fabrics: add error if dhchap-ctrl-secret is specified with --concat

--concat works only with unidirectional auth and not bidirectional auth.
As per section 8.3.4.5.9 Generated PSK for TLS in the NVMe base spec 2.1:

"The host may request secure channel concatenation with the TLS protocol
by setting the SC_C field in the AUTH_Negotiate message to NEWTLSPSK
while performing only unidirectional auth. In this case, the host shall
send a challenge value C2 to the controller and clear the sequence
number S2 to 0h to indicate that controller authentication is not
requested".

In the kernel too, if both host and controller auth keys are specified
with secure channel concat, it would ignore the controller key and
and default to using the host key itself for uni-auth with concat TLS.
So add an appropriate error to catch the same in the userspace itself.

Signed-off-by: Martin George <[email protected]>

Author: martin-gpy

libnvme/src/nvme/fabrics.c

@@ -742,6 +742,11 @@ static int build_options(nvme_host_t h, nvme_ctrl_t c, char **argstr)
 		return -ENVME_CONNECT_INVAL;
 	}
 
+	if (cfg->concat && ctrlkey) {
+		nvme_msg(h->ctx, LOG_ERR, "cannot specify [--dhchap-ctrl-secret | -C] with --concat\n");
+		return -ENVME_CONNECT_INVAL;
+	}
+
 	if (cfg->tls) {
 		ret = __nvme_import_keys_from_config(h, c, &keyring_id, &key_id);
 		if (ret)