1%{ 2/*- 3 * Copyright (c) 2012 The FreeBSD Foundation 4 * All rights reserved. 5 * 6 * This software was developed by Edward Tomasz Napierala under sponsorship 7 * from the FreeBSD Foundation. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 *
| 1%{ 2/*- 3 * Copyright (c) 2012 The FreeBSD Foundation 4 * All rights reserved. 5 * 6 * This software was developed by Edward Tomasz Napierala under sponsorship 7 * from the FreeBSD Foundation. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 *
|
136 free($1); 137 if (auth_group == NULL) 138 return (1); 139 } 140 ; 141 142auth_group_entries: 143 | 144 auth_group_entries auth_group_entry 145 ; 146 147auth_group_entry: 148 auth_group_auth_type 149 | 150 auth_group_chap 151 | 152 auth_group_chap_mutual 153 | 154 auth_group_initiator_name 155 | 156 auth_group_initiator_portal 157 ; 158 159auth_group_auth_type: AUTH_TYPE STR 160 { 161 int error; 162 163 error = auth_group_set_type_str(auth_group, $2); 164 free($2); 165 if (error != 0) 166 return (1); 167 } 168 ; 169 170auth_group_chap: CHAP STR STR 171 { 172 const struct auth *ca; 173 174 ca = auth_new_chap(auth_group, $2, $3); 175 free($2); 176 free($3); 177 if (ca == NULL) 178 return (1); 179 } 180 ; 181 182auth_group_chap_mutual: CHAP_MUTUAL STR STR STR STR 183 { 184 const struct auth *ca; 185 186 ca = auth_new_chap_mutual(auth_group, $2, $3, $4, $5); 187 free($2); 188 free($3); 189 free($4); 190 free($5); 191 if (ca == NULL) 192 return (1); 193 } 194 ; 195 196auth_group_initiator_name: INITIATOR_NAME STR 197 { 198 const struct auth_name *an; 199 200 an = auth_name_new(auth_group, $2); 201 free($2); 202 if (an == NULL) 203 return (1); 204 } 205 ; 206 207auth_group_initiator_portal: INITIATOR_PORTAL STR 208 { 209 const struct auth_portal *ap; 210 211 ap = auth_portal_new(auth_group, $2); 212 free($2); 213 if (ap == NULL) 214 return (1); 215 } 216 ; 217 218portal_group: PORTAL_GROUP portal_group_name 219 OPENING_BRACKET portal_group_entries CLOSING_BRACKET 220 { 221 portal_group = NULL; 222 } 223 ; 224 225portal_group_name: STR 226 { 227 /* 228 * Make it possible to redefine default 229 * portal-group. but only once. 230 */ 231 if (strcmp($1, "default") == 0 && 232 conf->conf_default_pg_defined == false) { 233 portal_group = portal_group_find(conf, $1); 234 conf->conf_default_pg_defined = true; 235 } else { 236 portal_group = portal_group_new(conf, $1); 237 } 238 free($1); 239 if (portal_group == NULL) 240 return (1); 241 } 242 ; 243 244portal_group_entries: 245 | 246 portal_group_entries portal_group_entry 247 ; 248 249portal_group_entry: 250 portal_group_discovery_auth_group 251 | 252 portal_group_listen 253 | 254 portal_group_listen_iser 255 ; 256 257portal_group_discovery_auth_group: DISCOVERY_AUTH_GROUP STR 258 { 259 if (portal_group->pg_discovery_auth_group != NULL) { 260 log_warnx("discovery-auth-group for portal-group " 261 "\"%s\" specified more than once", 262 portal_group->pg_name); 263 return (1); 264 } 265 portal_group->pg_discovery_auth_group = 266 auth_group_find(conf, $2); 267 if (portal_group->pg_discovery_auth_group == NULL) { 268 log_warnx("unknown discovery-auth-group \"%s\" " 269 "for portal-group \"%s\"", 270 $2, portal_group->pg_name); 271 return (1); 272 } 273 free($2); 274 } 275 ; 276 277portal_group_listen: LISTEN STR 278 { 279 int error; 280 281 error = portal_group_add_listen(portal_group, $2, false); 282 free($2); 283 if (error != 0) 284 return (1); 285 } 286 ; 287 288portal_group_listen_iser: LISTEN_ISER STR 289 { 290 int error; 291 292 error = portal_group_add_listen(portal_group, $2, true); 293 free($2); 294 if (error != 0) 295 return (1); 296 } 297 ; 298 299target: TARGET target_name 300 OPENING_BRACKET target_entries CLOSING_BRACKET 301 { 302 target = NULL; 303 } 304 ; 305 306target_name: STR 307 { 308 target = target_new(conf, $1); 309 free($1); 310 if (target == NULL) 311 return (1); 312 } 313 ; 314 315target_entries: 316 | 317 target_entries target_entry 318 ; 319 320target_entry: 321 target_alias 322 | 323 target_auth_group 324 | 325 target_auth_type 326 | 327 target_chap 328 | 329 target_chap_mutual 330 | 331 target_initiator_name 332 | 333 target_initiator_portal 334 | 335 target_portal_group 336 | 337 target_lun 338 ; 339 340target_alias: ALIAS STR 341 { 342 if (target->t_alias != NULL) { 343 log_warnx("alias for target \"%s\" " 344 "specified more than once", target->t_name); 345 return (1); 346 } 347 target->t_alias = $2; 348 } 349 ; 350 351target_auth_group: AUTH_GROUP STR 352 { 353 if (target->t_auth_group != NULL) { 354 if (target->t_auth_group->ag_name != NULL) 355 log_warnx("auth-group for target \"%s\" " 356 "specified more than once", target->t_name); 357 else 358 log_warnx("cannot use both auth-group and explicit " 359 "authorisations for target \"%s\"", 360 target->t_name); 361 return (1); 362 } 363 target->t_auth_group = auth_group_find(conf, $2); 364 if (target->t_auth_group == NULL) { 365 log_warnx("unknown auth-group \"%s\" for target " 366 "\"%s\"", $2, target->t_name); 367 return (1); 368 } 369 free($2); 370 } 371 ; 372 373target_auth_type: AUTH_TYPE STR 374 { 375 int error; 376 377 if (target->t_auth_group != NULL) { 378 if (target->t_auth_group->ag_name != NULL) { 379 log_warnx("cannot use both auth-group and " 380 "auth-type for target \"%s\"", 381 target->t_name); 382 return (1); 383 } 384 } else { 385 target->t_auth_group = auth_group_new(conf, NULL); 386 if (target->t_auth_group == NULL) { 387 free($2); 388 return (1); 389 } 390 target->t_auth_group->ag_target = target; 391 } 392 error = auth_group_set_type_str(target->t_auth_group, $2); 393 free($2); 394 if (error != 0) 395 return (1); 396 } 397 ; 398 399target_chap: CHAP STR STR 400 { 401 const struct auth *ca; 402 403 if (target->t_auth_group != NULL) { 404 if (target->t_auth_group->ag_name != NULL) { 405 log_warnx("cannot use both auth-group and " 406 "chap for target \"%s\"", 407 target->t_name); 408 free($2); 409 free($3); 410 return (1); 411 } 412 } else { 413 target->t_auth_group = auth_group_new(conf, NULL); 414 if (target->t_auth_group == NULL) { 415 free($2); 416 free($3); 417 return (1); 418 } 419 target->t_auth_group->ag_target = target; 420 } 421 ca = auth_new_chap(target->t_auth_group, $2, $3); 422 free($2); 423 free($3); 424 if (ca == NULL) 425 return (1); 426 } 427 ; 428 429target_chap_mutual: CHAP_MUTUAL STR STR STR STR 430 { 431 const struct auth *ca; 432 433 if (target->t_auth_group != NULL) { 434 if (target->t_auth_group->ag_name != NULL) { 435 log_warnx("cannot use both auth-group and " 436 "chap-mutual for target \"%s\"", 437 target->t_name); 438 free($2); 439 free($3); 440 free($4); 441 free($5); 442 return (1); 443 } 444 } else { 445 target->t_auth_group = auth_group_new(conf, NULL); 446 if (target->t_auth_group == NULL) { 447 free($2); 448 free($3); 449 free($4); 450 free($5); 451 return (1); 452 } 453 target->t_auth_group->ag_target = target; 454 } 455 ca = auth_new_chap_mutual(target->t_auth_group, 456 $2, $3, $4, $5); 457 free($2); 458 free($3); 459 free($4); 460 free($5); 461 if (ca == NULL) 462 return (1); 463 } 464 ; 465 466target_initiator_name: INITIATOR_NAME STR 467 { 468 const struct auth_name *an; 469 470 if (target->t_auth_group != NULL) { 471 if (target->t_auth_group->ag_name != NULL) { 472 log_warnx("cannot use both auth-group and " 473 "initiator-name for target \"%s\"", 474 target->t_name); 475 free($2); 476 return (1); 477 } 478 } else { 479 target->t_auth_group = auth_group_new(conf, NULL); 480 if (target->t_auth_group == NULL) { 481 free($2); 482 return (1); 483 } 484 target->t_auth_group->ag_target = target; 485 } 486 an = auth_name_new(target->t_auth_group, $2); 487 free($2); 488 if (an == NULL) 489 return (1); 490 } 491 ; 492 493target_initiator_portal: INITIATOR_PORTAL STR 494 { 495 const struct auth_portal *ap; 496 497 if (target->t_auth_group != NULL) { 498 if (target->t_auth_group->ag_name != NULL) { 499 log_warnx("cannot use both auth-group and " 500 "initiator-portal for target \"%s\"", 501 target->t_name); 502 free($2); 503 return (1); 504 } 505 } else { 506 target->t_auth_group = auth_group_new(conf, NULL); 507 if (target->t_auth_group == NULL) { 508 free($2); 509 return (1); 510 } 511 target->t_auth_group->ag_target = target; 512 } 513 ap = auth_portal_new(target->t_auth_group, $2); 514 free($2); 515 if (ap == NULL) 516 return (1); 517 } 518 ; 519 520target_portal_group: PORTAL_GROUP STR 521 { 522 if (target->t_portal_group != NULL) { 523 log_warnx("portal-group for target \"%s\" " 524 "specified more than once", target->t_name); 525 free($2); 526 return (1); 527 } 528 target->t_portal_group = portal_group_find(conf, $2); 529 if (target->t_portal_group == NULL) { 530 log_warnx("unknown portal-group \"%s\" for target " 531 "\"%s\"", $2, target->t_name); 532 free($2); 533 return (1); 534 } 535 free($2); 536 } 537 ; 538 539target_lun: LUN lun_number 540 OPENING_BRACKET lun_entries CLOSING_BRACKET 541 { 542 lun = NULL; 543 } 544 ; 545 546lun_number: NUM 547 { 548 lun = lun_new(target, $1); 549 if (lun == NULL) 550 return (1); 551 } 552 ; 553 554lun_entries: 555 | 556 lun_entries lun_entry 557 ; 558 559lun_entry: 560 lun_backend 561 | 562 lun_blocksize 563 | 564 lun_device_id 565 | 566 lun_option 567 | 568 lun_path 569 | 570 lun_serial 571 | 572 lun_size 573 ; 574 575lun_backend: BACKEND STR 576 { 577 if (lun->l_backend != NULL) { 578 log_warnx("backend for lun %d, target \"%s\" " 579 "specified more than once", 580 lun->l_lun, target->t_name); 581 free($2); 582 return (1); 583 } 584 lun_set_backend(lun, $2); 585 free($2); 586 } 587 ; 588 589lun_blocksize: BLOCKSIZE NUM 590 { 591 if (lun->l_blocksize != 0) { 592 log_warnx("blocksize for lun %d, target \"%s\" " 593 "specified more than once", 594 lun->l_lun, target->t_name); 595 return (1); 596 } 597 lun_set_blocksize(lun, $2); 598 } 599 ; 600 601lun_device_id: DEVICE_ID STR 602 { 603 if (lun->l_device_id != NULL) { 604 log_warnx("device_id for lun %d, target \"%s\" " 605 "specified more than once", 606 lun->l_lun, target->t_name); 607 free($2); 608 return (1); 609 } 610 lun_set_device_id(lun, $2); 611 free($2); 612 } 613 ; 614 615lun_option: OPTION STR STR 616 { 617 struct lun_option *clo; 618 619 clo = lun_option_new(lun, $2, $3); 620 free($2); 621 free($3); 622 if (clo == NULL) 623 return (1); 624 } 625 ; 626 627lun_path: PATH STR 628 { 629 if (lun->l_path != NULL) { 630 log_warnx("path for lun %d, target \"%s\" " 631 "specified more than once", 632 lun->l_lun, target->t_name); 633 free($2); 634 return (1); 635 } 636 lun_set_path(lun, $2); 637 free($2); 638 } 639 ; 640 641lun_serial: SERIAL STR 642 { 643 if (lun->l_serial != NULL) { 644 log_warnx("serial for lun %d, target \"%s\" " 645 "specified more than once", 646 lun->l_lun, target->t_name); 647 free($2); 648 return (1); 649 } 650 lun_set_serial(lun, $2); 651 free($2); 652 } 653 ; 654 655lun_size: SIZE NUM 656 { 657 if (lun->l_size != 0) { 658 log_warnx("size for lun %d, target \"%s\" " 659 "specified more than once", 660 lun->l_lun, target->t_name); 661 return (1); 662 } 663 lun_set_size(lun, $2); 664 } 665 ; 666%% 667 668void 669yyerror(const char *str) 670{ 671 672 log_warnx("error in configuration file at line %d near '%s': %s", 673 lineno, yytext, str); 674} 675 676static void 677check_perms(const char *path) 678{ 679 struct stat sb; 680 int error; 681 682 error = stat(path, &sb); 683 if (error != 0) { 684 log_warn("stat"); 685 return; 686 } 687 if (sb.st_mode & S_IWOTH) { 688 log_warnx("%s is world-writable", path); 689 } else if (sb.st_mode & S_IROTH) { 690 log_warnx("%s is world-readable", path); 691 } else if (sb.st_mode & S_IXOTH) { 692 /* 693 * Ok, this one doesn't matter, but still do it, 694 * just for consistency. 695 */ 696 log_warnx("%s is world-executable", path); 697 } 698 699 /* 700 * XXX: Should we also check for owner != 0? 701 */ 702} 703 704struct conf * 705conf_new_from_file(const char *path) 706{ 707 struct auth_group *ag; 708 struct portal_group *pg; 709 int error; 710 711 log_debugx("obtaining configuration from %s", path); 712 713 conf = conf_new(); 714
| 146 free($1); 147 if (auth_group == NULL) 148 return (1); 149 } 150 ; 151 152auth_group_entries: 153 | 154 auth_group_entries auth_group_entry 155 ; 156 157auth_group_entry: 158 auth_group_auth_type 159 | 160 auth_group_chap 161 | 162 auth_group_chap_mutual 163 | 164 auth_group_initiator_name 165 | 166 auth_group_initiator_portal 167 ; 168 169auth_group_auth_type: AUTH_TYPE STR 170 { 171 int error; 172 173 error = auth_group_set_type_str(auth_group, $2); 174 free($2); 175 if (error != 0) 176 return (1); 177 } 178 ; 179 180auth_group_chap: CHAP STR STR 181 { 182 const struct auth *ca; 183 184 ca = auth_new_chap(auth_group, $2, $3); 185 free($2); 186 free($3); 187 if (ca == NULL) 188 return (1); 189 } 190 ; 191 192auth_group_chap_mutual: CHAP_MUTUAL STR STR STR STR 193 { 194 const struct auth *ca; 195 196 ca = auth_new_chap_mutual(auth_group, $2, $3, $4, $5); 197 free($2); 198 free($3); 199 free($4); 200 free($5); 201 if (ca == NULL) 202 return (1); 203 } 204 ; 205 206auth_group_initiator_name: INITIATOR_NAME STR 207 { 208 const struct auth_name *an; 209 210 an = auth_name_new(auth_group, $2); 211 free($2); 212 if (an == NULL) 213 return (1); 214 } 215 ; 216 217auth_group_initiator_portal: INITIATOR_PORTAL STR 218 { 219 const struct auth_portal *ap; 220 221 ap = auth_portal_new(auth_group, $2); 222 free($2); 223 if (ap == NULL) 224 return (1); 225 } 226 ; 227 228portal_group: PORTAL_GROUP portal_group_name 229 OPENING_BRACKET portal_group_entries CLOSING_BRACKET 230 { 231 portal_group = NULL; 232 } 233 ; 234 235portal_group_name: STR 236 { 237 /* 238 * Make it possible to redefine default 239 * portal-group. but only once. 240 */ 241 if (strcmp($1, "default") == 0 && 242 conf->conf_default_pg_defined == false) { 243 portal_group = portal_group_find(conf, $1); 244 conf->conf_default_pg_defined = true; 245 } else { 246 portal_group = portal_group_new(conf, $1); 247 } 248 free($1); 249 if (portal_group == NULL) 250 return (1); 251 } 252 ; 253 254portal_group_entries: 255 | 256 portal_group_entries portal_group_entry 257 ; 258 259portal_group_entry: 260 portal_group_discovery_auth_group 261 | 262 portal_group_listen 263 | 264 portal_group_listen_iser 265 ; 266 267portal_group_discovery_auth_group: DISCOVERY_AUTH_GROUP STR 268 { 269 if (portal_group->pg_discovery_auth_group != NULL) { 270 log_warnx("discovery-auth-group for portal-group " 271 "\"%s\" specified more than once", 272 portal_group->pg_name); 273 return (1); 274 } 275 portal_group->pg_discovery_auth_group = 276 auth_group_find(conf, $2); 277 if (portal_group->pg_discovery_auth_group == NULL) { 278 log_warnx("unknown discovery-auth-group \"%s\" " 279 "for portal-group \"%s\"", 280 $2, portal_group->pg_name); 281 return (1); 282 } 283 free($2); 284 } 285 ; 286 287portal_group_listen: LISTEN STR 288 { 289 int error; 290 291 error = portal_group_add_listen(portal_group, $2, false); 292 free($2); 293 if (error != 0) 294 return (1); 295 } 296 ; 297 298portal_group_listen_iser: LISTEN_ISER STR 299 { 300 int error; 301 302 error = portal_group_add_listen(portal_group, $2, true); 303 free($2); 304 if (error != 0) 305 return (1); 306 } 307 ; 308 309target: TARGET target_name 310 OPENING_BRACKET target_entries CLOSING_BRACKET 311 { 312 target = NULL; 313 } 314 ; 315 316target_name: STR 317 { 318 target = target_new(conf, $1); 319 free($1); 320 if (target == NULL) 321 return (1); 322 } 323 ; 324 325target_entries: 326 | 327 target_entries target_entry 328 ; 329 330target_entry: 331 target_alias 332 | 333 target_auth_group 334 | 335 target_auth_type 336 | 337 target_chap 338 | 339 target_chap_mutual 340 | 341 target_initiator_name 342 | 343 target_initiator_portal 344 | 345 target_portal_group 346 | 347 target_lun 348 ; 349 350target_alias: ALIAS STR 351 { 352 if (target->t_alias != NULL) { 353 log_warnx("alias for target \"%s\" " 354 "specified more than once", target->t_name); 355 return (1); 356 } 357 target->t_alias = $2; 358 } 359 ; 360 361target_auth_group: AUTH_GROUP STR 362 { 363 if (target->t_auth_group != NULL) { 364 if (target->t_auth_group->ag_name != NULL) 365 log_warnx("auth-group for target \"%s\" " 366 "specified more than once", target->t_name); 367 else 368 log_warnx("cannot use both auth-group and explicit " 369 "authorisations for target \"%s\"", 370 target->t_name); 371 return (1); 372 } 373 target->t_auth_group = auth_group_find(conf, $2); 374 if (target->t_auth_group == NULL) { 375 log_warnx("unknown auth-group \"%s\" for target " 376 "\"%s\"", $2, target->t_name); 377 return (1); 378 } 379 free($2); 380 } 381 ; 382 383target_auth_type: AUTH_TYPE STR 384 { 385 int error; 386 387 if (target->t_auth_group != NULL) { 388 if (target->t_auth_group->ag_name != NULL) { 389 log_warnx("cannot use both auth-group and " 390 "auth-type for target \"%s\"", 391 target->t_name); 392 return (1); 393 } 394 } else { 395 target->t_auth_group = auth_group_new(conf, NULL); 396 if (target->t_auth_group == NULL) { 397 free($2); 398 return (1); 399 } 400 target->t_auth_group->ag_target = target; 401 } 402 error = auth_group_set_type_str(target->t_auth_group, $2); 403 free($2); 404 if (error != 0) 405 return (1); 406 } 407 ; 408 409target_chap: CHAP STR STR 410 { 411 const struct auth *ca; 412 413 if (target->t_auth_group != NULL) { 414 if (target->t_auth_group->ag_name != NULL) { 415 log_warnx("cannot use both auth-group and " 416 "chap for target \"%s\"", 417 target->t_name); 418 free($2); 419 free($3); 420 return (1); 421 } 422 } else { 423 target->t_auth_group = auth_group_new(conf, NULL); 424 if (target->t_auth_group == NULL) { 425 free($2); 426 free($3); 427 return (1); 428 } 429 target->t_auth_group->ag_target = target; 430 } 431 ca = auth_new_chap(target->t_auth_group, $2, $3); 432 free($2); 433 free($3); 434 if (ca == NULL) 435 return (1); 436 } 437 ; 438 439target_chap_mutual: CHAP_MUTUAL STR STR STR STR 440 { 441 const struct auth *ca; 442 443 if (target->t_auth_group != NULL) { 444 if (target->t_auth_group->ag_name != NULL) { 445 log_warnx("cannot use both auth-group and " 446 "chap-mutual for target \"%s\"", 447 target->t_name); 448 free($2); 449 free($3); 450 free($4); 451 free($5); 452 return (1); 453 } 454 } else { 455 target->t_auth_group = auth_group_new(conf, NULL); 456 if (target->t_auth_group == NULL) { 457 free($2); 458 free($3); 459 free($4); 460 free($5); 461 return (1); 462 } 463 target->t_auth_group->ag_target = target; 464 } 465 ca = auth_new_chap_mutual(target->t_auth_group, 466 $2, $3, $4, $5); 467 free($2); 468 free($3); 469 free($4); 470 free($5); 471 if (ca == NULL) 472 return (1); 473 } 474 ; 475 476target_initiator_name: INITIATOR_NAME STR 477 { 478 const struct auth_name *an; 479 480 if (target->t_auth_group != NULL) { 481 if (target->t_auth_group->ag_name != NULL) { 482 log_warnx("cannot use both auth-group and " 483 "initiator-name for target \"%s\"", 484 target->t_name); 485 free($2); 486 return (1); 487 } 488 } else { 489 target->t_auth_group = auth_group_new(conf, NULL); 490 if (target->t_auth_group == NULL) { 491 free($2); 492 return (1); 493 } 494 target->t_auth_group->ag_target = target; 495 } 496 an = auth_name_new(target->t_auth_group, $2); 497 free($2); 498 if (an == NULL) 499 return (1); 500 } 501 ; 502 503target_initiator_portal: INITIATOR_PORTAL STR 504 { 505 const struct auth_portal *ap; 506 507 if (target->t_auth_group != NULL) { 508 if (target->t_auth_group->ag_name != NULL) { 509 log_warnx("cannot use both auth-group and " 510 "initiator-portal for target \"%s\"", 511 target->t_name); 512 free($2); 513 return (1); 514 } 515 } else { 516 target->t_auth_group = auth_group_new(conf, NULL); 517 if (target->t_auth_group == NULL) { 518 free($2); 519 return (1); 520 } 521 target->t_auth_group->ag_target = target; 522 } 523 ap = auth_portal_new(target->t_auth_group, $2); 524 free($2); 525 if (ap == NULL) 526 return (1); 527 } 528 ; 529 530target_portal_group: PORTAL_GROUP STR 531 { 532 if (target->t_portal_group != NULL) { 533 log_warnx("portal-group for target \"%s\" " 534 "specified more than once", target->t_name); 535 free($2); 536 return (1); 537 } 538 target->t_portal_group = portal_group_find(conf, $2); 539 if (target->t_portal_group == NULL) { 540 log_warnx("unknown portal-group \"%s\" for target " 541 "\"%s\"", $2, target->t_name); 542 free($2); 543 return (1); 544 } 545 free($2); 546 } 547 ; 548 549target_lun: LUN lun_number 550 OPENING_BRACKET lun_entries CLOSING_BRACKET 551 { 552 lun = NULL; 553 } 554 ; 555 556lun_number: NUM 557 { 558 lun = lun_new(target, $1); 559 if (lun == NULL) 560 return (1); 561 } 562 ; 563 564lun_entries: 565 | 566 lun_entries lun_entry 567 ; 568 569lun_entry: 570 lun_backend 571 | 572 lun_blocksize 573 | 574 lun_device_id 575 | 576 lun_option 577 | 578 lun_path 579 | 580 lun_serial 581 | 582 lun_size 583 ; 584 585lun_backend: BACKEND STR 586 { 587 if (lun->l_backend != NULL) { 588 log_warnx("backend for lun %d, target \"%s\" " 589 "specified more than once", 590 lun->l_lun, target->t_name); 591 free($2); 592 return (1); 593 } 594 lun_set_backend(lun, $2); 595 free($2); 596 } 597 ; 598 599lun_blocksize: BLOCKSIZE NUM 600 { 601 if (lun->l_blocksize != 0) { 602 log_warnx("blocksize for lun %d, target \"%s\" " 603 "specified more than once", 604 lun->l_lun, target->t_name); 605 return (1); 606 } 607 lun_set_blocksize(lun, $2); 608 } 609 ; 610 611lun_device_id: DEVICE_ID STR 612 { 613 if (lun->l_device_id != NULL) { 614 log_warnx("device_id for lun %d, target \"%s\" " 615 "specified more than once", 616 lun->l_lun, target->t_name); 617 free($2); 618 return (1); 619 } 620 lun_set_device_id(lun, $2); 621 free($2); 622 } 623 ; 624 625lun_option: OPTION STR STR 626 { 627 struct lun_option *clo; 628 629 clo = lun_option_new(lun, $2, $3); 630 free($2); 631 free($3); 632 if (clo == NULL) 633 return (1); 634 } 635 ; 636 637lun_path: PATH STR 638 { 639 if (lun->l_path != NULL) { 640 log_warnx("path for lun %d, target \"%s\" " 641 "specified more than once", 642 lun->l_lun, target->t_name); 643 free($2); 644 return (1); 645 } 646 lun_set_path(lun, $2); 647 free($2); 648 } 649 ; 650 651lun_serial: SERIAL STR 652 { 653 if (lun->l_serial != NULL) { 654 log_warnx("serial for lun %d, target \"%s\" " 655 "specified more than once", 656 lun->l_lun, target->t_name); 657 free($2); 658 return (1); 659 } 660 lun_set_serial(lun, $2); 661 free($2); 662 } 663 ; 664 665lun_size: SIZE NUM 666 { 667 if (lun->l_size != 0) { 668 log_warnx("size for lun %d, target \"%s\" " 669 "specified more than once", 670 lun->l_lun, target->t_name); 671 return (1); 672 } 673 lun_set_size(lun, $2); 674 } 675 ; 676%% 677 678void 679yyerror(const char *str) 680{ 681 682 log_warnx("error in configuration file at line %d near '%s': %s", 683 lineno, yytext, str); 684} 685 686static void 687check_perms(const char *path) 688{ 689 struct stat sb; 690 int error; 691 692 error = stat(path, &sb); 693 if (error != 0) { 694 log_warn("stat"); 695 return; 696 } 697 if (sb.st_mode & S_IWOTH) { 698 log_warnx("%s is world-writable", path); 699 } else if (sb.st_mode & S_IROTH) { 700 log_warnx("%s is world-readable", path); 701 } else if (sb.st_mode & S_IXOTH) { 702 /* 703 * Ok, this one doesn't matter, but still do it, 704 * just for consistency. 705 */ 706 log_warnx("%s is world-executable", path); 707 } 708 709 /* 710 * XXX: Should we also check for owner != 0? 711 */ 712} 713 714struct conf * 715conf_new_from_file(const char *path) 716{ 717 struct auth_group *ag; 718 struct portal_group *pg; 719 int error; 720 721 log_debugx("obtaining configuration from %s", path); 722 723 conf = conf_new(); 724
|