog
+* Thu Nov 12 2020 haowenchao <haowenchao@huawei.com> - 2.1.1-4
+- backport patches from epoch2 including following changes:
+  get_random_bytes is replaced by RAND_bytes so it is removed
+  fix buffer overflow when discovering
+
 * Sat Oct 31 2020 haowenchao <haowenchao@huawei.com> - 2.1.1-3
 - backport patches from epoch1