1/*- 2 * Copyright (c) 2012 The FreeBSD Foundation 3 * All rights reserved. 4 * 5 * This software was developed by Edward Tomasz Napierala under sponsorship 6 * from the FreeBSD Foundation. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 */ 30 31#include <sys/cdefs.h>
| 1/*- 2 * Copyright (c) 2012 The FreeBSD Foundation 3 * All rights reserved. 4 * 5 * This software was developed by Edward Tomasz Napierala under sponsorship 6 * from the FreeBSD Foundation. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 */ 30 31#include <sys/cdefs.h>
|
32__FBSDID("$FreeBSD: stable/10/usr.sbin/ctld/ctld.c 274871 2014-11-22 17:52:33Z trasz $");
| 32__FBSDID("$FreeBSD: stable/10/usr.sbin/ctld/ctld.c 274939 2014-11-24 00:47:04Z mav $");
|
33 34#include <sys/types.h> 35#include <sys/time.h> 36#include <sys/socket.h> 37#include <sys/wait.h> 38#include <netinet/in.h> 39#include <arpa/inet.h> 40#include <assert.h> 41#include <ctype.h> 42#include <errno.h> 43#include <netdb.h> 44#include <signal.h> 45#include <stdbool.h> 46#include <stdio.h> 47#include <stdint.h> 48#include <stdlib.h> 49#include <string.h> 50#include <unistd.h> 51 52#include "ctld.h"
| 33 34#include <sys/types.h> 35#include <sys/time.h> 36#include <sys/socket.h> 37#include <sys/wait.h> 38#include <netinet/in.h> 39#include <arpa/inet.h> 40#include <assert.h> 41#include <ctype.h> 42#include <errno.h> 43#include <netdb.h> 44#include <signal.h> 45#include <stdbool.h> 46#include <stdio.h> 47#include <stdint.h> 48#include <stdlib.h> 49#include <string.h> 50#include <unistd.h> 51 52#include "ctld.h"
|
| 53#include "isns.h"
|
53 54bool proxy_mode = false; 55 56static volatile bool sighup_received = false; 57static volatile bool sigterm_received = false; 58static volatile bool sigalrm_received = false; 59 60static int nchildren = 0; 61 62static void 63usage(void) 64{ 65 66 fprintf(stderr, "usage: ctld [-d][-f config-file]\n"); 67 exit(1); 68} 69 70char * 71checked_strdup(const char *s) 72{ 73 char *c; 74 75 c = strdup(s); 76 if (c == NULL) 77 log_err(1, "strdup"); 78 return (c); 79} 80 81struct conf * 82conf_new(void) 83{ 84 struct conf *conf; 85 86 conf = calloc(1, sizeof(*conf)); 87 if (conf == NULL) 88 log_err(1, "calloc"); 89 TAILQ_INIT(&conf->conf_targets); 90 TAILQ_INIT(&conf->conf_auth_groups); 91 TAILQ_INIT(&conf->conf_portal_groups);
| 54 55bool proxy_mode = false; 56 57static volatile bool sighup_received = false; 58static volatile bool sigterm_received = false; 59static volatile bool sigalrm_received = false; 60 61static int nchildren = 0; 62 63static void 64usage(void) 65{ 66 67 fprintf(stderr, "usage: ctld [-d][-f config-file]\n"); 68 exit(1); 69} 70 71char * 72checked_strdup(const char *s) 73{ 74 char *c; 75 76 c = strdup(s); 77 if (c == NULL) 78 log_err(1, "strdup"); 79 return (c); 80} 81 82struct conf * 83conf_new(void) 84{ 85 struct conf *conf; 86 87 conf = calloc(1, sizeof(*conf)); 88 if (conf == NULL) 89 log_err(1, "calloc"); 90 TAILQ_INIT(&conf->conf_targets); 91 TAILQ_INIT(&conf->conf_auth_groups); 92 TAILQ_INIT(&conf->conf_portal_groups);
|
| 93 TAILQ_INIT(&conf->conf_isns);
|
92
| 94
|
| 95 conf->conf_isns_period = 900; 96 conf->conf_isns_timeout = 5;
|
93 conf->conf_debug = 0; 94 conf->conf_timeout = 60; 95 conf->conf_maxproc = 30; 96 97 return (conf); 98} 99 100void 101conf_delete(struct conf *conf) 102{ 103 struct target *targ, *tmp; 104 struct auth_group *ag, *cagtmp; 105 struct portal_group *pg, *cpgtmp;
| 97 conf->conf_debug = 0; 98 conf->conf_timeout = 60; 99 conf->conf_maxproc = 30; 100 101 return (conf); 102} 103 104void 105conf_delete(struct conf *conf) 106{ 107 struct target *targ, *tmp; 108 struct auth_group *ag, *cagtmp; 109 struct portal_group *pg, *cpgtmp;
|
| 110 struct isns *is, *istmp;
|
106 107 assert(conf->conf_pidfh == NULL); 108 109 TAILQ_FOREACH_SAFE(targ, &conf->conf_targets, t_next, tmp) 110 target_delete(targ); 111 TAILQ_FOREACH_SAFE(ag, &conf->conf_auth_groups, ag_next, cagtmp) 112 auth_group_delete(ag); 113 TAILQ_FOREACH_SAFE(pg, &conf->conf_portal_groups, pg_next, cpgtmp) 114 portal_group_delete(pg);
| 111 112 assert(conf->conf_pidfh == NULL); 113 114 TAILQ_FOREACH_SAFE(targ, &conf->conf_targets, t_next, tmp) 115 target_delete(targ); 116 TAILQ_FOREACH_SAFE(ag, &conf->conf_auth_groups, ag_next, cagtmp) 117 auth_group_delete(ag); 118 TAILQ_FOREACH_SAFE(pg, &conf->conf_portal_groups, pg_next, cpgtmp) 119 portal_group_delete(pg);
|
| 120 TAILQ_FOREACH_SAFE(is, &conf->conf_isns, i_next, istmp) 121 isns_delete(is);
|
115 free(conf->conf_pidfile_path); 116 free(conf); 117} 118 119static struct auth * 120auth_new(struct auth_group *ag) 121{ 122 struct auth *auth; 123 124 auth = calloc(1, sizeof(*auth)); 125 if (auth == NULL) 126 log_err(1, "calloc"); 127 auth->a_auth_group = ag; 128 TAILQ_INSERT_TAIL(&ag->ag_auths, auth, a_next); 129 return (auth); 130} 131 132static void 133auth_delete(struct auth *auth) 134{ 135 TAILQ_REMOVE(&auth->a_auth_group->ag_auths, auth, a_next); 136 137 free(auth->a_user); 138 free(auth->a_secret); 139 free(auth->a_mutual_user); 140 free(auth->a_mutual_secret); 141 free(auth); 142} 143 144const struct auth * 145auth_find(const struct auth_group *ag, const char *user) 146{ 147 const struct auth *auth; 148 149 TAILQ_FOREACH(auth, &ag->ag_auths, a_next) { 150 if (strcmp(auth->a_user, user) == 0) 151 return (auth); 152 } 153 154 return (NULL); 155} 156 157static void 158auth_check_secret_length(struct auth *auth) 159{ 160 size_t len; 161 162 len = strlen(auth->a_secret); 163 if (len > 16) { 164 if (auth->a_auth_group->ag_name != NULL) 165 log_warnx("secret for user \"%s\", auth-group \"%s\", " 166 "is too long; it should be at most 16 characters " 167 "long", auth->a_user, auth->a_auth_group->ag_name); 168 else 169 log_warnx("secret for user \"%s\", target \"%s\", " 170 "is too long; it should be at most 16 characters " 171 "long", auth->a_user, 172 auth->a_auth_group->ag_target->t_name); 173 } 174 if (len < 12) { 175 if (auth->a_auth_group->ag_name != NULL) 176 log_warnx("secret for user \"%s\", auth-group \"%s\", " 177 "is too short; it should be at least 12 characters " 178 "long", auth->a_user, 179 auth->a_auth_group->ag_name); 180 else 181 log_warnx("secret for user \"%s\", target \"%s\", " 182 "is too short; it should be at least 16 characters " 183 "long", auth->a_user, 184 auth->a_auth_group->ag_target->t_name); 185 } 186 187 if (auth->a_mutual_secret != NULL) { 188 len = strlen(auth->a_secret); 189 if (len > 16) { 190 if (auth->a_auth_group->ag_name != NULL) 191 log_warnx("mutual secret for user \"%s\", " 192 "auth-group \"%s\", is too long; it should " 193 "be at most 16 characters long", 194 auth->a_user, auth->a_auth_group->ag_name); 195 else 196 log_warnx("mutual secret for user \"%s\", " 197 "target \"%s\", is too long; it should " 198 "be at most 16 characters long", 199 auth->a_user, 200 auth->a_auth_group->ag_target->t_name); 201 } 202 if (len < 12) { 203 if (auth->a_auth_group->ag_name != NULL) 204 log_warnx("mutual secret for user \"%s\", " 205 "auth-group \"%s\", is too short; it " 206 "should be at least 12 characters long", 207 auth->a_user, auth->a_auth_group->ag_name); 208 else 209 log_warnx("mutual secret for user \"%s\", " 210 "target \"%s\", is too short; it should be " 211 "at least 16 characters long", 212 auth->a_user, 213 auth->a_auth_group->ag_target->t_name); 214 } 215 } 216} 217 218const struct auth * 219auth_new_chap(struct auth_group *ag, const char *user, 220 const char *secret) 221{ 222 struct auth *auth; 223 224 if (ag->ag_type == AG_TYPE_UNKNOWN) 225 ag->ag_type = AG_TYPE_CHAP; 226 if (ag->ag_type != AG_TYPE_CHAP) { 227 if (ag->ag_name != NULL) 228 log_warnx("cannot mix \"chap\" authentication with " 229 "other types for auth-group \"%s\"", ag->ag_name); 230 else 231 log_warnx("cannot mix \"chap\" authentication with " 232 "other types for target \"%s\"", 233 ag->ag_target->t_name); 234 return (NULL); 235 } 236 237 auth = auth_new(ag); 238 auth->a_user = checked_strdup(user); 239 auth->a_secret = checked_strdup(secret); 240 241 auth_check_secret_length(auth); 242 243 return (auth); 244} 245 246const struct auth * 247auth_new_chap_mutual(struct auth_group *ag, const char *user, 248 const char *secret, const char *user2, const char *secret2) 249{ 250 struct auth *auth; 251 252 if (ag->ag_type == AG_TYPE_UNKNOWN) 253 ag->ag_type = AG_TYPE_CHAP_MUTUAL; 254 if (ag->ag_type != AG_TYPE_CHAP_MUTUAL) { 255 if (ag->ag_name != NULL) 256 log_warnx("cannot mix \"chap-mutual\" authentication " 257 "with other types for auth-group \"%s\"", 258 ag->ag_name); 259 else 260 log_warnx("cannot mix \"chap-mutual\" authentication " 261 "with other types for target \"%s\"", 262 ag->ag_target->t_name); 263 return (NULL); 264 } 265 266 auth = auth_new(ag); 267 auth->a_user = checked_strdup(user); 268 auth->a_secret = checked_strdup(secret); 269 auth->a_mutual_user = checked_strdup(user2); 270 auth->a_mutual_secret = checked_strdup(secret2); 271 272 auth_check_secret_length(auth); 273 274 return (auth); 275} 276 277const struct auth_name * 278auth_name_new(struct auth_group *ag, const char *name) 279{ 280 struct auth_name *an; 281 282 an = calloc(1, sizeof(*an)); 283 if (an == NULL) 284 log_err(1, "calloc"); 285 an->an_auth_group = ag; 286 an->an_initator_name = checked_strdup(name); 287 TAILQ_INSERT_TAIL(&ag->ag_names, an, an_next); 288 return (an); 289} 290 291static void 292auth_name_delete(struct auth_name *an) 293{ 294 TAILQ_REMOVE(&an->an_auth_group->ag_names, an, an_next); 295 296 free(an->an_initator_name); 297 free(an); 298} 299 300bool 301auth_name_defined(const struct auth_group *ag) 302{ 303 if (TAILQ_EMPTY(&ag->ag_names)) 304 return (false); 305 return (true); 306} 307 308const struct auth_name * 309auth_name_find(const struct auth_group *ag, const char *name) 310{ 311 const struct auth_name *auth_name; 312 313 TAILQ_FOREACH(auth_name, &ag->ag_names, an_next) { 314 if (strcmp(auth_name->an_initator_name, name) == 0) 315 return (auth_name); 316 } 317 318 return (NULL); 319} 320 321const struct auth_portal * 322auth_portal_new(struct auth_group *ag, const char *portal) 323{ 324 struct auth_portal *ap; 325 char *net, *mask, *str, *tmp; 326 int len, dm, m; 327 328 ap = calloc(1, sizeof(*ap)); 329 if (ap == NULL) 330 log_err(1, "calloc"); 331 ap->ap_auth_group = ag; 332 ap->ap_initator_portal = checked_strdup(portal); 333 mask = str = checked_strdup(portal); 334 net = strsep(&mask, "/"); 335 if (net[0] == '[') 336 net++; 337 len = strlen(net); 338 if (len == 0) 339 goto error; 340 if (net[len - 1] == ']') 341 net[len - 1] = 0; 342 if (strchr(net, ':') != NULL) { 343 struct sockaddr_in6 *sin6 = 344 (struct sockaddr_in6 *)&ap->ap_sa; 345 346 sin6->sin6_len = sizeof(*sin6); 347 sin6->sin6_family = AF_INET6; 348 if (inet_pton(AF_INET6, net, &sin6->sin6_addr) <= 0) 349 goto error; 350 dm = 128; 351 } else { 352 struct sockaddr_in *sin = 353 (struct sockaddr_in *)&ap->ap_sa; 354 355 sin->sin_len = sizeof(*sin); 356 sin->sin_family = AF_INET; 357 if (inet_pton(AF_INET, net, &sin->sin_addr) <= 0) 358 goto error; 359 dm = 32; 360 } 361 if (mask != NULL) { 362 m = strtol(mask, &tmp, 0); 363 if (m < 0 || m > dm || tmp[0] != 0) 364 goto error; 365 } else 366 m = dm; 367 ap->ap_mask = m; 368 free(str); 369 TAILQ_INSERT_TAIL(&ag->ag_portals, ap, ap_next); 370 return (ap); 371 372error: 373 log_errx(1, "Incorrect initiator portal '%s'", portal); 374 return (NULL); 375} 376 377static void 378auth_portal_delete(struct auth_portal *ap) 379{ 380 TAILQ_REMOVE(&ap->ap_auth_group->ag_portals, ap, ap_next); 381 382 free(ap->ap_initator_portal); 383 free(ap); 384} 385 386bool 387auth_portal_defined(const struct auth_group *ag) 388{ 389 if (TAILQ_EMPTY(&ag->ag_portals)) 390 return (false); 391 return (true); 392} 393 394const struct auth_portal * 395auth_portal_find(const struct auth_group *ag, const struct sockaddr_storage *ss) 396{ 397 const struct auth_portal *ap; 398 const uint8_t *a, *b; 399 int i; 400 uint8_t bmask; 401 402 TAILQ_FOREACH(ap, &ag->ag_portals, ap_next) { 403 if (ap->ap_sa.ss_family != ss->ss_family) 404 continue; 405 if (ss->ss_family == AF_INET) { 406 a = (const uint8_t *) 407 &((const struct sockaddr_in *)ss)->sin_addr; 408 b = (const uint8_t *) 409 &((const struct sockaddr_in *)&ap->ap_sa)->sin_addr; 410 } else { 411 a = (const uint8_t *) 412 &((const struct sockaddr_in6 *)ss)->sin6_addr; 413 b = (const uint8_t *) 414 &((const struct sockaddr_in6 *)&ap->ap_sa)->sin6_addr; 415 } 416 for (i = 0; i < ap->ap_mask / 8; i++) { 417 if (a[i] != b[i]) 418 goto next; 419 } 420 if (ap->ap_mask % 8) { 421 bmask = 0xff << (8 - (ap->ap_mask % 8)); 422 if ((a[i] & bmask) != (b[i] & bmask)) 423 goto next; 424 } 425 return (ap); 426next: 427 ; 428 } 429 430 return (NULL); 431} 432 433struct auth_group * 434auth_group_new(struct conf *conf, const char *name) 435{ 436 struct auth_group *ag; 437 438 if (name != NULL) { 439 ag = auth_group_find(conf, name); 440 if (ag != NULL) { 441 log_warnx("duplicated auth-group \"%s\"", name); 442 return (NULL); 443 } 444 } 445 446 ag = calloc(1, sizeof(*ag)); 447 if (ag == NULL) 448 log_err(1, "calloc"); 449 if (name != NULL) 450 ag->ag_name = checked_strdup(name); 451 TAILQ_INIT(&ag->ag_auths); 452 TAILQ_INIT(&ag->ag_names); 453 TAILQ_INIT(&ag->ag_portals); 454 ag->ag_conf = conf; 455 TAILQ_INSERT_TAIL(&conf->conf_auth_groups, ag, ag_next); 456 457 return (ag); 458} 459 460void 461auth_group_delete(struct auth_group *ag) 462{ 463 struct auth *auth, *auth_tmp; 464 struct auth_name *auth_name, *auth_name_tmp; 465 struct auth_portal *auth_portal, *auth_portal_tmp; 466 467 TAILQ_REMOVE(&ag->ag_conf->conf_auth_groups, ag, ag_next); 468 469 TAILQ_FOREACH_SAFE(auth, &ag->ag_auths, a_next, auth_tmp) 470 auth_delete(auth); 471 TAILQ_FOREACH_SAFE(auth_name, &ag->ag_names, an_next, auth_name_tmp) 472 auth_name_delete(auth_name); 473 TAILQ_FOREACH_SAFE(auth_portal, &ag->ag_portals, ap_next, 474 auth_portal_tmp) 475 auth_portal_delete(auth_portal); 476 free(ag->ag_name); 477 free(ag); 478} 479 480struct auth_group * 481auth_group_find(const struct conf *conf, const char *name) 482{ 483 struct auth_group *ag; 484 485 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 486 if (ag->ag_name != NULL && strcmp(ag->ag_name, name) == 0) 487 return (ag); 488 } 489 490 return (NULL); 491} 492 493static int 494auth_group_set_type(struct auth_group *ag, int type) 495{ 496 497 if (ag->ag_type == AG_TYPE_UNKNOWN) { 498 ag->ag_type = type; 499 return (0); 500 } 501 502 if (ag->ag_type == type) 503 return (0); 504 505 return (1); 506} 507 508int 509auth_group_set_type_str(struct auth_group *ag, const char *str) 510{ 511 int error, type; 512 513 if (strcmp(str, "none") == 0) { 514 type = AG_TYPE_NO_AUTHENTICATION; 515 } else if (strcmp(str, "deny") == 0) { 516 type = AG_TYPE_DENY; 517 } else if (strcmp(str, "chap") == 0) { 518 type = AG_TYPE_CHAP; 519 } else if (strcmp(str, "chap-mutual") == 0) { 520 type = AG_TYPE_CHAP_MUTUAL; 521 } else { 522 if (ag->ag_name != NULL) 523 log_warnx("invalid auth-type \"%s\" for auth-group " 524 "\"%s\"", str, ag->ag_name); 525 else 526 log_warnx("invalid auth-type \"%s\" for target " 527 "\"%s\"", str, ag->ag_target->t_name); 528 return (1); 529 } 530 531 error = auth_group_set_type(ag, type); 532 if (error != 0) { 533 if (ag->ag_name != NULL) 534 log_warnx("cannot set auth-type to \"%s\" for " 535 "auth-group \"%s\"; already has a different " 536 "type", str, ag->ag_name); 537 else 538 log_warnx("cannot set auth-type to \"%s\" for target " 539 "\"%s\"; already has a different type", 540 str, ag->ag_target->t_name); 541 return (1); 542 } 543 544 return (error); 545} 546 547static struct portal * 548portal_new(struct portal_group *pg) 549{ 550 struct portal *portal; 551 552 portal = calloc(1, sizeof(*portal)); 553 if (portal == NULL) 554 log_err(1, "calloc"); 555 TAILQ_INIT(&portal->p_targets); 556 portal->p_portal_group = pg; 557 TAILQ_INSERT_TAIL(&pg->pg_portals, portal, p_next); 558 return (portal); 559} 560 561static void 562portal_delete(struct portal *portal) 563{ 564 565 TAILQ_REMOVE(&portal->p_portal_group->pg_portals, portal, p_next); 566 if (portal->p_ai != NULL) 567 freeaddrinfo(portal->p_ai); 568 free(portal->p_listen); 569 free(portal); 570} 571 572struct portal_group * 573portal_group_new(struct conf *conf, const char *name) 574{ 575 struct portal_group *pg; 576 577 pg = portal_group_find(conf, name); 578 if (pg != NULL) { 579 log_warnx("duplicated portal-group \"%s\"", name); 580 return (NULL); 581 } 582 583 pg = calloc(1, sizeof(*pg)); 584 if (pg == NULL) 585 log_err(1, "calloc"); 586 pg->pg_name = checked_strdup(name); 587 TAILQ_INIT(&pg->pg_portals); 588 pg->pg_conf = conf; 589 conf->conf_last_portal_group_tag++; 590 pg->pg_tag = conf->conf_last_portal_group_tag; 591 TAILQ_INSERT_TAIL(&conf->conf_portal_groups, pg, pg_next); 592 593 return (pg); 594} 595 596void 597portal_group_delete(struct portal_group *pg) 598{ 599 struct portal *portal, *tmp; 600 601 TAILQ_REMOVE(&pg->pg_conf->conf_portal_groups, pg, pg_next); 602 603 TAILQ_FOREACH_SAFE(portal, &pg->pg_portals, p_next, tmp) 604 portal_delete(portal); 605 free(pg->pg_name); 606 free(pg); 607} 608 609struct portal_group * 610portal_group_find(const struct conf *conf, const char *name) 611{ 612 struct portal_group *pg; 613 614 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 615 if (strcmp(pg->pg_name, name) == 0) 616 return (pg); 617 } 618 619 return (NULL); 620} 621
| 122 free(conf->conf_pidfile_path); 123 free(conf); 124} 125 126static struct auth * 127auth_new(struct auth_group *ag) 128{ 129 struct auth *auth; 130 131 auth = calloc(1, sizeof(*auth)); 132 if (auth == NULL) 133 log_err(1, "calloc"); 134 auth->a_auth_group = ag; 135 TAILQ_INSERT_TAIL(&ag->ag_auths, auth, a_next); 136 return (auth); 137} 138 139static void 140auth_delete(struct auth *auth) 141{ 142 TAILQ_REMOVE(&auth->a_auth_group->ag_auths, auth, a_next); 143 144 free(auth->a_user); 145 free(auth->a_secret); 146 free(auth->a_mutual_user); 147 free(auth->a_mutual_secret); 148 free(auth); 149} 150 151const struct auth * 152auth_find(const struct auth_group *ag, const char *user) 153{ 154 const struct auth *auth; 155 156 TAILQ_FOREACH(auth, &ag->ag_auths, a_next) { 157 if (strcmp(auth->a_user, user) == 0) 158 return (auth); 159 } 160 161 return (NULL); 162} 163 164static void 165auth_check_secret_length(struct auth *auth) 166{ 167 size_t len; 168 169 len = strlen(auth->a_secret); 170 if (len > 16) { 171 if (auth->a_auth_group->ag_name != NULL) 172 log_warnx("secret for user \"%s\", auth-group \"%s\", " 173 "is too long; it should be at most 16 characters " 174 "long", auth->a_user, auth->a_auth_group->ag_name); 175 else 176 log_warnx("secret for user \"%s\", target \"%s\", " 177 "is too long; it should be at most 16 characters " 178 "long", auth->a_user, 179 auth->a_auth_group->ag_target->t_name); 180 } 181 if (len < 12) { 182 if (auth->a_auth_group->ag_name != NULL) 183 log_warnx("secret for user \"%s\", auth-group \"%s\", " 184 "is too short; it should be at least 12 characters " 185 "long", auth->a_user, 186 auth->a_auth_group->ag_name); 187 else 188 log_warnx("secret for user \"%s\", target \"%s\", " 189 "is too short; it should be at least 16 characters " 190 "long", auth->a_user, 191 auth->a_auth_group->ag_target->t_name); 192 } 193 194 if (auth->a_mutual_secret != NULL) { 195 len = strlen(auth->a_secret); 196 if (len > 16) { 197 if (auth->a_auth_group->ag_name != NULL) 198 log_warnx("mutual secret for user \"%s\", " 199 "auth-group \"%s\", is too long; it should " 200 "be at most 16 characters long", 201 auth->a_user, auth->a_auth_group->ag_name); 202 else 203 log_warnx("mutual secret for user \"%s\", " 204 "target \"%s\", is too long; it should " 205 "be at most 16 characters long", 206 auth->a_user, 207 auth->a_auth_group->ag_target->t_name); 208 } 209 if (len < 12) { 210 if (auth->a_auth_group->ag_name != NULL) 211 log_warnx("mutual secret for user \"%s\", " 212 "auth-group \"%s\", is too short; it " 213 "should be at least 12 characters long", 214 auth->a_user, auth->a_auth_group->ag_name); 215 else 216 log_warnx("mutual secret for user \"%s\", " 217 "target \"%s\", is too short; it should be " 218 "at least 16 characters long", 219 auth->a_user, 220 auth->a_auth_group->ag_target->t_name); 221 } 222 } 223} 224 225const struct auth * 226auth_new_chap(struct auth_group *ag, const char *user, 227 const char *secret) 228{ 229 struct auth *auth; 230 231 if (ag->ag_type == AG_TYPE_UNKNOWN) 232 ag->ag_type = AG_TYPE_CHAP; 233 if (ag->ag_type != AG_TYPE_CHAP) { 234 if (ag->ag_name != NULL) 235 log_warnx("cannot mix \"chap\" authentication with " 236 "other types for auth-group \"%s\"", ag->ag_name); 237 else 238 log_warnx("cannot mix \"chap\" authentication with " 239 "other types for target \"%s\"", 240 ag->ag_target->t_name); 241 return (NULL); 242 } 243 244 auth = auth_new(ag); 245 auth->a_user = checked_strdup(user); 246 auth->a_secret = checked_strdup(secret); 247 248 auth_check_secret_length(auth); 249 250 return (auth); 251} 252 253const struct auth * 254auth_new_chap_mutual(struct auth_group *ag, const char *user, 255 const char *secret, const char *user2, const char *secret2) 256{ 257 struct auth *auth; 258 259 if (ag->ag_type == AG_TYPE_UNKNOWN) 260 ag->ag_type = AG_TYPE_CHAP_MUTUAL; 261 if (ag->ag_type != AG_TYPE_CHAP_MUTUAL) { 262 if (ag->ag_name != NULL) 263 log_warnx("cannot mix \"chap-mutual\" authentication " 264 "with other types for auth-group \"%s\"", 265 ag->ag_name); 266 else 267 log_warnx("cannot mix \"chap-mutual\" authentication " 268 "with other types for target \"%s\"", 269 ag->ag_target->t_name); 270 return (NULL); 271 } 272 273 auth = auth_new(ag); 274 auth->a_user = checked_strdup(user); 275 auth->a_secret = checked_strdup(secret); 276 auth->a_mutual_user = checked_strdup(user2); 277 auth->a_mutual_secret = checked_strdup(secret2); 278 279 auth_check_secret_length(auth); 280 281 return (auth); 282} 283 284const struct auth_name * 285auth_name_new(struct auth_group *ag, const char *name) 286{ 287 struct auth_name *an; 288 289 an = calloc(1, sizeof(*an)); 290 if (an == NULL) 291 log_err(1, "calloc"); 292 an->an_auth_group = ag; 293 an->an_initator_name = checked_strdup(name); 294 TAILQ_INSERT_TAIL(&ag->ag_names, an, an_next); 295 return (an); 296} 297 298static void 299auth_name_delete(struct auth_name *an) 300{ 301 TAILQ_REMOVE(&an->an_auth_group->ag_names, an, an_next); 302 303 free(an->an_initator_name); 304 free(an); 305} 306 307bool 308auth_name_defined(const struct auth_group *ag) 309{ 310 if (TAILQ_EMPTY(&ag->ag_names)) 311 return (false); 312 return (true); 313} 314 315const struct auth_name * 316auth_name_find(const struct auth_group *ag, const char *name) 317{ 318 const struct auth_name *auth_name; 319 320 TAILQ_FOREACH(auth_name, &ag->ag_names, an_next) { 321 if (strcmp(auth_name->an_initator_name, name) == 0) 322 return (auth_name); 323 } 324 325 return (NULL); 326} 327 328const struct auth_portal * 329auth_portal_new(struct auth_group *ag, const char *portal) 330{ 331 struct auth_portal *ap; 332 char *net, *mask, *str, *tmp; 333 int len, dm, m; 334 335 ap = calloc(1, sizeof(*ap)); 336 if (ap == NULL) 337 log_err(1, "calloc"); 338 ap->ap_auth_group = ag; 339 ap->ap_initator_portal = checked_strdup(portal); 340 mask = str = checked_strdup(portal); 341 net = strsep(&mask, "/"); 342 if (net[0] == '[') 343 net++; 344 len = strlen(net); 345 if (len == 0) 346 goto error; 347 if (net[len - 1] == ']') 348 net[len - 1] = 0; 349 if (strchr(net, ':') != NULL) { 350 struct sockaddr_in6 *sin6 = 351 (struct sockaddr_in6 *)&ap->ap_sa; 352 353 sin6->sin6_len = sizeof(*sin6); 354 sin6->sin6_family = AF_INET6; 355 if (inet_pton(AF_INET6, net, &sin6->sin6_addr) <= 0) 356 goto error; 357 dm = 128; 358 } else { 359 struct sockaddr_in *sin = 360 (struct sockaddr_in *)&ap->ap_sa; 361 362 sin->sin_len = sizeof(*sin); 363 sin->sin_family = AF_INET; 364 if (inet_pton(AF_INET, net, &sin->sin_addr) <= 0) 365 goto error; 366 dm = 32; 367 } 368 if (mask != NULL) { 369 m = strtol(mask, &tmp, 0); 370 if (m < 0 || m > dm || tmp[0] != 0) 371 goto error; 372 } else 373 m = dm; 374 ap->ap_mask = m; 375 free(str); 376 TAILQ_INSERT_TAIL(&ag->ag_portals, ap, ap_next); 377 return (ap); 378 379error: 380 log_errx(1, "Incorrect initiator portal '%s'", portal); 381 return (NULL); 382} 383 384static void 385auth_portal_delete(struct auth_portal *ap) 386{ 387 TAILQ_REMOVE(&ap->ap_auth_group->ag_portals, ap, ap_next); 388 389 free(ap->ap_initator_portal); 390 free(ap); 391} 392 393bool 394auth_portal_defined(const struct auth_group *ag) 395{ 396 if (TAILQ_EMPTY(&ag->ag_portals)) 397 return (false); 398 return (true); 399} 400 401const struct auth_portal * 402auth_portal_find(const struct auth_group *ag, const struct sockaddr_storage *ss) 403{ 404 const struct auth_portal *ap; 405 const uint8_t *a, *b; 406 int i; 407 uint8_t bmask; 408 409 TAILQ_FOREACH(ap, &ag->ag_portals, ap_next) { 410 if (ap->ap_sa.ss_family != ss->ss_family) 411 continue; 412 if (ss->ss_family == AF_INET) { 413 a = (const uint8_t *) 414 &((const struct sockaddr_in *)ss)->sin_addr; 415 b = (const uint8_t *) 416 &((const struct sockaddr_in *)&ap->ap_sa)->sin_addr; 417 } else { 418 a = (const uint8_t *) 419 &((const struct sockaddr_in6 *)ss)->sin6_addr; 420 b = (const uint8_t *) 421 &((const struct sockaddr_in6 *)&ap->ap_sa)->sin6_addr; 422 } 423 for (i = 0; i < ap->ap_mask / 8; i++) { 424 if (a[i] != b[i]) 425 goto next; 426 } 427 if (ap->ap_mask % 8) { 428 bmask = 0xff << (8 - (ap->ap_mask % 8)); 429 if ((a[i] & bmask) != (b[i] & bmask)) 430 goto next; 431 } 432 return (ap); 433next: 434 ; 435 } 436 437 return (NULL); 438} 439 440struct auth_group * 441auth_group_new(struct conf *conf, const char *name) 442{ 443 struct auth_group *ag; 444 445 if (name != NULL) { 446 ag = auth_group_find(conf, name); 447 if (ag != NULL) { 448 log_warnx("duplicated auth-group \"%s\"", name); 449 return (NULL); 450 } 451 } 452 453 ag = calloc(1, sizeof(*ag)); 454 if (ag == NULL) 455 log_err(1, "calloc"); 456 if (name != NULL) 457 ag->ag_name = checked_strdup(name); 458 TAILQ_INIT(&ag->ag_auths); 459 TAILQ_INIT(&ag->ag_names); 460 TAILQ_INIT(&ag->ag_portals); 461 ag->ag_conf = conf; 462 TAILQ_INSERT_TAIL(&conf->conf_auth_groups, ag, ag_next); 463 464 return (ag); 465} 466 467void 468auth_group_delete(struct auth_group *ag) 469{ 470 struct auth *auth, *auth_tmp; 471 struct auth_name *auth_name, *auth_name_tmp; 472 struct auth_portal *auth_portal, *auth_portal_tmp; 473 474 TAILQ_REMOVE(&ag->ag_conf->conf_auth_groups, ag, ag_next); 475 476 TAILQ_FOREACH_SAFE(auth, &ag->ag_auths, a_next, auth_tmp) 477 auth_delete(auth); 478 TAILQ_FOREACH_SAFE(auth_name, &ag->ag_names, an_next, auth_name_tmp) 479 auth_name_delete(auth_name); 480 TAILQ_FOREACH_SAFE(auth_portal, &ag->ag_portals, ap_next, 481 auth_portal_tmp) 482 auth_portal_delete(auth_portal); 483 free(ag->ag_name); 484 free(ag); 485} 486 487struct auth_group * 488auth_group_find(const struct conf *conf, const char *name) 489{ 490 struct auth_group *ag; 491 492 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 493 if (ag->ag_name != NULL && strcmp(ag->ag_name, name) == 0) 494 return (ag); 495 } 496 497 return (NULL); 498} 499 500static int 501auth_group_set_type(struct auth_group *ag, int type) 502{ 503 504 if (ag->ag_type == AG_TYPE_UNKNOWN) { 505 ag->ag_type = type; 506 return (0); 507 } 508 509 if (ag->ag_type == type) 510 return (0); 511 512 return (1); 513} 514 515int 516auth_group_set_type_str(struct auth_group *ag, const char *str) 517{ 518 int error, type; 519 520 if (strcmp(str, "none") == 0) { 521 type = AG_TYPE_NO_AUTHENTICATION; 522 } else if (strcmp(str, "deny") == 0) { 523 type = AG_TYPE_DENY; 524 } else if (strcmp(str, "chap") == 0) { 525 type = AG_TYPE_CHAP; 526 } else if (strcmp(str, "chap-mutual") == 0) { 527 type = AG_TYPE_CHAP_MUTUAL; 528 } else { 529 if (ag->ag_name != NULL) 530 log_warnx("invalid auth-type \"%s\" for auth-group " 531 "\"%s\"", str, ag->ag_name); 532 else 533 log_warnx("invalid auth-type \"%s\" for target " 534 "\"%s\"", str, ag->ag_target->t_name); 535 return (1); 536 } 537 538 error = auth_group_set_type(ag, type); 539 if (error != 0) { 540 if (ag->ag_name != NULL) 541 log_warnx("cannot set auth-type to \"%s\" for " 542 "auth-group \"%s\"; already has a different " 543 "type", str, ag->ag_name); 544 else 545 log_warnx("cannot set auth-type to \"%s\" for target " 546 "\"%s\"; already has a different type", 547 str, ag->ag_target->t_name); 548 return (1); 549 } 550 551 return (error); 552} 553 554static struct portal * 555portal_new(struct portal_group *pg) 556{ 557 struct portal *portal; 558 559 portal = calloc(1, sizeof(*portal)); 560 if (portal == NULL) 561 log_err(1, "calloc"); 562 TAILQ_INIT(&portal->p_targets); 563 portal->p_portal_group = pg; 564 TAILQ_INSERT_TAIL(&pg->pg_portals, portal, p_next); 565 return (portal); 566} 567 568static void 569portal_delete(struct portal *portal) 570{ 571 572 TAILQ_REMOVE(&portal->p_portal_group->pg_portals, portal, p_next); 573 if (portal->p_ai != NULL) 574 freeaddrinfo(portal->p_ai); 575 free(portal->p_listen); 576 free(portal); 577} 578 579struct portal_group * 580portal_group_new(struct conf *conf, const char *name) 581{ 582 struct portal_group *pg; 583 584 pg = portal_group_find(conf, name); 585 if (pg != NULL) { 586 log_warnx("duplicated portal-group \"%s\"", name); 587 return (NULL); 588 } 589 590 pg = calloc(1, sizeof(*pg)); 591 if (pg == NULL) 592 log_err(1, "calloc"); 593 pg->pg_name = checked_strdup(name); 594 TAILQ_INIT(&pg->pg_portals); 595 pg->pg_conf = conf; 596 conf->conf_last_portal_group_tag++; 597 pg->pg_tag = conf->conf_last_portal_group_tag; 598 TAILQ_INSERT_TAIL(&conf->conf_portal_groups, pg, pg_next); 599 600 return (pg); 601} 602 603void 604portal_group_delete(struct portal_group *pg) 605{ 606 struct portal *portal, *tmp; 607 608 TAILQ_REMOVE(&pg->pg_conf->conf_portal_groups, pg, pg_next); 609 610 TAILQ_FOREACH_SAFE(portal, &pg->pg_portals, p_next, tmp) 611 portal_delete(portal); 612 free(pg->pg_name); 613 free(pg); 614} 615 616struct portal_group * 617portal_group_find(const struct conf *conf, const char *name) 618{ 619 struct portal_group *pg; 620 621 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 622 if (strcmp(pg->pg_name, name) == 0) 623 return (pg); 624 } 625 626 return (NULL); 627} 628
|
622int 623portal_group_add_listen(struct portal_group *pg, const char *value, bool iser)
| 629static int 630parse_addr_port(char *arg, const char *def_port, struct addrinfo **ai)
|
624{ 625 struct addrinfo hints;
| 631{ 632 struct addrinfo hints;
|
626 struct portal *portal; 627 char *addr, *ch, *arg;
| 633 char *addr, *ch;
|
628 const char *port; 629 int error, colons = 0; 630
| 634 const char *port; 635 int error, colons = 0; 636
|
631 portal = portal_new(pg); 632 portal->p_listen = checked_strdup(value); 633 portal->p_iser = iser; 634 635 arg = portal->p_listen; 636 if (arg[0] == '\0') { 637 log_warnx("empty listen address"); 638 portal_delete(portal); 639 return (1); 640 }
| |
641 if (arg[0] == '[') { 642 /* 643 * IPv6 address in square brackets, perhaps with port. 644 */ 645 arg++; 646 addr = strsep(&arg, "]");
| 637 if (arg[0] == '[') { 638 /* 639 * IPv6 address in square brackets, perhaps with port. 640 */ 641 arg++; 642 addr = strsep(&arg, "]");
|
647 if (arg == NULL) { 648 log_warnx("invalid listen address %s", 649 portal->p_listen); 650 portal_delete(portal);
| 643 if (arg == NULL)
|
651 return (1);
| 644 return (1);
|
652 }
| |
653 if (arg[0] == '\0') {
| 645 if (arg[0] == '\0') {
|
654 port = "3260";
| 646 port = def_port;
|
655 } else if (arg[0] == ':') { 656 port = arg + 1;
| 647 } else if (arg[0] == ':') { 648 port = arg + 1;
|
657 } else { 658 log_warnx("invalid listen address %s", 659 portal->p_listen); 660 portal_delete(portal);
| 649 } else
|
661 return (1);
| 650 return (1);
|
662 }
| |
663 } else { 664 /* 665 * Either IPv6 address without brackets - and without 666 * a port - or IPv4 address. Just count the colons. 667 */ 668 for (ch = arg; *ch != '\0'; ch++) { 669 if (*ch == ':') 670 colons++; 671 } 672 if (colons > 1) { 673 addr = arg;
| 651 } else { 652 /* 653 * Either IPv6 address without brackets - and without 654 * a port - or IPv4 address. Just count the colons. 655 */ 656 for (ch = arg; *ch != '\0'; ch++) { 657 if (*ch == ':') 658 colons++; 659 } 660 if (colons > 1) { 661 addr = arg;
|
674 port = "3260";
| 662 port = def_port;
|
675 } else { 676 addr = strsep(&arg, ":"); 677 if (arg == NULL)
| 663 } else { 664 addr = strsep(&arg, ":"); 665 if (arg == NULL)
|
678 port = "3260";
| 666 port = def_port;
|
679 else 680 port = arg; 681 } 682 } 683 684 memset(&hints, 0, sizeof(hints)); 685 hints.ai_family = PF_UNSPEC; 686 hints.ai_socktype = SOCK_STREAM; 687 hints.ai_flags = AI_PASSIVE;
| 667 else 668 port = arg; 669 } 670 } 671 672 memset(&hints, 0, sizeof(hints)); 673 hints.ai_family = PF_UNSPEC; 674 hints.ai_socktype = SOCK_STREAM; 675 hints.ai_flags = AI_PASSIVE;
|
| 676 error = getaddrinfo(addr, port, &hints, ai); 677 if (error != 0) 678 return (1); 679 return (0); 680}
|
688
| 681
|
689 error = getaddrinfo(addr, port, &hints, &portal->p_ai); 690 if (error != 0) { 691 log_warnx("getaddrinfo for %s failed: %s", 692 portal->p_listen, gai_strerror(error));
| 682int 683portal_group_add_listen(struct portal_group *pg, const char *value, bool iser) 684{ 685 struct portal *portal; 686 687 portal = portal_new(pg); 688 portal->p_listen = checked_strdup(value); 689 portal->p_iser = iser; 690 691 if (parse_addr_port(portal->p_listen, "3260", &portal->p_ai)) { 692 log_warnx("invalid listen address %s", portal->p_listen);
|
693 portal_delete(portal); 694 return (1); 695 } 696 697 /* 698 * XXX: getaddrinfo(3) may return multiple addresses; we should turn 699 * those into multiple portals. 700 */ 701 702 return (0); 703} 704
| 693 portal_delete(portal); 694 return (1); 695 } 696 697 /* 698 * XXX: getaddrinfo(3) may return multiple addresses; we should turn 699 * those into multiple portals. 700 */ 701 702 return (0); 703} 704
|
| 705int 706isns_new(struct conf *conf, const char *addr) 707{ 708 struct isns *isns; 709 710 isns = calloc(1, sizeof(*isns)); 711 if (isns == NULL) 712 log_err(1, "calloc"); 713 isns->i_conf = conf; 714 TAILQ_INSERT_TAIL(&conf->conf_isns, isns, i_next); 715 isns->i_addr = checked_strdup(addr); 716 717 if (parse_addr_port(isns->i_addr, "3205", &isns->i_ai)) { 718 log_warnx("invalid iSNS address %s", isns->i_addr); 719 isns_delete(isns); 720 return (1); 721 } 722 723 /* 724 * XXX: getaddrinfo(3) may return multiple addresses; we should turn 725 * those into multiple servers. 726 */ 727 728 return (0); 729} 730 731void 732isns_delete(struct isns *isns) 733{ 734 735 TAILQ_REMOVE(&isns->i_conf->conf_isns, isns, i_next); 736 free(isns->i_addr); 737 if (isns->i_ai != NULL) 738 freeaddrinfo(isns->i_ai); 739 free(isns); 740} 741 742static int 743isns_do_connect(struct isns *isns) 744{ 745 int s; 746 747 s = socket(isns->i_ai->ai_family, isns->i_ai->ai_socktype, 748 isns->i_ai->ai_protocol); 749 if (s < 0) { 750 log_warn("socket(2) failed for %s", isns->i_addr); 751 return (-1); 752 } 753 if (connect(s, isns->i_ai->ai_addr, isns->i_ai->ai_addrlen)) { 754 log_warn("connect(2) failed for %s", isns->i_addr); 755 close(s); 756 return (-1); 757 } 758 return(s); 759} 760 761static int 762isns_do_register(struct isns *isns, int s, const char *hostname) 763{ 764 struct conf *conf = isns->i_conf; 765 struct target *target; 766 struct portal *portal; 767 struct portal_group *pg; 768 struct isns_req *req; 769 int res = 0; 770 uint32_t error; 771 772 req = isns_req_create(ISNS_FUNC_DEVATTRREG, ISNS_FLAG_CLIENT); 773 isns_req_add_str(req, 32, TAILQ_FIRST(&conf->conf_targets)->t_name); 774 isns_req_add_delim(req); 775 isns_req_add_str(req, 1, hostname); 776 isns_req_add_32(req, 2, 2); /* 2 -- iSCSI */ 777 isns_req_add_32(req, 6, conf->conf_isns_period); 778 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 779 if (pg->pg_unassigned) 780 continue; 781 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 782 isns_req_add_addr(req, 16, portal->p_ai); 783 isns_req_add_port(req, 17, portal->p_ai); 784 } 785 } 786 TAILQ_FOREACH(target, &conf->conf_targets, t_next) { 787 isns_req_add_str(req, 32, target->t_name); 788 isns_req_add_32(req, 33, 1); /* 1 -- Target*/ 789 if (target->t_alias != NULL) 790 isns_req_add_str(req, 34, target->t_alias); 791 pg = target->t_portal_group; 792 isns_req_add_32(req, 51, pg->pg_tag); 793 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 794 isns_req_add_addr(req, 49, portal->p_ai); 795 isns_req_add_port(req, 50, portal->p_ai); 796 } 797 } 798 res = isns_req_send(s, req); 799 if (res < 0) { 800 log_warn("send(2) failed for %s", isns->i_addr); 801 goto quit; 802 } 803 res = isns_req_receive(s, req); 804 if (res < 0) { 805 log_warn("receive(2) failed for %s", isns->i_addr); 806 goto quit; 807 } 808 error = isns_req_get_status(req); 809 if (error != 0) { 810 log_warnx("iSNS register error %d for %s", error, isns->i_addr); 811 res = -1; 812 } 813quit: 814 isns_req_free(req); 815 return (res); 816} 817 818static int 819isns_do_check(struct isns *isns, int s, const char *hostname) 820{ 821 struct conf *conf = isns->i_conf; 822 struct isns_req *req; 823 int res = 0; 824 uint32_t error; 825 826 req = isns_req_create(ISNS_FUNC_DEVATTRQRY, ISNS_FLAG_CLIENT); 827 isns_req_add_str(req, 32, TAILQ_FIRST(&conf->conf_targets)->t_name); 828 isns_req_add_str(req, 1, hostname); 829 isns_req_add_delim(req); 830 isns_req_add(req, 2, 0, NULL); 831 res = isns_req_send(s, req); 832 if (res < 0) { 833 log_warn("send(2) failed for %s", isns->i_addr); 834 goto quit; 835 } 836 res = isns_req_receive(s, req); 837 if (res < 0) { 838 log_warn("receive(2) failed for %s", isns->i_addr); 839 goto quit; 840 } 841 error = isns_req_get_status(req); 842 if (error != 0) { 843 log_warnx("iSNS check error %d for %s", error, isns->i_addr); 844 res = -1; 845 } 846quit: 847 isns_req_free(req); 848 return (res); 849} 850 851static int 852isns_do_deregister(struct isns *isns, int s, const char *hostname) 853{ 854 struct conf *conf = isns->i_conf; 855 struct isns_req *req; 856 int res = 0; 857 uint32_t error; 858 859 req = isns_req_create(ISNS_FUNC_DEVDEREG, ISNS_FLAG_CLIENT); 860 isns_req_add_str(req, 32, TAILQ_FIRST(&conf->conf_targets)->t_name); 861 isns_req_add_delim(req); 862 isns_req_add_str(req, 1, hostname); 863 res = isns_req_send(s, req); 864 if (res < 0) { 865 log_warn("send(2) failed for %s", isns->i_addr); 866 goto quit; 867 } 868 res = isns_req_receive(s, req); 869 if (res < 0) { 870 log_warn("receive(2) failed for %s", isns->i_addr); 871 goto quit; 872 } 873 error = isns_req_get_status(req); 874 if (error != 0) { 875 log_warnx("iSNS deregister error %d for %s", error, isns->i_addr); 876 res = -1; 877 } 878quit: 879 isns_req_free(req); 880 return (res); 881} 882 883void 884isns_register(struct isns *isns, struct isns *oldisns) 885{ 886 struct conf *conf = isns->i_conf; 887 int s, res; 888 char hostname[256]; 889 890 if (TAILQ_EMPTY(&conf->conf_targets) || 891 TAILQ_EMPTY(&conf->conf_portal_groups)) 892 return; 893 set_timeout(conf->conf_isns_timeout, false); 894 s = isns_do_connect(isns); 895 if (s < 0) { 896 set_timeout(0, false); 897 return; 898 } 899 gethostname(hostname, sizeof(hostname)); 900 901 if (oldisns == NULL || TAILQ_EMPTY(&oldisns->i_conf->conf_targets)) 902 oldisns = isns; 903 res = isns_do_deregister(oldisns, s, hostname); 904 res = isns_do_register(isns, s, hostname); 905 close(s); 906 set_timeout(0, false); 907} 908 909void 910isns_check(struct isns *isns) 911{ 912 struct conf *conf = isns->i_conf; 913 int s, res; 914 char hostname[256]; 915 916 if (TAILQ_EMPTY(&conf->conf_targets) || 917 TAILQ_EMPTY(&conf->conf_portal_groups)) 918 return; 919 set_timeout(conf->conf_isns_timeout, false); 920 s = isns_do_connect(isns); 921 if (s < 0) { 922 set_timeout(0, false); 923 return; 924 } 925 gethostname(hostname, sizeof(hostname)); 926 927 res = isns_do_check(isns, s, hostname); 928 if (res < 0) { 929 res = isns_do_deregister(isns, s, hostname); 930 res = isns_do_register(isns, s, hostname); 931 } 932 close(s); 933 set_timeout(0, false); 934} 935 936void 937isns_deregister(struct isns *isns) 938{ 939 struct conf *conf = isns->i_conf; 940 int s, res; 941 char hostname[256]; 942 943 if (TAILQ_EMPTY(&conf->conf_targets) || 944 TAILQ_EMPTY(&conf->conf_portal_groups)) 945 return; 946 set_timeout(conf->conf_isns_timeout, false); 947 s = isns_do_connect(isns); 948 if (s < 0) 949 return; 950 gethostname(hostname, sizeof(hostname)); 951 952 res = isns_do_deregister(isns, s, hostname); 953 close(s); 954 set_timeout(0, false); 955} 956
|
705static bool 706valid_hex(const char ch) 707{ 708 switch (ch) { 709 case '0': 710 case '1': 711 case '2': 712 case '3': 713 case '4': 714 case '5': 715 case '6': 716 case '7': 717 case '8': 718 case '9': 719 case 'a': 720 case 'A': 721 case 'b': 722 case 'B': 723 case 'c': 724 case 'C': 725 case 'd': 726 case 'D': 727 case 'e': 728 case 'E': 729 case 'f': 730 case 'F': 731 return (true); 732 default: 733 return (false); 734 } 735} 736 737bool 738valid_iscsi_name(const char *name) 739{ 740 int i; 741 742 if (strlen(name) >= MAX_NAME_LEN) { 743 log_warnx("overlong name for target \"%s\"; max length allowed " 744 "by iSCSI specification is %d characters", 745 name, MAX_NAME_LEN); 746 return (false); 747 } 748 749 /* 750 * In the cases below, we don't return an error, just in case the admin 751 * was right, and we're wrong. 752 */ 753 if (strncasecmp(name, "iqn.", strlen("iqn.")) == 0) { 754 for (i = strlen("iqn."); name[i] != '\0'; i++) { 755 /* 756 * XXX: We should verify UTF-8 normalisation, as defined 757 * by 3.2.6.2: iSCSI Name Encoding. 758 */ 759 if (isalnum(name[i])) 760 continue; 761 if (name[i] == '-' || name[i] == '.' || name[i] == ':') 762 continue; 763 log_warnx("invalid character \"%c\" in target name " 764 "\"%s\"; allowed characters are letters, digits, " 765 "'-', '.', and ':'", name[i], name); 766 break; 767 } 768 /* 769 * XXX: Check more stuff: valid date and a valid reversed domain. 770 */ 771 } else if (strncasecmp(name, "eui.", strlen("eui.")) == 0) { 772 if (strlen(name) != strlen("eui.") + 16) 773 log_warnx("invalid target name \"%s\"; the \"eui.\" " 774 "should be followed by exactly 16 hexadecimal " 775 "digits", name); 776 for (i = strlen("eui."); name[i] != '\0'; i++) { 777 if (!valid_hex(name[i])) { 778 log_warnx("invalid character \"%c\" in target " 779 "name \"%s\"; allowed characters are 1-9 " 780 "and A-F", name[i], name); 781 break; 782 } 783 } 784 } else if (strncasecmp(name, "naa.", strlen("naa.")) == 0) { 785 if (strlen(name) > strlen("naa.") + 32) 786 log_warnx("invalid target name \"%s\"; the \"naa.\" " 787 "should be followed by at most 32 hexadecimal " 788 "digits", name); 789 for (i = strlen("naa."); name[i] != '\0'; i++) { 790 if (!valid_hex(name[i])) { 791 log_warnx("invalid character \"%c\" in target " 792 "name \"%s\"; allowed characters are 1-9 " 793 "and A-F", name[i], name); 794 break; 795 } 796 } 797 } else { 798 log_warnx("invalid target name \"%s\"; should start with " 799 "either \".iqn\", \"eui.\", or \"naa.\"", 800 name); 801 } 802 return (true); 803} 804 805struct target * 806target_new(struct conf *conf, const char *name) 807{ 808 struct target *targ; 809 int i, len; 810 811 targ = target_find(conf, name); 812 if (targ != NULL) { 813 log_warnx("duplicated target \"%s\"", name); 814 return (NULL); 815 } 816 if (valid_iscsi_name(name) == false) { 817 log_warnx("target name \"%s\" is invalid", name); 818 return (NULL); 819 } 820 targ = calloc(1, sizeof(*targ)); 821 if (targ == NULL) 822 log_err(1, "calloc"); 823 targ->t_name = checked_strdup(name); 824 825 /* 826 * RFC 3722 requires us to normalize the name to lowercase. 827 */ 828 len = strlen(name); 829 for (i = 0; i < len; i++) 830 targ->t_name[i] = tolower(targ->t_name[i]); 831 832 TAILQ_INIT(&targ->t_luns); 833 targ->t_conf = conf; 834 TAILQ_INSERT_TAIL(&conf->conf_targets, targ, t_next); 835 836 return (targ); 837} 838 839void 840target_delete(struct target *targ) 841{ 842 struct lun *lun, *tmp; 843 844 TAILQ_REMOVE(&targ->t_conf->conf_targets, targ, t_next); 845 846 TAILQ_FOREACH_SAFE(lun, &targ->t_luns, l_next, tmp) 847 lun_delete(lun); 848 free(targ->t_name); 849 free(targ); 850} 851 852struct target * 853target_find(struct conf *conf, const char *name) 854{ 855 struct target *targ; 856 857 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 858 if (strcasecmp(targ->t_name, name) == 0) 859 return (targ); 860 } 861 862 return (NULL); 863} 864 865struct lun * 866lun_new(struct target *targ, int lun_id) 867{ 868 struct lun *lun; 869 870 lun = lun_find(targ, lun_id); 871 if (lun != NULL) { 872 log_warnx("duplicated lun %d for target \"%s\"", 873 lun_id, targ->t_name); 874 return (NULL); 875 } 876 877 lun = calloc(1, sizeof(*lun)); 878 if (lun == NULL) 879 log_err(1, "calloc"); 880 lun->l_lun = lun_id; 881 TAILQ_INIT(&lun->l_options); 882 lun->l_target = targ; 883 TAILQ_INSERT_TAIL(&targ->t_luns, lun, l_next); 884 885 return (lun); 886} 887 888void 889lun_delete(struct lun *lun) 890{ 891 struct lun_option *lo, *tmp; 892 893 TAILQ_REMOVE(&lun->l_target->t_luns, lun, l_next); 894 895 TAILQ_FOREACH_SAFE(lo, &lun->l_options, lo_next, tmp) 896 lun_option_delete(lo); 897 free(lun->l_backend); 898 free(lun->l_device_id); 899 free(lun->l_path); 900 free(lun->l_serial); 901 free(lun); 902} 903 904struct lun * 905lun_find(const struct target *targ, int lun_id) 906{ 907 struct lun *lun; 908 909 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 910 if (lun->l_lun == lun_id) 911 return (lun); 912 } 913 914 return (NULL); 915} 916 917void 918lun_set_backend(struct lun *lun, const char *value) 919{ 920 free(lun->l_backend); 921 lun->l_backend = checked_strdup(value); 922} 923 924void 925lun_set_blocksize(struct lun *lun, size_t value) 926{ 927 928 lun->l_blocksize = value; 929} 930 931void 932lun_set_device_id(struct lun *lun, const char *value) 933{ 934 free(lun->l_device_id); 935 lun->l_device_id = checked_strdup(value); 936} 937 938void 939lun_set_path(struct lun *lun, const char *value) 940{ 941 free(lun->l_path); 942 lun->l_path = checked_strdup(value); 943} 944 945void 946lun_set_serial(struct lun *lun, const char *value) 947{ 948 free(lun->l_serial); 949 lun->l_serial = checked_strdup(value); 950} 951 952void 953lun_set_size(struct lun *lun, size_t value) 954{ 955 956 lun->l_size = value; 957} 958 959void 960lun_set_ctl_lun(struct lun *lun, uint32_t value) 961{ 962 963 lun->l_ctl_lun = value; 964} 965 966struct lun_option * 967lun_option_new(struct lun *lun, const char *name, const char *value) 968{ 969 struct lun_option *lo; 970 971 lo = lun_option_find(lun, name); 972 if (lo != NULL) { 973 log_warnx("duplicated lun option %s for lun %d, target \"%s\"", 974 name, lun->l_lun, lun->l_target->t_name); 975 return (NULL); 976 } 977 978 lo = calloc(1, sizeof(*lo)); 979 if (lo == NULL) 980 log_err(1, "calloc"); 981 lo->lo_name = checked_strdup(name); 982 lo->lo_value = checked_strdup(value); 983 lo->lo_lun = lun; 984 TAILQ_INSERT_TAIL(&lun->l_options, lo, lo_next); 985 986 return (lo); 987} 988 989void 990lun_option_delete(struct lun_option *lo) 991{ 992 993 TAILQ_REMOVE(&lo->lo_lun->l_options, lo, lo_next); 994 995 free(lo->lo_name); 996 free(lo->lo_value); 997 free(lo); 998} 999 1000struct lun_option * 1001lun_option_find(const struct lun *lun, const char *name) 1002{ 1003 struct lun_option *lo; 1004 1005 TAILQ_FOREACH(lo, &lun->l_options, lo_next) { 1006 if (strcmp(lo->lo_name, name) == 0) 1007 return (lo); 1008 } 1009 1010 return (NULL); 1011} 1012 1013void 1014lun_option_set(struct lun_option *lo, const char *value) 1015{ 1016 1017 free(lo->lo_value); 1018 lo->lo_value = checked_strdup(value); 1019} 1020 1021static struct connection * 1022connection_new(struct portal *portal, int fd, const char *host, 1023 const struct sockaddr *client_sa) 1024{ 1025 struct connection *conn; 1026 1027 conn = calloc(1, sizeof(*conn)); 1028 if (conn == NULL) 1029 log_err(1, "calloc"); 1030 conn->conn_portal = portal; 1031 conn->conn_socket = fd; 1032 conn->conn_initiator_addr = checked_strdup(host); 1033 memcpy(&conn->conn_initiator_sa, client_sa, client_sa->sa_len); 1034 1035 /* 1036 * Default values, from RFC 3720, section 12. 1037 */ 1038 conn->conn_max_data_segment_length = 8192; 1039 conn->conn_max_burst_length = 262144; 1040 conn->conn_immediate_data = true; 1041 1042 return (conn); 1043} 1044 1045#if 0 1046static void 1047conf_print(struct conf *conf) 1048{ 1049 struct auth_group *ag; 1050 struct auth *auth; 1051 struct auth_name *auth_name; 1052 struct auth_portal *auth_portal; 1053 struct portal_group *pg; 1054 struct portal *portal; 1055 struct target *targ; 1056 struct lun *lun; 1057 struct lun_option *lo; 1058 1059 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 1060 fprintf(stderr, "auth-group %s {\n", ag->ag_name); 1061 TAILQ_FOREACH(auth, &ag->ag_auths, a_next) 1062 fprintf(stderr, "\t chap-mutual %s %s %s %s\n", 1063 auth->a_user, auth->a_secret, 1064 auth->a_mutual_user, auth->a_mutual_secret); 1065 TAILQ_FOREACH(auth_name, &ag->ag_names, an_next) 1066 fprintf(stderr, "\t initiator-name %s\n", 1067 auth_name->an_initator_name); 1068 TAILQ_FOREACH(auth_portal, &ag->ag_portals, an_next) 1069 fprintf(stderr, "\t initiator-portal %s\n", 1070 auth_portal->an_initator_portal); 1071 fprintf(stderr, "}\n"); 1072 } 1073 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1074 fprintf(stderr, "portal-group %s {\n", pg->pg_name); 1075 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) 1076 fprintf(stderr, "\t listen %s\n", portal->p_listen); 1077 fprintf(stderr, "}\n"); 1078 } 1079 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1080 fprintf(stderr, "target %s {\n", targ->t_name); 1081 if (targ->t_alias != NULL) 1082 fprintf(stderr, "\t alias %s\n", targ->t_alias); 1083 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 1084 fprintf(stderr, "\tlun %d {\n", lun->l_lun); 1085 fprintf(stderr, "\t\tpath %s\n", lun->l_path); 1086 TAILQ_FOREACH(lo, &lun->l_options, lo_next) 1087 fprintf(stderr, "\t\toption %s %s\n", 1088 lo->lo_name, lo->lo_value); 1089 fprintf(stderr, "\t}\n"); 1090 } 1091 fprintf(stderr, "}\n"); 1092 } 1093} 1094#endif 1095 1096static int 1097conf_verify_lun(struct lun *lun) 1098{ 1099 const struct lun *lun2; 1100 const struct target *targ2; 1101 1102 if (lun->l_backend == NULL) 1103 lun_set_backend(lun, "block"); 1104 if (strcmp(lun->l_backend, "block") == 0) { 1105 if (lun->l_path == NULL) { 1106 log_warnx("missing path for lun %d, target \"%s\"", 1107 lun->l_lun, lun->l_target->t_name); 1108 return (1); 1109 } 1110 } else if (strcmp(lun->l_backend, "ramdisk") == 0) { 1111 if (lun->l_size == 0) { 1112 log_warnx("missing size for ramdisk-backed lun %d, " 1113 "target \"%s\"", lun->l_lun, lun->l_target->t_name); 1114 return (1); 1115 } 1116 if (lun->l_path != NULL) { 1117 log_warnx("path must not be specified " 1118 "for ramdisk-backed lun %d, target \"%s\"", 1119 lun->l_lun, lun->l_target->t_name); 1120 return (1); 1121 } 1122 } 1123 if (lun->l_lun < 0 || lun->l_lun > 255) { 1124 log_warnx("invalid lun number for lun %d, target \"%s\"; " 1125 "must be between 0 and 255", lun->l_lun, 1126 lun->l_target->t_name); 1127 return (1); 1128 } 1129 if (lun->l_blocksize == 0) { 1130 lun_set_blocksize(lun, DEFAULT_BLOCKSIZE); 1131 } else if (lun->l_blocksize < 0) { 1132 log_warnx("invalid blocksize for lun %d, target \"%s\"; " 1133 "must be larger than 0", lun->l_lun, lun->l_target->t_name); 1134 return (1); 1135 } 1136 if (lun->l_size != 0 && lun->l_size % lun->l_blocksize != 0) { 1137 log_warnx("invalid size for lun %d, target \"%s\"; " 1138 "must be multiple of blocksize", lun->l_lun, 1139 lun->l_target->t_name); 1140 return (1); 1141 } 1142 TAILQ_FOREACH(targ2, &lun->l_target->t_conf->conf_targets, t_next) { 1143 TAILQ_FOREACH(lun2, &targ2->t_luns, l_next) { 1144 if (lun == lun2) 1145 continue; 1146 if (lun->l_path != NULL && lun2->l_path != NULL && 1147 strcmp(lun->l_path, lun2->l_path) == 0) { 1148 log_debugx("WARNING: path \"%s\" duplicated " 1149 "between lun %d, target \"%s\", and " 1150 "lun %d, target \"%s\"", lun->l_path, 1151 lun->l_lun, lun->l_target->t_name, 1152 lun2->l_lun, lun2->l_target->t_name); 1153 } 1154 } 1155 } 1156 1157 return (0); 1158} 1159 1160int 1161conf_verify(struct conf *conf) 1162{ 1163 struct auth_group *ag; 1164 struct portal_group *pg; 1165 struct target *targ; 1166 struct lun *lun; 1167 bool found; 1168 int error; 1169 1170 if (conf->conf_pidfile_path == NULL) 1171 conf->conf_pidfile_path = checked_strdup(DEFAULT_PIDFILE); 1172 1173 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1174 if (targ->t_auth_group == NULL) { 1175 targ->t_auth_group = auth_group_find(conf, 1176 "default"); 1177 assert(targ->t_auth_group != NULL); 1178 } 1179 if (targ->t_portal_group == NULL) { 1180 targ->t_portal_group = portal_group_find(conf, 1181 "default"); 1182 assert(targ->t_portal_group != NULL); 1183 } 1184 found = false; 1185 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 1186 error = conf_verify_lun(lun); 1187 if (error != 0) 1188 return (error); 1189 found = true; 1190 } 1191 if (!found) { 1192 log_warnx("no LUNs defined for target \"%s\"", 1193 targ->t_name); 1194 } 1195 } 1196 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1197 assert(pg->pg_name != NULL); 1198 if (pg->pg_discovery_auth_group == NULL) { 1199 pg->pg_discovery_auth_group = 1200 auth_group_find(conf, "default"); 1201 assert(pg->pg_discovery_auth_group != NULL); 1202 } 1203 1204 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1205 if (targ->t_portal_group == pg) 1206 break; 1207 } 1208 if (targ == NULL) { 1209 if (strcmp(pg->pg_name, "default") != 0) 1210 log_warnx("portal-group \"%s\" not assigned " 1211 "to any target", pg->pg_name); 1212 pg->pg_unassigned = true; 1213 } else 1214 pg->pg_unassigned = false; 1215 } 1216 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 1217 if (ag->ag_name == NULL) 1218 assert(ag->ag_target != NULL); 1219 else 1220 assert(ag->ag_target == NULL); 1221 1222 found = false; 1223 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1224 if (targ->t_auth_group == ag) { 1225 found = true; 1226 break; 1227 } 1228 } 1229 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1230 if (pg->pg_discovery_auth_group == ag) { 1231 found = true; 1232 break; 1233 } 1234 } 1235 if (!found && ag->ag_name != NULL && 1236 strcmp(ag->ag_name, "default") != 0 && 1237 strcmp(ag->ag_name, "no-authentication") != 0 && 1238 strcmp(ag->ag_name, "no-access") != 0) { 1239 log_warnx("auth-group \"%s\" not assigned " 1240 "to any target", ag->ag_name); 1241 } 1242 } 1243 1244 return (0); 1245} 1246 1247static int 1248conf_apply(struct conf *oldconf, struct conf *newconf) 1249{ 1250 struct target *oldtarg, *newtarg, *tmptarg; 1251 struct lun *oldlun, *newlun, *tmplun; 1252 struct portal_group *oldpg, *newpg; 1253 struct portal *oldp, *newp;
| 957static bool 958valid_hex(const char ch) 959{ 960 switch (ch) { 961 case '0': 962 case '1': 963 case '2': 964 case '3': 965 case '4': 966 case '5': 967 case '6': 968 case '7': 969 case '8': 970 case '9': 971 case 'a': 972 case 'A': 973 case 'b': 974 case 'B': 975 case 'c': 976 case 'C': 977 case 'd': 978 case 'D': 979 case 'e': 980 case 'E': 981 case 'f': 982 case 'F': 983 return (true); 984 default: 985 return (false); 986 } 987} 988 989bool 990valid_iscsi_name(const char *name) 991{ 992 int i; 993 994 if (strlen(name) >= MAX_NAME_LEN) { 995 log_warnx("overlong name for target \"%s\"; max length allowed " 996 "by iSCSI specification is %d characters", 997 name, MAX_NAME_LEN); 998 return (false); 999 } 1000 1001 /* 1002 * In the cases below, we don't return an error, just in case the admin 1003 * was right, and we're wrong. 1004 */ 1005 if (strncasecmp(name, "iqn.", strlen("iqn.")) == 0) { 1006 for (i = strlen("iqn."); name[i] != '\0'; i++) { 1007 /* 1008 * XXX: We should verify UTF-8 normalisation, as defined 1009 * by 3.2.6.2: iSCSI Name Encoding. 1010 */ 1011 if (isalnum(name[i])) 1012 continue; 1013 if (name[i] == '-' || name[i] == '.' || name[i] == ':') 1014 continue; 1015 log_warnx("invalid character \"%c\" in target name " 1016 "\"%s\"; allowed characters are letters, digits, " 1017 "'-', '.', and ':'", name[i], name); 1018 break; 1019 } 1020 /* 1021 * XXX: Check more stuff: valid date and a valid reversed domain. 1022 */ 1023 } else if (strncasecmp(name, "eui.", strlen("eui.")) == 0) { 1024 if (strlen(name) != strlen("eui.") + 16) 1025 log_warnx("invalid target name \"%s\"; the \"eui.\" " 1026 "should be followed by exactly 16 hexadecimal " 1027 "digits", name); 1028 for (i = strlen("eui."); name[i] != '\0'; i++) { 1029 if (!valid_hex(name[i])) { 1030 log_warnx("invalid character \"%c\" in target " 1031 "name \"%s\"; allowed characters are 1-9 " 1032 "and A-F", name[i], name); 1033 break; 1034 } 1035 } 1036 } else if (strncasecmp(name, "naa.", strlen("naa.")) == 0) { 1037 if (strlen(name) > strlen("naa.") + 32) 1038 log_warnx("invalid target name \"%s\"; the \"naa.\" " 1039 "should be followed by at most 32 hexadecimal " 1040 "digits", name); 1041 for (i = strlen("naa."); name[i] != '\0'; i++) { 1042 if (!valid_hex(name[i])) { 1043 log_warnx("invalid character \"%c\" in target " 1044 "name \"%s\"; allowed characters are 1-9 " 1045 "and A-F", name[i], name); 1046 break; 1047 } 1048 } 1049 } else { 1050 log_warnx("invalid target name \"%s\"; should start with " 1051 "either \".iqn\", \"eui.\", or \"naa.\"", 1052 name); 1053 } 1054 return (true); 1055} 1056 1057struct target * 1058target_new(struct conf *conf, const char *name) 1059{ 1060 struct target *targ; 1061 int i, len; 1062 1063 targ = target_find(conf, name); 1064 if (targ != NULL) { 1065 log_warnx("duplicated target \"%s\"", name); 1066 return (NULL); 1067 } 1068 if (valid_iscsi_name(name) == false) { 1069 log_warnx("target name \"%s\" is invalid", name); 1070 return (NULL); 1071 } 1072 targ = calloc(1, sizeof(*targ)); 1073 if (targ == NULL) 1074 log_err(1, "calloc"); 1075 targ->t_name = checked_strdup(name); 1076 1077 /* 1078 * RFC 3722 requires us to normalize the name to lowercase. 1079 */ 1080 len = strlen(name); 1081 for (i = 0; i < len; i++) 1082 targ->t_name[i] = tolower(targ->t_name[i]); 1083 1084 TAILQ_INIT(&targ->t_luns); 1085 targ->t_conf = conf; 1086 TAILQ_INSERT_TAIL(&conf->conf_targets, targ, t_next); 1087 1088 return (targ); 1089} 1090 1091void 1092target_delete(struct target *targ) 1093{ 1094 struct lun *lun, *tmp; 1095 1096 TAILQ_REMOVE(&targ->t_conf->conf_targets, targ, t_next); 1097 1098 TAILQ_FOREACH_SAFE(lun, &targ->t_luns, l_next, tmp) 1099 lun_delete(lun); 1100 free(targ->t_name); 1101 free(targ); 1102} 1103 1104struct target * 1105target_find(struct conf *conf, const char *name) 1106{ 1107 struct target *targ; 1108 1109 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1110 if (strcasecmp(targ->t_name, name) == 0) 1111 return (targ); 1112 } 1113 1114 return (NULL); 1115} 1116 1117struct lun * 1118lun_new(struct target *targ, int lun_id) 1119{ 1120 struct lun *lun; 1121 1122 lun = lun_find(targ, lun_id); 1123 if (lun != NULL) { 1124 log_warnx("duplicated lun %d for target \"%s\"", 1125 lun_id, targ->t_name); 1126 return (NULL); 1127 } 1128 1129 lun = calloc(1, sizeof(*lun)); 1130 if (lun == NULL) 1131 log_err(1, "calloc"); 1132 lun->l_lun = lun_id; 1133 TAILQ_INIT(&lun->l_options); 1134 lun->l_target = targ; 1135 TAILQ_INSERT_TAIL(&targ->t_luns, lun, l_next); 1136 1137 return (lun); 1138} 1139 1140void 1141lun_delete(struct lun *lun) 1142{ 1143 struct lun_option *lo, *tmp; 1144 1145 TAILQ_REMOVE(&lun->l_target->t_luns, lun, l_next); 1146 1147 TAILQ_FOREACH_SAFE(lo, &lun->l_options, lo_next, tmp) 1148 lun_option_delete(lo); 1149 free(lun->l_backend); 1150 free(lun->l_device_id); 1151 free(lun->l_path); 1152 free(lun->l_serial); 1153 free(lun); 1154} 1155 1156struct lun * 1157lun_find(const struct target *targ, int lun_id) 1158{ 1159 struct lun *lun; 1160 1161 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 1162 if (lun->l_lun == lun_id) 1163 return (lun); 1164 } 1165 1166 return (NULL); 1167} 1168 1169void 1170lun_set_backend(struct lun *lun, const char *value) 1171{ 1172 free(lun->l_backend); 1173 lun->l_backend = checked_strdup(value); 1174} 1175 1176void 1177lun_set_blocksize(struct lun *lun, size_t value) 1178{ 1179 1180 lun->l_blocksize = value; 1181} 1182 1183void 1184lun_set_device_id(struct lun *lun, const char *value) 1185{ 1186 free(lun->l_device_id); 1187 lun->l_device_id = checked_strdup(value); 1188} 1189 1190void 1191lun_set_path(struct lun *lun, const char *value) 1192{ 1193 free(lun->l_path); 1194 lun->l_path = checked_strdup(value); 1195} 1196 1197void 1198lun_set_serial(struct lun *lun, const char *value) 1199{ 1200 free(lun->l_serial); 1201 lun->l_serial = checked_strdup(value); 1202} 1203 1204void 1205lun_set_size(struct lun *lun, size_t value) 1206{ 1207 1208 lun->l_size = value; 1209} 1210 1211void 1212lun_set_ctl_lun(struct lun *lun, uint32_t value) 1213{ 1214 1215 lun->l_ctl_lun = value; 1216} 1217 1218struct lun_option * 1219lun_option_new(struct lun *lun, const char *name, const char *value) 1220{ 1221 struct lun_option *lo; 1222 1223 lo = lun_option_find(lun, name); 1224 if (lo != NULL) { 1225 log_warnx("duplicated lun option %s for lun %d, target \"%s\"", 1226 name, lun->l_lun, lun->l_target->t_name); 1227 return (NULL); 1228 } 1229 1230 lo = calloc(1, sizeof(*lo)); 1231 if (lo == NULL) 1232 log_err(1, "calloc"); 1233 lo->lo_name = checked_strdup(name); 1234 lo->lo_value = checked_strdup(value); 1235 lo->lo_lun = lun; 1236 TAILQ_INSERT_TAIL(&lun->l_options, lo, lo_next); 1237 1238 return (lo); 1239} 1240 1241void 1242lun_option_delete(struct lun_option *lo) 1243{ 1244 1245 TAILQ_REMOVE(&lo->lo_lun->l_options, lo, lo_next); 1246 1247 free(lo->lo_name); 1248 free(lo->lo_value); 1249 free(lo); 1250} 1251 1252struct lun_option * 1253lun_option_find(const struct lun *lun, const char *name) 1254{ 1255 struct lun_option *lo; 1256 1257 TAILQ_FOREACH(lo, &lun->l_options, lo_next) { 1258 if (strcmp(lo->lo_name, name) == 0) 1259 return (lo); 1260 } 1261 1262 return (NULL); 1263} 1264 1265void 1266lun_option_set(struct lun_option *lo, const char *value) 1267{ 1268 1269 free(lo->lo_value); 1270 lo->lo_value = checked_strdup(value); 1271} 1272 1273static struct connection * 1274connection_new(struct portal *portal, int fd, const char *host, 1275 const struct sockaddr *client_sa) 1276{ 1277 struct connection *conn; 1278 1279 conn = calloc(1, sizeof(*conn)); 1280 if (conn == NULL) 1281 log_err(1, "calloc"); 1282 conn->conn_portal = portal; 1283 conn->conn_socket = fd; 1284 conn->conn_initiator_addr = checked_strdup(host); 1285 memcpy(&conn->conn_initiator_sa, client_sa, client_sa->sa_len); 1286 1287 /* 1288 * Default values, from RFC 3720, section 12. 1289 */ 1290 conn->conn_max_data_segment_length = 8192; 1291 conn->conn_max_burst_length = 262144; 1292 conn->conn_immediate_data = true; 1293 1294 return (conn); 1295} 1296 1297#if 0 1298static void 1299conf_print(struct conf *conf) 1300{ 1301 struct auth_group *ag; 1302 struct auth *auth; 1303 struct auth_name *auth_name; 1304 struct auth_portal *auth_portal; 1305 struct portal_group *pg; 1306 struct portal *portal; 1307 struct target *targ; 1308 struct lun *lun; 1309 struct lun_option *lo; 1310 1311 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 1312 fprintf(stderr, "auth-group %s {\n", ag->ag_name); 1313 TAILQ_FOREACH(auth, &ag->ag_auths, a_next) 1314 fprintf(stderr, "\t chap-mutual %s %s %s %s\n", 1315 auth->a_user, auth->a_secret, 1316 auth->a_mutual_user, auth->a_mutual_secret); 1317 TAILQ_FOREACH(auth_name, &ag->ag_names, an_next) 1318 fprintf(stderr, "\t initiator-name %s\n", 1319 auth_name->an_initator_name); 1320 TAILQ_FOREACH(auth_portal, &ag->ag_portals, an_next) 1321 fprintf(stderr, "\t initiator-portal %s\n", 1322 auth_portal->an_initator_portal); 1323 fprintf(stderr, "}\n"); 1324 } 1325 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1326 fprintf(stderr, "portal-group %s {\n", pg->pg_name); 1327 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) 1328 fprintf(stderr, "\t listen %s\n", portal->p_listen); 1329 fprintf(stderr, "}\n"); 1330 } 1331 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1332 fprintf(stderr, "target %s {\n", targ->t_name); 1333 if (targ->t_alias != NULL) 1334 fprintf(stderr, "\t alias %s\n", targ->t_alias); 1335 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 1336 fprintf(stderr, "\tlun %d {\n", lun->l_lun); 1337 fprintf(stderr, "\t\tpath %s\n", lun->l_path); 1338 TAILQ_FOREACH(lo, &lun->l_options, lo_next) 1339 fprintf(stderr, "\t\toption %s %s\n", 1340 lo->lo_name, lo->lo_value); 1341 fprintf(stderr, "\t}\n"); 1342 } 1343 fprintf(stderr, "}\n"); 1344 } 1345} 1346#endif 1347 1348static int 1349conf_verify_lun(struct lun *lun) 1350{ 1351 const struct lun *lun2; 1352 const struct target *targ2; 1353 1354 if (lun->l_backend == NULL) 1355 lun_set_backend(lun, "block"); 1356 if (strcmp(lun->l_backend, "block") == 0) { 1357 if (lun->l_path == NULL) { 1358 log_warnx("missing path for lun %d, target \"%s\"", 1359 lun->l_lun, lun->l_target->t_name); 1360 return (1); 1361 } 1362 } else if (strcmp(lun->l_backend, "ramdisk") == 0) { 1363 if (lun->l_size == 0) { 1364 log_warnx("missing size for ramdisk-backed lun %d, " 1365 "target \"%s\"", lun->l_lun, lun->l_target->t_name); 1366 return (1); 1367 } 1368 if (lun->l_path != NULL) { 1369 log_warnx("path must not be specified " 1370 "for ramdisk-backed lun %d, target \"%s\"", 1371 lun->l_lun, lun->l_target->t_name); 1372 return (1); 1373 } 1374 } 1375 if (lun->l_lun < 0 || lun->l_lun > 255) { 1376 log_warnx("invalid lun number for lun %d, target \"%s\"; " 1377 "must be between 0 and 255", lun->l_lun, 1378 lun->l_target->t_name); 1379 return (1); 1380 } 1381 if (lun->l_blocksize == 0) { 1382 lun_set_blocksize(lun, DEFAULT_BLOCKSIZE); 1383 } else if (lun->l_blocksize < 0) { 1384 log_warnx("invalid blocksize for lun %d, target \"%s\"; " 1385 "must be larger than 0", lun->l_lun, lun->l_target->t_name); 1386 return (1); 1387 } 1388 if (lun->l_size != 0 && lun->l_size % lun->l_blocksize != 0) { 1389 log_warnx("invalid size for lun %d, target \"%s\"; " 1390 "must be multiple of blocksize", lun->l_lun, 1391 lun->l_target->t_name); 1392 return (1); 1393 } 1394 TAILQ_FOREACH(targ2, &lun->l_target->t_conf->conf_targets, t_next) { 1395 TAILQ_FOREACH(lun2, &targ2->t_luns, l_next) { 1396 if (lun == lun2) 1397 continue; 1398 if (lun->l_path != NULL && lun2->l_path != NULL && 1399 strcmp(lun->l_path, lun2->l_path) == 0) { 1400 log_debugx("WARNING: path \"%s\" duplicated " 1401 "between lun %d, target \"%s\", and " 1402 "lun %d, target \"%s\"", lun->l_path, 1403 lun->l_lun, lun->l_target->t_name, 1404 lun2->l_lun, lun2->l_target->t_name); 1405 } 1406 } 1407 } 1408 1409 return (0); 1410} 1411 1412int 1413conf_verify(struct conf *conf) 1414{ 1415 struct auth_group *ag; 1416 struct portal_group *pg; 1417 struct target *targ; 1418 struct lun *lun; 1419 bool found; 1420 int error; 1421 1422 if (conf->conf_pidfile_path == NULL) 1423 conf->conf_pidfile_path = checked_strdup(DEFAULT_PIDFILE); 1424 1425 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1426 if (targ->t_auth_group == NULL) { 1427 targ->t_auth_group = auth_group_find(conf, 1428 "default"); 1429 assert(targ->t_auth_group != NULL); 1430 } 1431 if (targ->t_portal_group == NULL) { 1432 targ->t_portal_group = portal_group_find(conf, 1433 "default"); 1434 assert(targ->t_portal_group != NULL); 1435 } 1436 found = false; 1437 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 1438 error = conf_verify_lun(lun); 1439 if (error != 0) 1440 return (error); 1441 found = true; 1442 } 1443 if (!found) { 1444 log_warnx("no LUNs defined for target \"%s\"", 1445 targ->t_name); 1446 } 1447 } 1448 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1449 assert(pg->pg_name != NULL); 1450 if (pg->pg_discovery_auth_group == NULL) { 1451 pg->pg_discovery_auth_group = 1452 auth_group_find(conf, "default"); 1453 assert(pg->pg_discovery_auth_group != NULL); 1454 } 1455 1456 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1457 if (targ->t_portal_group == pg) 1458 break; 1459 } 1460 if (targ == NULL) { 1461 if (strcmp(pg->pg_name, "default") != 0) 1462 log_warnx("portal-group \"%s\" not assigned " 1463 "to any target", pg->pg_name); 1464 pg->pg_unassigned = true; 1465 } else 1466 pg->pg_unassigned = false; 1467 } 1468 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 1469 if (ag->ag_name == NULL) 1470 assert(ag->ag_target != NULL); 1471 else 1472 assert(ag->ag_target == NULL); 1473 1474 found = false; 1475 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1476 if (targ->t_auth_group == ag) { 1477 found = true; 1478 break; 1479 } 1480 } 1481 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1482 if (pg->pg_discovery_auth_group == ag) { 1483 found = true; 1484 break; 1485 } 1486 } 1487 if (!found && ag->ag_name != NULL && 1488 strcmp(ag->ag_name, "default") != 0 && 1489 strcmp(ag->ag_name, "no-authentication") != 0 && 1490 strcmp(ag->ag_name, "no-access") != 0) { 1491 log_warnx("auth-group \"%s\" not assigned " 1492 "to any target", ag->ag_name); 1493 } 1494 } 1495 1496 return (0); 1497} 1498 1499static int 1500conf_apply(struct conf *oldconf, struct conf *newconf) 1501{ 1502 struct target *oldtarg, *newtarg, *tmptarg; 1503 struct lun *oldlun, *newlun, *tmplun; 1504 struct portal_group *oldpg, *newpg; 1505 struct portal *oldp, *newp;
|
| 1506 struct isns *oldns, *newns;
|
1254 pid_t otherpid; 1255 int changed, cumulated_error = 0, error; 1256 int one = 1; 1257 1258 if (oldconf->conf_debug != newconf->conf_debug) { 1259 log_debugx("changing debug level to %d", newconf->conf_debug); 1260 log_init(newconf->conf_debug); 1261 } 1262 1263 if (oldconf->conf_pidfh != NULL) { 1264 assert(oldconf->conf_pidfile_path != NULL); 1265 if (newconf->conf_pidfile_path != NULL && 1266 strcmp(oldconf->conf_pidfile_path, 1267 newconf->conf_pidfile_path) == 0) { 1268 newconf->conf_pidfh = oldconf->conf_pidfh; 1269 oldconf->conf_pidfh = NULL; 1270 } else { 1271 log_debugx("removing pidfile %s", 1272 oldconf->conf_pidfile_path); 1273 pidfile_remove(oldconf->conf_pidfh); 1274 oldconf->conf_pidfh = NULL; 1275 } 1276 } 1277 1278 if (newconf->conf_pidfh == NULL && newconf->conf_pidfile_path != NULL) { 1279 log_debugx("opening pidfile %s", newconf->conf_pidfile_path); 1280 newconf->conf_pidfh = 1281 pidfile_open(newconf->conf_pidfile_path, 0600, &otherpid); 1282 if (newconf->conf_pidfh == NULL) { 1283 if (errno == EEXIST) 1284 log_errx(1, "daemon already running, pid: %jd.", 1285 (intmax_t)otherpid); 1286 log_err(1, "cannot open or create pidfile \"%s\"", 1287 newconf->conf_pidfile_path); 1288 } 1289 } 1290
| 1507 pid_t otherpid; 1508 int changed, cumulated_error = 0, error; 1509 int one = 1; 1510 1511 if (oldconf->conf_debug != newconf->conf_debug) { 1512 log_debugx("changing debug level to %d", newconf->conf_debug); 1513 log_init(newconf->conf_debug); 1514 } 1515 1516 if (oldconf->conf_pidfh != NULL) { 1517 assert(oldconf->conf_pidfile_path != NULL); 1518 if (newconf->conf_pidfile_path != NULL && 1519 strcmp(oldconf->conf_pidfile_path, 1520 newconf->conf_pidfile_path) == 0) { 1521 newconf->conf_pidfh = oldconf->conf_pidfh; 1522 oldconf->conf_pidfh = NULL; 1523 } else { 1524 log_debugx("removing pidfile %s", 1525 oldconf->conf_pidfile_path); 1526 pidfile_remove(oldconf->conf_pidfh); 1527 oldconf->conf_pidfh = NULL; 1528 } 1529 } 1530 1531 if (newconf->conf_pidfh == NULL && newconf->conf_pidfile_path != NULL) { 1532 log_debugx("opening pidfile %s", newconf->conf_pidfile_path); 1533 newconf->conf_pidfh = 1534 pidfile_open(newconf->conf_pidfile_path, 0600, &otherpid); 1535 if (newconf->conf_pidfh == NULL) { 1536 if (errno == EEXIST) 1537 log_errx(1, "daemon already running, pid: %jd.", 1538 (intmax_t)otherpid); 1539 log_err(1, "cannot open or create pidfile \"%s\"", 1540 newconf->conf_pidfile_path); 1541 } 1542 } 1543
|
| 1544 /* Deregister on removed iSNS servers. */ 1545 TAILQ_FOREACH(oldns, &oldconf->conf_isns, i_next) { 1546 TAILQ_FOREACH(newns, &newconf->conf_isns, i_next) { 1547 if (strcmp(oldns->i_addr, newns->i_addr) == 0) 1548 break; 1549 } 1550 if (newns == NULL) 1551 isns_deregister(oldns); 1552 } 1553
|
1291 /* 1292 * XXX: If target or lun removal fails, we should somehow "move" 1293 * the old lun or target into newconf, so that subsequent 1294 * conf_apply() would try to remove them again. That would 1295 * be somewhat hairy, though, and lun deletion failures don't 1296 * really happen, so leave it as it is for now. 1297 */ 1298 TAILQ_FOREACH_SAFE(oldtarg, &oldconf->conf_targets, t_next, tmptarg) { 1299 /* 1300 * First, remove any targets present in the old configuration 1301 * and missing in the new one. 1302 */ 1303 newtarg = target_find(newconf, oldtarg->t_name); 1304 if (newtarg == NULL) { 1305 TAILQ_FOREACH_SAFE(oldlun, &oldtarg->t_luns, l_next, 1306 tmplun) { 1307 log_debugx("target %s not found in new " 1308 "configuration; removing its lun %d, " 1309 "backed by CTL lun %d", 1310 oldtarg->t_name, oldlun->l_lun, 1311 oldlun->l_ctl_lun); 1312 error = kernel_lun_remove(oldlun); 1313 if (error != 0) { 1314 log_warnx("failed to remove lun %d, " 1315 "target %s, CTL lun %d", 1316 oldlun->l_lun, oldtarg->t_name, 1317 oldlun->l_ctl_lun); 1318 cumulated_error++; 1319 }
| 1554 /* 1555 * XXX: If target or lun removal fails, we should somehow "move" 1556 * the old lun or target into newconf, so that subsequent 1557 * conf_apply() would try to remove them again. That would 1558 * be somewhat hairy, though, and lun deletion failures don't 1559 * really happen, so leave it as it is for now. 1560 */ 1561 TAILQ_FOREACH_SAFE(oldtarg, &oldconf->conf_targets, t_next, tmptarg) { 1562 /* 1563 * First, remove any targets present in the old configuration 1564 * and missing in the new one. 1565 */ 1566 newtarg = target_find(newconf, oldtarg->t_name); 1567 if (newtarg == NULL) { 1568 TAILQ_FOREACH_SAFE(oldlun, &oldtarg->t_luns, l_next, 1569 tmplun) { 1570 log_debugx("target %s not found in new " 1571 "configuration; removing its lun %d, " 1572 "backed by CTL lun %d", 1573 oldtarg->t_name, oldlun->l_lun, 1574 oldlun->l_ctl_lun); 1575 error = kernel_lun_remove(oldlun); 1576 if (error != 0) { 1577 log_warnx("failed to remove lun %d, " 1578 "target %s, CTL lun %d", 1579 oldlun->l_lun, oldtarg->t_name, 1580 oldlun->l_ctl_lun); 1581 cumulated_error++; 1582 }
|
1320 lun_delete(oldlun);
| |
1321 } 1322 kernel_port_remove(oldtarg);
| 1583 } 1584 kernel_port_remove(oldtarg);
|
1323 target_delete(oldtarg);
| |
1324 continue; 1325 } 1326 1327 /* 1328 * Second, remove any LUNs present in the old target 1329 * and missing in the new one. 1330 */ 1331 TAILQ_FOREACH_SAFE(oldlun, &oldtarg->t_luns, l_next, tmplun) { 1332 newlun = lun_find(newtarg, oldlun->l_lun); 1333 if (newlun == NULL) { 1334 log_debugx("lun %d, target %s, CTL lun %d " 1335 "not found in new configuration; " 1336 "removing", oldlun->l_lun, oldtarg->t_name, 1337 oldlun->l_ctl_lun); 1338 error = kernel_lun_remove(oldlun); 1339 if (error != 0) { 1340 log_warnx("failed to remove lun %d, " 1341 "target %s, CTL lun %d", 1342 oldlun->l_lun, oldtarg->t_name, 1343 oldlun->l_ctl_lun); 1344 cumulated_error++; 1345 }
| 1585 continue; 1586 } 1587 1588 /* 1589 * Second, remove any LUNs present in the old target 1590 * and missing in the new one. 1591 */ 1592 TAILQ_FOREACH_SAFE(oldlun, &oldtarg->t_luns, l_next, tmplun) { 1593 newlun = lun_find(newtarg, oldlun->l_lun); 1594 if (newlun == NULL) { 1595 log_debugx("lun %d, target %s, CTL lun %d " 1596 "not found in new configuration; " 1597 "removing", oldlun->l_lun, oldtarg->t_name, 1598 oldlun->l_ctl_lun); 1599 error = kernel_lun_remove(oldlun); 1600 if (error != 0) { 1601 log_warnx("failed to remove lun %d, " 1602 "target %s, CTL lun %d", 1603 oldlun->l_lun, oldtarg->t_name, 1604 oldlun->l_ctl_lun); 1605 cumulated_error++; 1606 }
|
1346 lun_delete(oldlun);
| |
1347 continue; 1348 } 1349 1350 /* 1351 * Also remove the LUNs changed by more than size. 1352 */ 1353 changed = 0; 1354 assert(oldlun->l_backend != NULL); 1355 assert(newlun->l_backend != NULL); 1356 if (strcmp(newlun->l_backend, oldlun->l_backend) != 0) { 1357 log_debugx("backend for lun %d, target %s, " 1358 "CTL lun %d changed; removing", 1359 oldlun->l_lun, oldtarg->t_name, 1360 oldlun->l_ctl_lun); 1361 changed = 1; 1362 } 1363 if (oldlun->l_blocksize != newlun->l_blocksize) { 1364 log_debugx("blocksize for lun %d, target %s, " 1365 "CTL lun %d changed; removing", 1366 oldlun->l_lun, oldtarg->t_name, 1367 oldlun->l_ctl_lun); 1368 changed = 1; 1369 } 1370 if (newlun->l_device_id != NULL && 1371 (oldlun->l_device_id == NULL || 1372 strcmp(oldlun->l_device_id, newlun->l_device_id) != 1373 0)) { 1374 log_debugx("device-id for lun %d, target %s, " 1375 "CTL lun %d changed; removing", 1376 oldlun->l_lun, oldtarg->t_name, 1377 oldlun->l_ctl_lun); 1378 changed = 1; 1379 } 1380 if (newlun->l_path != NULL && 1381 (oldlun->l_path == NULL || 1382 strcmp(oldlun->l_path, newlun->l_path) != 0)) { 1383 log_debugx("path for lun %d, target %s, " 1384 "CTL lun %d, changed; removing", 1385 oldlun->l_lun, oldtarg->t_name, 1386 oldlun->l_ctl_lun); 1387 changed = 1; 1388 } 1389 if (newlun->l_serial != NULL && 1390 (oldlun->l_serial == NULL || 1391 strcmp(oldlun->l_serial, newlun->l_serial) != 0)) { 1392 log_debugx("serial for lun %d, target %s, " 1393 "CTL lun %d changed; removing", 1394 oldlun->l_lun, oldtarg->t_name, 1395 oldlun->l_ctl_lun); 1396 changed = 1; 1397 } 1398 if (changed) { 1399 error = kernel_lun_remove(oldlun); 1400 if (error != 0) { 1401 log_warnx("failed to remove lun %d, " 1402 "target %s, CTL lun %d", 1403 oldlun->l_lun, oldtarg->t_name, 1404 oldlun->l_ctl_lun); 1405 cumulated_error++; 1406 } 1407 lun_delete(oldlun); 1408 continue; 1409 } 1410 1411 lun_set_ctl_lun(newlun, oldlun->l_ctl_lun); 1412 } 1413 } 1414 1415 /* 1416 * Now add new targets or modify existing ones. 1417 */ 1418 TAILQ_FOREACH(newtarg, &newconf->conf_targets, t_next) { 1419 oldtarg = target_find(oldconf, newtarg->t_name); 1420 1421 TAILQ_FOREACH_SAFE(newlun, &newtarg->t_luns, l_next, tmplun) { 1422 if (oldtarg != NULL) { 1423 oldlun = lun_find(oldtarg, newlun->l_lun); 1424 if (oldlun != NULL) { 1425 if (newlun->l_size != oldlun->l_size || 1426 newlun->l_size == 0) { 1427 log_debugx("resizing lun %d, " 1428 "target %s, CTL lun %d", 1429 newlun->l_lun, 1430 newtarg->t_name, 1431 newlun->l_ctl_lun); 1432 error = 1433 kernel_lun_resize(newlun); 1434 if (error != 0) { 1435 log_warnx("failed to " 1436 "resize lun %d, " 1437 "target %s, " 1438 "CTL lun %d", 1439 newlun->l_lun, 1440 newtarg->t_name, 1441 newlun->l_lun); 1442 cumulated_error++; 1443 } 1444 } 1445 continue; 1446 } 1447 } 1448 log_debugx("adding lun %d, target %s", 1449 newlun->l_lun, newtarg->t_name); 1450 error = kernel_lun_add(newlun); 1451 if (error != 0) { 1452 log_warnx("failed to add lun %d, target %s", 1453 newlun->l_lun, newtarg->t_name); 1454 lun_delete(newlun); 1455 cumulated_error++; 1456 } 1457 } 1458 if (oldtarg == NULL) 1459 kernel_port_add(newtarg); 1460 } 1461 1462 /* 1463 * Go through the new portals, opening the sockets as neccessary. 1464 */ 1465 TAILQ_FOREACH(newpg, &newconf->conf_portal_groups, pg_next) { 1466 if (newpg->pg_unassigned) { 1467 log_debugx("not listening on portal-group \"%s\", " 1468 "not assigned to any target", 1469 newpg->pg_name); 1470 continue; 1471 } 1472 TAILQ_FOREACH(newp, &newpg->pg_portals, p_next) { 1473 /* 1474 * Try to find already open portal and reuse 1475 * the listening socket. We don't care about 1476 * what portal or portal group that was, what 1477 * matters is the listening address. 1478 */ 1479 TAILQ_FOREACH(oldpg, &oldconf->conf_portal_groups, 1480 pg_next) { 1481 TAILQ_FOREACH(oldp, &oldpg->pg_portals, 1482 p_next) { 1483 if (strcmp(newp->p_listen, 1484 oldp->p_listen) == 0 && 1485 oldp->p_socket > 0) { 1486 newp->p_socket = 1487 oldp->p_socket; 1488 oldp->p_socket = 0; 1489 break; 1490 } 1491 } 1492 } 1493 if (newp->p_socket > 0) { 1494 /* 1495 * We're done with this portal. 1496 */ 1497 continue; 1498 } 1499 1500#ifdef ICL_KERNEL_PROXY 1501 if (proxy_mode) { 1502 newpg->pg_conf->conf_portal_id++; 1503 newp->p_id = newpg->pg_conf->conf_portal_id; 1504 log_debugx("listening on %s, portal-group " 1505 "\"%s\", portal id %d, using ICL proxy", 1506 newp->p_listen, newpg->pg_name, newp->p_id); 1507 kernel_listen(newp->p_ai, newp->p_iser, 1508 newp->p_id); 1509 continue; 1510 } 1511#endif 1512 assert(proxy_mode == false); 1513 assert(newp->p_iser == false); 1514 1515 log_debugx("listening on %s, portal-group \"%s\"", 1516 newp->p_listen, newpg->pg_name); 1517 newp->p_socket = socket(newp->p_ai->ai_family, 1518 newp->p_ai->ai_socktype, 1519 newp->p_ai->ai_protocol); 1520 if (newp->p_socket < 0) { 1521 log_warn("socket(2) failed for %s", 1522 newp->p_listen); 1523 cumulated_error++; 1524 continue; 1525 } 1526 error = setsockopt(newp->p_socket, SOL_SOCKET, 1527 SO_REUSEADDR, &one, sizeof(one)); 1528 if (error != 0) { 1529 log_warn("setsockopt(SO_REUSEADDR) failed " 1530 "for %s", newp->p_listen); 1531 close(newp->p_socket); 1532 newp->p_socket = 0; 1533 cumulated_error++; 1534 continue; 1535 } 1536 error = bind(newp->p_socket, newp->p_ai->ai_addr, 1537 newp->p_ai->ai_addrlen); 1538 if (error != 0) { 1539 log_warn("bind(2) failed for %s", 1540 newp->p_listen); 1541 close(newp->p_socket); 1542 newp->p_socket = 0; 1543 cumulated_error++; 1544 continue; 1545 } 1546 error = listen(newp->p_socket, -1); 1547 if (error != 0) { 1548 log_warn("listen(2) failed for %s", 1549 newp->p_listen); 1550 close(newp->p_socket); 1551 newp->p_socket = 0; 1552 cumulated_error++; 1553 continue; 1554 } 1555 } 1556 } 1557 1558 /* 1559 * Go through the no longer used sockets, closing them. 1560 */ 1561 TAILQ_FOREACH(oldpg, &oldconf->conf_portal_groups, pg_next) { 1562 TAILQ_FOREACH(oldp, &oldpg->pg_portals, p_next) { 1563 if (oldp->p_socket <= 0) 1564 continue; 1565 log_debugx("closing socket for %s, portal-group \"%s\"", 1566 oldp->p_listen, oldpg->pg_name); 1567 close(oldp->p_socket); 1568 oldp->p_socket = 0; 1569 } 1570 } 1571
| 1607 continue; 1608 } 1609 1610 /* 1611 * Also remove the LUNs changed by more than size. 1612 */ 1613 changed = 0; 1614 assert(oldlun->l_backend != NULL); 1615 assert(newlun->l_backend != NULL); 1616 if (strcmp(newlun->l_backend, oldlun->l_backend) != 0) { 1617 log_debugx("backend for lun %d, target %s, " 1618 "CTL lun %d changed; removing", 1619 oldlun->l_lun, oldtarg->t_name, 1620 oldlun->l_ctl_lun); 1621 changed = 1; 1622 } 1623 if (oldlun->l_blocksize != newlun->l_blocksize) { 1624 log_debugx("blocksize for lun %d, target %s, " 1625 "CTL lun %d changed; removing", 1626 oldlun->l_lun, oldtarg->t_name, 1627 oldlun->l_ctl_lun); 1628 changed = 1; 1629 } 1630 if (newlun->l_device_id != NULL && 1631 (oldlun->l_device_id == NULL || 1632 strcmp(oldlun->l_device_id, newlun->l_device_id) != 1633 0)) { 1634 log_debugx("device-id for lun %d, target %s, " 1635 "CTL lun %d changed; removing", 1636 oldlun->l_lun, oldtarg->t_name, 1637 oldlun->l_ctl_lun); 1638 changed = 1; 1639 } 1640 if (newlun->l_path != NULL && 1641 (oldlun->l_path == NULL || 1642 strcmp(oldlun->l_path, newlun->l_path) != 0)) { 1643 log_debugx("path for lun %d, target %s, " 1644 "CTL lun %d, changed; removing", 1645 oldlun->l_lun, oldtarg->t_name, 1646 oldlun->l_ctl_lun); 1647 changed = 1; 1648 } 1649 if (newlun->l_serial != NULL && 1650 (oldlun->l_serial == NULL || 1651 strcmp(oldlun->l_serial, newlun->l_serial) != 0)) { 1652 log_debugx("serial for lun %d, target %s, " 1653 "CTL lun %d changed; removing", 1654 oldlun->l_lun, oldtarg->t_name, 1655 oldlun->l_ctl_lun); 1656 changed = 1; 1657 } 1658 if (changed) { 1659 error = kernel_lun_remove(oldlun); 1660 if (error != 0) { 1661 log_warnx("failed to remove lun %d, " 1662 "target %s, CTL lun %d", 1663 oldlun->l_lun, oldtarg->t_name, 1664 oldlun->l_ctl_lun); 1665 cumulated_error++; 1666 } 1667 lun_delete(oldlun); 1668 continue; 1669 } 1670 1671 lun_set_ctl_lun(newlun, oldlun->l_ctl_lun); 1672 } 1673 } 1674 1675 /* 1676 * Now add new targets or modify existing ones. 1677 */ 1678 TAILQ_FOREACH(newtarg, &newconf->conf_targets, t_next) { 1679 oldtarg = target_find(oldconf, newtarg->t_name); 1680 1681 TAILQ_FOREACH_SAFE(newlun, &newtarg->t_luns, l_next, tmplun) { 1682 if (oldtarg != NULL) { 1683 oldlun = lun_find(oldtarg, newlun->l_lun); 1684 if (oldlun != NULL) { 1685 if (newlun->l_size != oldlun->l_size || 1686 newlun->l_size == 0) { 1687 log_debugx("resizing lun %d, " 1688 "target %s, CTL lun %d", 1689 newlun->l_lun, 1690 newtarg->t_name, 1691 newlun->l_ctl_lun); 1692 error = 1693 kernel_lun_resize(newlun); 1694 if (error != 0) { 1695 log_warnx("failed to " 1696 "resize lun %d, " 1697 "target %s, " 1698 "CTL lun %d", 1699 newlun->l_lun, 1700 newtarg->t_name, 1701 newlun->l_lun); 1702 cumulated_error++; 1703 } 1704 } 1705 continue; 1706 } 1707 } 1708 log_debugx("adding lun %d, target %s", 1709 newlun->l_lun, newtarg->t_name); 1710 error = kernel_lun_add(newlun); 1711 if (error != 0) { 1712 log_warnx("failed to add lun %d, target %s", 1713 newlun->l_lun, newtarg->t_name); 1714 lun_delete(newlun); 1715 cumulated_error++; 1716 } 1717 } 1718 if (oldtarg == NULL) 1719 kernel_port_add(newtarg); 1720 } 1721 1722 /* 1723 * Go through the new portals, opening the sockets as neccessary. 1724 */ 1725 TAILQ_FOREACH(newpg, &newconf->conf_portal_groups, pg_next) { 1726 if (newpg->pg_unassigned) { 1727 log_debugx("not listening on portal-group \"%s\", " 1728 "not assigned to any target", 1729 newpg->pg_name); 1730 continue; 1731 } 1732 TAILQ_FOREACH(newp, &newpg->pg_portals, p_next) { 1733 /* 1734 * Try to find already open portal and reuse 1735 * the listening socket. We don't care about 1736 * what portal or portal group that was, what 1737 * matters is the listening address. 1738 */ 1739 TAILQ_FOREACH(oldpg, &oldconf->conf_portal_groups, 1740 pg_next) { 1741 TAILQ_FOREACH(oldp, &oldpg->pg_portals, 1742 p_next) { 1743 if (strcmp(newp->p_listen, 1744 oldp->p_listen) == 0 && 1745 oldp->p_socket > 0) { 1746 newp->p_socket = 1747 oldp->p_socket; 1748 oldp->p_socket = 0; 1749 break; 1750 } 1751 } 1752 } 1753 if (newp->p_socket > 0) { 1754 /* 1755 * We're done with this portal. 1756 */ 1757 continue; 1758 } 1759 1760#ifdef ICL_KERNEL_PROXY 1761 if (proxy_mode) { 1762 newpg->pg_conf->conf_portal_id++; 1763 newp->p_id = newpg->pg_conf->conf_portal_id; 1764 log_debugx("listening on %s, portal-group " 1765 "\"%s\", portal id %d, using ICL proxy", 1766 newp->p_listen, newpg->pg_name, newp->p_id); 1767 kernel_listen(newp->p_ai, newp->p_iser, 1768 newp->p_id); 1769 continue; 1770 } 1771#endif 1772 assert(proxy_mode == false); 1773 assert(newp->p_iser == false); 1774 1775 log_debugx("listening on %s, portal-group \"%s\"", 1776 newp->p_listen, newpg->pg_name); 1777 newp->p_socket = socket(newp->p_ai->ai_family, 1778 newp->p_ai->ai_socktype, 1779 newp->p_ai->ai_protocol); 1780 if (newp->p_socket < 0) { 1781 log_warn("socket(2) failed for %s", 1782 newp->p_listen); 1783 cumulated_error++; 1784 continue; 1785 } 1786 error = setsockopt(newp->p_socket, SOL_SOCKET, 1787 SO_REUSEADDR, &one, sizeof(one)); 1788 if (error != 0) { 1789 log_warn("setsockopt(SO_REUSEADDR) failed " 1790 "for %s", newp->p_listen); 1791 close(newp->p_socket); 1792 newp->p_socket = 0; 1793 cumulated_error++; 1794 continue; 1795 } 1796 error = bind(newp->p_socket, newp->p_ai->ai_addr, 1797 newp->p_ai->ai_addrlen); 1798 if (error != 0) { 1799 log_warn("bind(2) failed for %s", 1800 newp->p_listen); 1801 close(newp->p_socket); 1802 newp->p_socket = 0; 1803 cumulated_error++; 1804 continue; 1805 } 1806 error = listen(newp->p_socket, -1); 1807 if (error != 0) { 1808 log_warn("listen(2) failed for %s", 1809 newp->p_listen); 1810 close(newp->p_socket); 1811 newp->p_socket = 0; 1812 cumulated_error++; 1813 continue; 1814 } 1815 } 1816 } 1817 1818 /* 1819 * Go through the no longer used sockets, closing them. 1820 */ 1821 TAILQ_FOREACH(oldpg, &oldconf->conf_portal_groups, pg_next) { 1822 TAILQ_FOREACH(oldp, &oldpg->pg_portals, p_next) { 1823 if (oldp->p_socket <= 0) 1824 continue; 1825 log_debugx("closing socket for %s, portal-group \"%s\"", 1826 oldp->p_listen, oldpg->pg_name); 1827 close(oldp->p_socket); 1828 oldp->p_socket = 0; 1829 } 1830 } 1831
|
| 1832 /* (Re-)Register on remaining/new iSNS servers. */ 1833 TAILQ_FOREACH(newns, &newconf->conf_isns, i_next) { 1834 TAILQ_FOREACH(oldns, &oldconf->conf_isns, i_next) { 1835 if (strcmp(oldns->i_addr, newns->i_addr) == 0) 1836 break; 1837 } 1838 isns_register(newns, oldns); 1839 } 1840 1841 /* Schedule iSNS update */ 1842 if (!TAILQ_EMPTY(&newconf->conf_isns)) 1843 set_timeout((newconf->conf_isns_period + 2) / 3, false); 1844
|
1572 return (cumulated_error); 1573} 1574 1575bool 1576timed_out(void) 1577{ 1578 1579 return (sigalrm_received); 1580} 1581 1582static void
| 1845 return (cumulated_error); 1846} 1847 1848bool 1849timed_out(void) 1850{ 1851 1852 return (sigalrm_received); 1853} 1854 1855static void
|
1583sigalrm_handler(int dummy __unused)
| 1856sigalrm_handler_fatal(int dummy __unused)
|
1584{ 1585 /* 1586 * It would be easiest to just log an error and exit. We can't 1587 * do this, though, because log_errx() is not signal safe, since 1588 * it calls syslog(3). Instead, set a flag checked by pdu_send() 1589 * and pdu_receive(), to call log_errx() there. Should they fail 1590 * to notice, we'll exit here one second later. 1591 */ 1592 if (sigalrm_received) { 1593 /* 1594 * Oh well. Just give up and quit. 1595 */ 1596 _exit(2); 1597 } 1598 1599 sigalrm_received = true; 1600} 1601 1602static void
| 1857{ 1858 /* 1859 * It would be easiest to just log an error and exit. We can't 1860 * do this, though, because log_errx() is not signal safe, since 1861 * it calls syslog(3). Instead, set a flag checked by pdu_send() 1862 * and pdu_receive(), to call log_errx() there. Should they fail 1863 * to notice, we'll exit here one second later. 1864 */ 1865 if (sigalrm_received) { 1866 /* 1867 * Oh well. Just give up and quit. 1868 */ 1869 _exit(2); 1870 } 1871 1872 sigalrm_received = true; 1873} 1874 1875static void
|
1603set_timeout(const struct conf *conf)
| 1876sigalrm_handler(int dummy __unused)
|
1604{
| 1877{
|
| 1878 1879 sigalrm_received = true; 1880} 1881 1882void 1883set_timeout(int timeout, int fatal) 1884{
|
1605 struct sigaction sa; 1606 struct itimerval itv; 1607 int error; 1608
| 1885 struct sigaction sa; 1886 struct itimerval itv; 1887 int error; 1888
|
1609 if (conf->conf_timeout <= 0) {
| 1889 if (timeout <= 0) {
|
1610 log_debugx("session timeout disabled");
| 1890 log_debugx("session timeout disabled");
|
| 1891 bzero(&itv, sizeof(itv)); 1892 error = setitimer(ITIMER_REAL, &itv, NULL); 1893 if (error != 0) 1894 log_err(1, "setitimer"); 1895 sigalrm_received = false;
|
1611 return; 1612 } 1613
| 1896 return; 1897 } 1898
|
| 1899 sigalrm_received = false;
|
1614 bzero(&sa, sizeof(sa));
| 1900 bzero(&sa, sizeof(sa));
|
1615 sa.sa_handler = sigalrm_handler;
| 1901 if (fatal) 1902 sa.sa_handler = sigalrm_handler_fatal; 1903 else 1904 sa.sa_handler = sigalrm_handler;
|
1616 sigfillset(&sa.sa_mask); 1617 error = sigaction(SIGALRM, &sa, NULL); 1618 if (error != 0) 1619 log_err(1, "sigaction"); 1620 1621 /* 1622 * First SIGALRM will arive after conf_timeout seconds. 1623 * If we do nothing, another one will arrive a second later. 1624 */
| 1905 sigfillset(&sa.sa_mask); 1906 error = sigaction(SIGALRM, &sa, NULL); 1907 if (error != 0) 1908 log_err(1, "sigaction"); 1909 1910 /* 1911 * First SIGALRM will arive after conf_timeout seconds. 1912 * If we do nothing, another one will arrive a second later. 1913 */
|
| 1914 log_debugx("setting session timeout to %d seconds", timeout);
|
1625 bzero(&itv, sizeof(itv)); 1626 itv.it_interval.tv_sec = 1;
| 1915 bzero(&itv, sizeof(itv)); 1916 itv.it_interval.tv_sec = 1;
|
1627 itv.it_value.tv_sec = conf->conf_timeout; 1628 1629 log_debugx("setting session timeout to %d seconds", 1630 conf->conf_timeout);
| 1917 itv.it_value.tv_sec = timeout;
|
1631 error = setitimer(ITIMER_REAL, &itv, NULL); 1632 if (error != 0) 1633 log_err(1, "setitimer"); 1634} 1635 1636static int 1637wait_for_children(bool block) 1638{ 1639 pid_t pid; 1640 int status; 1641 int num = 0; 1642 1643 for (;;) { 1644 /* 1645 * If "block" is true, wait for at least one process. 1646 */ 1647 if (block && num == 0) 1648 pid = wait4(-1, &status, 0, NULL); 1649 else 1650 pid = wait4(-1, &status, WNOHANG, NULL); 1651 if (pid <= 0) 1652 break; 1653 if (WIFSIGNALED(status)) { 1654 log_warnx("child process %d terminated with signal %d", 1655 pid, WTERMSIG(status)); 1656 } else if (WEXITSTATUS(status) != 0) { 1657 log_warnx("child process %d terminated with exit status %d", 1658 pid, WEXITSTATUS(status)); 1659 } else { 1660 log_debugx("child process %d terminated gracefully", pid); 1661 } 1662 num++; 1663 } 1664 1665 return (num); 1666} 1667 1668static void 1669handle_connection(struct portal *portal, int fd, 1670 const struct sockaddr *client_sa, bool dont_fork) 1671{ 1672 struct connection *conn; 1673 int error; 1674 pid_t pid; 1675 char host[NI_MAXHOST + 1]; 1676 struct conf *conf; 1677 1678 conf = portal->p_portal_group->pg_conf; 1679 1680 if (dont_fork) { 1681 log_debugx("incoming connection; not forking due to -d flag"); 1682 } else { 1683 nchildren -= wait_for_children(false); 1684 assert(nchildren >= 0); 1685 1686 while (conf->conf_maxproc > 0 && nchildren >= conf->conf_maxproc) { 1687 log_debugx("maxproc limit of %d child processes hit; " 1688 "waiting for child process to exit", conf->conf_maxproc); 1689 nchildren -= wait_for_children(true); 1690 assert(nchildren >= 0); 1691 } 1692 log_debugx("incoming connection; forking child process #%d", 1693 nchildren); 1694 nchildren++; 1695 pid = fork(); 1696 if (pid < 0) 1697 log_err(1, "fork"); 1698 if (pid > 0) { 1699 close(fd); 1700 return; 1701 } 1702 } 1703 pidfile_close(conf->conf_pidfh); 1704 1705 error = getnameinfo(client_sa, client_sa->sa_len, 1706 host, sizeof(host), NULL, 0, NI_NUMERICHOST); 1707 if (error != 0) 1708 log_errx(1, "getnameinfo: %s", gai_strerror(error)); 1709 1710 log_debugx("accepted connection from %s; portal group \"%s\"", 1711 host, portal->p_portal_group->pg_name); 1712 log_set_peer_addr(host); 1713 setproctitle("%s", host); 1714 1715 conn = connection_new(portal, fd, host, client_sa);
| 1918 error = setitimer(ITIMER_REAL, &itv, NULL); 1919 if (error != 0) 1920 log_err(1, "setitimer"); 1921} 1922 1923static int 1924wait_for_children(bool block) 1925{ 1926 pid_t pid; 1927 int status; 1928 int num = 0; 1929 1930 for (;;) { 1931 /* 1932 * If "block" is true, wait for at least one process. 1933 */ 1934 if (block && num == 0) 1935 pid = wait4(-1, &status, 0, NULL); 1936 else 1937 pid = wait4(-1, &status, WNOHANG, NULL); 1938 if (pid <= 0) 1939 break; 1940 if (WIFSIGNALED(status)) { 1941 log_warnx("child process %d terminated with signal %d", 1942 pid, WTERMSIG(status)); 1943 } else if (WEXITSTATUS(status) != 0) { 1944 log_warnx("child process %d terminated with exit status %d", 1945 pid, WEXITSTATUS(status)); 1946 } else { 1947 log_debugx("child process %d terminated gracefully", pid); 1948 } 1949 num++; 1950 } 1951 1952 return (num); 1953} 1954 1955static void 1956handle_connection(struct portal *portal, int fd, 1957 const struct sockaddr *client_sa, bool dont_fork) 1958{ 1959 struct connection *conn; 1960 int error; 1961 pid_t pid; 1962 char host[NI_MAXHOST + 1]; 1963 struct conf *conf; 1964 1965 conf = portal->p_portal_group->pg_conf; 1966 1967 if (dont_fork) { 1968 log_debugx("incoming connection; not forking due to -d flag"); 1969 } else { 1970 nchildren -= wait_for_children(false); 1971 assert(nchildren >= 0); 1972 1973 while (conf->conf_maxproc > 0 && nchildren >= conf->conf_maxproc) { 1974 log_debugx("maxproc limit of %d child processes hit; " 1975 "waiting for child process to exit", conf->conf_maxproc); 1976 nchildren -= wait_for_children(true); 1977 assert(nchildren >= 0); 1978 } 1979 log_debugx("incoming connection; forking child process #%d", 1980 nchildren); 1981 nchildren++; 1982 pid = fork(); 1983 if (pid < 0) 1984 log_err(1, "fork"); 1985 if (pid > 0) { 1986 close(fd); 1987 return; 1988 } 1989 } 1990 pidfile_close(conf->conf_pidfh); 1991 1992 error = getnameinfo(client_sa, client_sa->sa_len, 1993 host, sizeof(host), NULL, 0, NI_NUMERICHOST); 1994 if (error != 0) 1995 log_errx(1, "getnameinfo: %s", gai_strerror(error)); 1996 1997 log_debugx("accepted connection from %s; portal group \"%s\"", 1998 host, portal->p_portal_group->pg_name); 1999 log_set_peer_addr(host); 2000 setproctitle("%s", host); 2001 2002 conn = connection_new(portal, fd, host, client_sa);
|
1716 set_timeout(conf);
| 2003 set_timeout(conf->conf_timeout, true);
|
1717 kernel_capsicate(); 1718 login(conn); 1719 if (conn->conn_session_type == CONN_SESSION_TYPE_NORMAL) { 1720 kernel_handoff(conn); 1721 log_debugx("connection handed off to the kernel"); 1722 } else { 1723 assert(conn->conn_session_type == CONN_SESSION_TYPE_DISCOVERY); 1724 discovery(conn); 1725 } 1726 log_debugx("nothing more to do; exiting"); 1727 exit(0); 1728} 1729 1730static int 1731fd_add(int fd, fd_set *fdset, int nfds) 1732{ 1733 1734 /* 1735 * Skip sockets which we failed to bind. 1736 */ 1737 if (fd <= 0) 1738 return (nfds); 1739 1740 FD_SET(fd, fdset); 1741 if (fd > nfds) 1742 nfds = fd; 1743 return (nfds); 1744} 1745 1746static void 1747main_loop(struct conf *conf, bool dont_fork) 1748{ 1749 struct portal_group *pg; 1750 struct portal *portal; 1751 struct sockaddr_storage client_sa; 1752 socklen_t client_salen; 1753#ifdef ICL_KERNEL_PROXY 1754 int connection_id; 1755 int portal_id; 1756#endif 1757 fd_set fdset; 1758 int error, nfds, client_fd; 1759 1760 pidfile_write(conf->conf_pidfh); 1761 1762 for (;;) {
| 2004 kernel_capsicate(); 2005 login(conn); 2006 if (conn->conn_session_type == CONN_SESSION_TYPE_NORMAL) { 2007 kernel_handoff(conn); 2008 log_debugx("connection handed off to the kernel"); 2009 } else { 2010 assert(conn->conn_session_type == CONN_SESSION_TYPE_DISCOVERY); 2011 discovery(conn); 2012 } 2013 log_debugx("nothing more to do; exiting"); 2014 exit(0); 2015} 2016 2017static int 2018fd_add(int fd, fd_set *fdset, int nfds) 2019{ 2020 2021 /* 2022 * Skip sockets which we failed to bind. 2023 */ 2024 if (fd <= 0) 2025 return (nfds); 2026 2027 FD_SET(fd, fdset); 2028 if (fd > nfds) 2029 nfds = fd; 2030 return (nfds); 2031} 2032 2033static void 2034main_loop(struct conf *conf, bool dont_fork) 2035{ 2036 struct portal_group *pg; 2037 struct portal *portal; 2038 struct sockaddr_storage client_sa; 2039 socklen_t client_salen; 2040#ifdef ICL_KERNEL_PROXY 2041 int connection_id; 2042 int portal_id; 2043#endif 2044 fd_set fdset; 2045 int error, nfds, client_fd; 2046 2047 pidfile_write(conf->conf_pidfh); 2048 2049 for (;;) {
|
1763 if (sighup_received || sigterm_received)
| 2050 if (sighup_received || sigterm_received || timed_out())
|
1764 return; 1765 1766#ifdef ICL_KERNEL_PROXY 1767 if (proxy_mode) { 1768 client_salen = sizeof(client_sa); 1769 kernel_accept(&connection_id, &portal_id, 1770 (struct sockaddr *)&client_sa, &client_salen); 1771 assert(client_salen >= client_sa.ss_len); 1772 1773 log_debugx("incoming connection, id %d, portal id %d", 1774 connection_id, portal_id); 1775 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1776 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 1777 if (portal->p_id == portal_id) { 1778 goto found; 1779 } 1780 } 1781 } 1782 1783 log_errx(1, "kernel returned invalid portal_id %d", 1784 portal_id); 1785 1786found: 1787 handle_connection(portal, connection_id, 1788 (struct sockaddr *)&client_sa, dont_fork); 1789 } else { 1790#endif 1791 assert(proxy_mode == false); 1792 1793 FD_ZERO(&fdset); 1794 nfds = 0; 1795 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1796 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) 1797 nfds = fd_add(portal->p_socket, &fdset, nfds); 1798 } 1799 error = select(nfds + 1, &fdset, NULL, NULL, NULL); 1800 if (error <= 0) { 1801 if (errno == EINTR) 1802 return; 1803 log_err(1, "select"); 1804 } 1805 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1806 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 1807 if (!FD_ISSET(portal->p_socket, &fdset)) 1808 continue; 1809 client_salen = sizeof(client_sa); 1810 client_fd = accept(portal->p_socket, 1811 (struct sockaddr *)&client_sa, 1812 &client_salen); 1813 if (client_fd < 0) 1814 log_err(1, "accept"); 1815 assert(client_salen >= client_sa.ss_len); 1816 1817 handle_connection(portal, client_fd, 1818 (struct sockaddr *)&client_sa, 1819 dont_fork); 1820 break; 1821 } 1822 } 1823#ifdef ICL_KERNEL_PROXY 1824 } 1825#endif 1826 } 1827} 1828 1829static void 1830sighup_handler(int dummy __unused) 1831{ 1832 1833 sighup_received = true; 1834} 1835 1836static void 1837sigterm_handler(int dummy __unused) 1838{ 1839 1840 sigterm_received = true; 1841} 1842 1843static void 1844sigchld_handler(int dummy __unused) 1845{ 1846 1847 /* 1848 * The only purpose of this handler is to make SIGCHLD 1849 * interrupt the ISCSIDWAIT ioctl(2), so we can call 1850 * wait_for_children(). 1851 */ 1852} 1853 1854static void 1855register_signals(void) 1856{ 1857 struct sigaction sa; 1858 int error; 1859 1860 bzero(&sa, sizeof(sa)); 1861 sa.sa_handler = sighup_handler; 1862 sigfillset(&sa.sa_mask); 1863 error = sigaction(SIGHUP, &sa, NULL); 1864 if (error != 0) 1865 log_err(1, "sigaction"); 1866 1867 sa.sa_handler = sigterm_handler; 1868 error = sigaction(SIGTERM, &sa, NULL); 1869 if (error != 0) 1870 log_err(1, "sigaction"); 1871 1872 sa.sa_handler = sigterm_handler; 1873 error = sigaction(SIGINT, &sa, NULL); 1874 if (error != 0) 1875 log_err(1, "sigaction"); 1876 1877 sa.sa_handler = sigchld_handler; 1878 error = sigaction(SIGCHLD, &sa, NULL); 1879 if (error != 0) 1880 log_err(1, "sigaction"); 1881} 1882 1883int 1884main(int argc, char **argv) 1885{ 1886 struct conf *oldconf, *newconf, *tmpconf;
| 2051 return; 2052 2053#ifdef ICL_KERNEL_PROXY 2054 if (proxy_mode) { 2055 client_salen = sizeof(client_sa); 2056 kernel_accept(&connection_id, &portal_id, 2057 (struct sockaddr *)&client_sa, &client_salen); 2058 assert(client_salen >= client_sa.ss_len); 2059 2060 log_debugx("incoming connection, id %d, portal id %d", 2061 connection_id, portal_id); 2062 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 2063 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 2064 if (portal->p_id == portal_id) { 2065 goto found; 2066 } 2067 } 2068 } 2069 2070 log_errx(1, "kernel returned invalid portal_id %d", 2071 portal_id); 2072 2073found: 2074 handle_connection(portal, connection_id, 2075 (struct sockaddr *)&client_sa, dont_fork); 2076 } else { 2077#endif 2078 assert(proxy_mode == false); 2079 2080 FD_ZERO(&fdset); 2081 nfds = 0; 2082 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 2083 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) 2084 nfds = fd_add(portal->p_socket, &fdset, nfds); 2085 } 2086 error = select(nfds + 1, &fdset, NULL, NULL, NULL); 2087 if (error <= 0) { 2088 if (errno == EINTR) 2089 return; 2090 log_err(1, "select"); 2091 } 2092 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 2093 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 2094 if (!FD_ISSET(portal->p_socket, &fdset)) 2095 continue; 2096 client_salen = sizeof(client_sa); 2097 client_fd = accept(portal->p_socket, 2098 (struct sockaddr *)&client_sa, 2099 &client_salen); 2100 if (client_fd < 0) 2101 log_err(1, "accept"); 2102 assert(client_salen >= client_sa.ss_len); 2103 2104 handle_connection(portal, client_fd, 2105 (struct sockaddr *)&client_sa, 2106 dont_fork); 2107 break; 2108 } 2109 } 2110#ifdef ICL_KERNEL_PROXY 2111 } 2112#endif 2113 } 2114} 2115 2116static void 2117sighup_handler(int dummy __unused) 2118{ 2119 2120 sighup_received = true; 2121} 2122 2123static void 2124sigterm_handler(int dummy __unused) 2125{ 2126 2127 sigterm_received = true; 2128} 2129 2130static void 2131sigchld_handler(int dummy __unused) 2132{ 2133 2134 /* 2135 * The only purpose of this handler is to make SIGCHLD 2136 * interrupt the ISCSIDWAIT ioctl(2), so we can call 2137 * wait_for_children(). 2138 */ 2139} 2140 2141static void 2142register_signals(void) 2143{ 2144 struct sigaction sa; 2145 int error; 2146 2147 bzero(&sa, sizeof(sa)); 2148 sa.sa_handler = sighup_handler; 2149 sigfillset(&sa.sa_mask); 2150 error = sigaction(SIGHUP, &sa, NULL); 2151 if (error != 0) 2152 log_err(1, "sigaction"); 2153 2154 sa.sa_handler = sigterm_handler; 2155 error = sigaction(SIGTERM, &sa, NULL); 2156 if (error != 0) 2157 log_err(1, "sigaction"); 2158 2159 sa.sa_handler = sigterm_handler; 2160 error = sigaction(SIGINT, &sa, NULL); 2161 if (error != 0) 2162 log_err(1, "sigaction"); 2163 2164 sa.sa_handler = sigchld_handler; 2165 error = sigaction(SIGCHLD, &sa, NULL); 2166 if (error != 0) 2167 log_err(1, "sigaction"); 2168} 2169 2170int 2171main(int argc, char **argv) 2172{ 2173 struct conf *oldconf, *newconf, *tmpconf;
|
| 2174 struct isns *newns;
|
1887 const char *config_path = DEFAULT_CONFIG_PATH; 1888 int debug = 0, ch, error; 1889 bool dont_daemonize = false; 1890 1891 while ((ch = getopt(argc, argv, "df:R")) != -1) { 1892 switch (ch) { 1893 case 'd': 1894 dont_daemonize = true; 1895 debug++; 1896 break; 1897 case 'f': 1898 config_path = optarg; 1899 break; 1900 case 'R': 1901#ifndef ICL_KERNEL_PROXY 1902 log_errx(1, "ctld(8) compiled without ICL_KERNEL_PROXY " 1903 "does not support iSER protocol"); 1904#endif 1905 proxy_mode = true; 1906 break; 1907 case '?': 1908 default: 1909 usage(); 1910 } 1911 } 1912 argc -= optind; 1913 if (argc != 0) 1914 usage(); 1915 1916 log_init(debug); 1917 kernel_init(); 1918 1919 oldconf = conf_new_from_kernel(); 1920 newconf = conf_new_from_file(config_path); 1921 if (newconf == NULL) 1922 log_errx(1, "configuration error; exiting"); 1923 if (debug > 0) { 1924 oldconf->conf_debug = debug; 1925 newconf->conf_debug = debug; 1926 } 1927 1928 error = conf_apply(oldconf, newconf); 1929 if (error != 0) 1930 log_errx(1, "failed to apply configuration; exiting"); 1931 1932 conf_delete(oldconf); 1933 oldconf = NULL; 1934 1935 register_signals(); 1936 1937 if (dont_daemonize == false) { 1938 log_debugx("daemonizing"); 1939 if (daemon(0, 0) == -1) { 1940 log_warn("cannot daemonize"); 1941 pidfile_remove(newconf->conf_pidfh); 1942 exit(1); 1943 } 1944 } 1945
| 2175 const char *config_path = DEFAULT_CONFIG_PATH; 2176 int debug = 0, ch, error; 2177 bool dont_daemonize = false; 2178 2179 while ((ch = getopt(argc, argv, "df:R")) != -1) { 2180 switch (ch) { 2181 case 'd': 2182 dont_daemonize = true; 2183 debug++; 2184 break; 2185 case 'f': 2186 config_path = optarg; 2187 break; 2188 case 'R': 2189#ifndef ICL_KERNEL_PROXY 2190 log_errx(1, "ctld(8) compiled without ICL_KERNEL_PROXY " 2191 "does not support iSER protocol"); 2192#endif 2193 proxy_mode = true; 2194 break; 2195 case '?': 2196 default: 2197 usage(); 2198 } 2199 } 2200 argc -= optind; 2201 if (argc != 0) 2202 usage(); 2203 2204 log_init(debug); 2205 kernel_init(); 2206 2207 oldconf = conf_new_from_kernel(); 2208 newconf = conf_new_from_file(config_path); 2209 if (newconf == NULL) 2210 log_errx(1, "configuration error; exiting"); 2211 if (debug > 0) { 2212 oldconf->conf_debug = debug; 2213 newconf->conf_debug = debug; 2214 } 2215 2216 error = conf_apply(oldconf, newconf); 2217 if (error != 0) 2218 log_errx(1, "failed to apply configuration; exiting"); 2219 2220 conf_delete(oldconf); 2221 oldconf = NULL; 2222 2223 register_signals(); 2224 2225 if (dont_daemonize == false) { 2226 log_debugx("daemonizing"); 2227 if (daemon(0, 0) == -1) { 2228 log_warn("cannot daemonize"); 2229 pidfile_remove(newconf->conf_pidfh); 2230 exit(1); 2231 } 2232 } 2233
|
| 2234 /* Schedule iSNS update */ 2235 if (!TAILQ_EMPTY(&newconf->conf_isns)) 2236 set_timeout((newconf->conf_isns_period + 2) / 3, false); 2237
|
1946 for (;;) { 1947 main_loop(newconf, dont_daemonize); 1948 if (sighup_received) { 1949 sighup_received = false; 1950 log_debugx("received SIGHUP, reloading configuration"); 1951 tmpconf = conf_new_from_file(config_path); 1952 if (tmpconf == NULL) { 1953 log_warnx("configuration error, " 1954 "continuing with old configuration"); 1955 } else { 1956 if (debug > 0) 1957 tmpconf->conf_debug = debug; 1958 oldconf = newconf; 1959 newconf = tmpconf; 1960 error = conf_apply(oldconf, newconf); 1961 if (error != 0) 1962 log_warnx("failed to reload " 1963 "configuration"); 1964 conf_delete(oldconf); 1965 oldconf = NULL; 1966 } 1967 } else if (sigterm_received) { 1968 log_debugx("exiting on signal; " 1969 "reloading empty configuration"); 1970 1971 log_debugx("disabling CTL iSCSI port " 1972 "and terminating all connections"); 1973 1974 oldconf = newconf; 1975 newconf = conf_new(); 1976 if (debug > 0) 1977 newconf->conf_debug = debug; 1978 error = conf_apply(oldconf, newconf); 1979 if (error != 0) 1980 log_warnx("failed to apply configuration");
| 2238 for (;;) { 2239 main_loop(newconf, dont_daemonize); 2240 if (sighup_received) { 2241 sighup_received = false; 2242 log_debugx("received SIGHUP, reloading configuration"); 2243 tmpconf = conf_new_from_file(config_path); 2244 if (tmpconf == NULL) { 2245 log_warnx("configuration error, " 2246 "continuing with old configuration"); 2247 } else { 2248 if (debug > 0) 2249 tmpconf->conf_debug = debug; 2250 oldconf = newconf; 2251 newconf = tmpconf; 2252 error = conf_apply(oldconf, newconf); 2253 if (error != 0) 2254 log_warnx("failed to reload " 2255 "configuration"); 2256 conf_delete(oldconf); 2257 oldconf = NULL; 2258 } 2259 } else if (sigterm_received) { 2260 log_debugx("exiting on signal; " 2261 "reloading empty configuration"); 2262 2263 log_debugx("disabling CTL iSCSI port " 2264 "and terminating all connections"); 2265 2266 oldconf = newconf; 2267 newconf = conf_new(); 2268 if (debug > 0) 2269 newconf->conf_debug = debug; 2270 error = conf_apply(oldconf, newconf); 2271 if (error != 0) 2272 log_warnx("failed to apply configuration");
|
| 2273 conf_delete(oldconf); 2274 oldconf = NULL;
|
1981 1982 log_warnx("exiting on signal"); 1983 exit(0); 1984 } else { 1985 nchildren -= wait_for_children(false); 1986 assert(nchildren >= 0);
| 2275 2276 log_warnx("exiting on signal"); 2277 exit(0); 2278 } else { 2279 nchildren -= wait_for_children(false); 2280 assert(nchildren >= 0);
|
| 2281 if (timed_out()) { 2282 set_timeout(0, false); 2283 TAILQ_FOREACH(newns, &newconf->conf_isns, i_next) 2284 isns_check(newns); 2285 /* Schedule iSNS update */ 2286 if (!TAILQ_EMPTY(&newconf->conf_isns)) { 2287 set_timeout((newconf->conf_isns_period 2288 + 2) / 3, 2289 false); 2290 } 2291 }
|
1987 } 1988 } 1989 /* NOTREACHED */ 1990}
| 2292 } 2293 } 2294 /* NOTREACHED */ 2295}
|