1/*-
2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
3 *
4 * Copyright (c) 2012 The FreeBSD Foundation
5 * All rights reserved.
6 *
7 * This software was developed by Edward Tomasz Napierala under sponsorship
8 * from the FreeBSD Foundation.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 *    notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 *    notice, this list of conditions and the following disclaimer in the
17 *    documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 *
31 */
32
33#include <sys/cdefs.h>
34__FBSDID("$FreeBSD: stable/11/usr.sbin/ctld/discovery.c 330449 2018-03-05 07:26:05Z eadler $");
35
36#include <assert.h>
37#include <stdio.h>
38#include <stdlib.h>
39#include <string.h>
40#include <netinet/in.h>
41#include <netdb.h>
42#include <sys/socket.h>
43
44#include "ctld.h"
45#include "iscsi_proto.h"
46
47static struct pdu *
48text_receive(struct connection *conn)
49{
50	struct pdu *request;
51	struct iscsi_bhs_text_request *bhstr;
52
53	request = pdu_new(conn);
54	pdu_receive(request);
55	if ((request->pdu_bhs->bhs_opcode & ~ISCSI_BHS_OPCODE_IMMEDIATE) !=
56	    ISCSI_BHS_OPCODE_TEXT_REQUEST)
57		log_errx(1, "protocol error: received invalid opcode 0x%x",
58		    request->pdu_bhs->bhs_opcode);
59	bhstr = (struct iscsi_bhs_text_request *)request->pdu_bhs;
60#if 0
61	if ((bhstr->bhstr_flags & ISCSI_BHSTR_FLAGS_FINAL) == 0)
62		log_errx(1, "received Text PDU without the \"F\" flag");
63#endif
64	/*
65	 * XXX: Implement the C flag some day.
66	 */
67	if ((bhstr->bhstr_flags & BHSTR_FLAGS_CONTINUE) != 0)
68		log_errx(1, "received Text PDU with unsupported \"C\" flag");
69	if (ISCSI_SNLT(ntohl(bhstr->bhstr_cmdsn), conn->conn_cmdsn)) {
70		log_errx(1, "received Text PDU with decreasing CmdSN: "
71		    "was %u, is %u", conn->conn_cmdsn, ntohl(bhstr->bhstr_cmdsn));
72	}
73	if (ntohl(bhstr->bhstr_expstatsn) != conn->conn_statsn) {
74		log_errx(1, "received Text PDU with wrong ExpStatSN: "
75		    "is %u, should be %u", ntohl(bhstr->bhstr_expstatsn),
76		    conn->conn_statsn);
77	}
78	conn->conn_cmdsn = ntohl(bhstr->bhstr_cmdsn);
79	if ((bhstr->bhstr_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0)
80		conn->conn_cmdsn++;
81
82	return (request);
83}
84
85static struct pdu *
86text_new_response(struct pdu *request)
87{
88	struct pdu *response;
89	struct connection *conn;
90	struct iscsi_bhs_text_request *bhstr;
91	struct iscsi_bhs_text_response *bhstr2;
92
93	bhstr = (struct iscsi_bhs_text_request *)request->pdu_bhs;
94	conn = request->pdu_connection;
95
96	response = pdu_new_response(request);
97	bhstr2 = (struct iscsi_bhs_text_response *)response->pdu_bhs;
98	bhstr2->bhstr_opcode = ISCSI_BHS_OPCODE_TEXT_RESPONSE;
99	bhstr2->bhstr_flags = BHSTR_FLAGS_FINAL;
100	bhstr2->bhstr_lun = bhstr->bhstr_lun;
101	bhstr2->bhstr_initiator_task_tag = bhstr->bhstr_initiator_task_tag;
102	bhstr2->bhstr_target_transfer_tag = bhstr->bhstr_target_transfer_tag;
103	bhstr2->bhstr_statsn = htonl(conn->conn_statsn++);
104	bhstr2->bhstr_expcmdsn = htonl(conn->conn_cmdsn);
105	bhstr2->bhstr_maxcmdsn = htonl(conn->conn_cmdsn);
106
107	return (response);
108}
109
110static struct pdu *
111logout_receive(struct connection *conn)
112{
113	struct pdu *request;
114	struct iscsi_bhs_logout_request *bhslr;
115
116	request = pdu_new(conn);
117	pdu_receive(request);
118	if ((request->pdu_bhs->bhs_opcode & ~ISCSI_BHS_OPCODE_IMMEDIATE) !=
119	    ISCSI_BHS_OPCODE_LOGOUT_REQUEST)
120		log_errx(1, "protocol error: received invalid opcode 0x%x",
121		    request->pdu_bhs->bhs_opcode);
122	bhslr = (struct iscsi_bhs_logout_request *)request->pdu_bhs;
123	if ((bhslr->bhslr_reason & 0x7f) != BHSLR_REASON_CLOSE_SESSION)
124		log_debugx("received Logout PDU with invalid reason 0x%x; "
125		    "continuing anyway", bhslr->bhslr_reason & 0x7f);
126	if (ISCSI_SNLT(ntohl(bhslr->bhslr_cmdsn), conn->conn_cmdsn)) {
127		log_errx(1, "received Logout PDU with decreasing CmdSN: "
128		    "was %u, is %u", conn->conn_cmdsn,
129		    ntohl(bhslr->bhslr_cmdsn));
130	}
131	if (ntohl(bhslr->bhslr_expstatsn) != conn->conn_statsn) {
132		log_errx(1, "received Logout PDU with wrong ExpStatSN: "
133		    "is %u, should be %u", ntohl(bhslr->bhslr_expstatsn),
134		    conn->conn_statsn);
135	}
136	conn->conn_cmdsn = ntohl(bhslr->bhslr_cmdsn);
137	if ((bhslr->bhslr_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0)
138		conn->conn_cmdsn++;
139
140	return (request);
141}
142
143static struct pdu *
144logout_new_response(struct pdu *request)
145{
146	struct pdu *response;
147	struct connection *conn;
148	struct iscsi_bhs_logout_request *bhslr;
149	struct iscsi_bhs_logout_response *bhslr2;
150
151	bhslr = (struct iscsi_bhs_logout_request *)request->pdu_bhs;
152	conn = request->pdu_connection;
153
154	response = pdu_new_response(request);
155	bhslr2 = (struct iscsi_bhs_logout_response *)response->pdu_bhs;
156	bhslr2->bhslr_opcode = ISCSI_BHS_OPCODE_LOGOUT_RESPONSE;
157	bhslr2->bhslr_flags = 0x80;
158	bhslr2->bhslr_response = BHSLR_RESPONSE_CLOSED_SUCCESSFULLY;
159	bhslr2->bhslr_initiator_task_tag = bhslr->bhslr_initiator_task_tag;
160	bhslr2->bhslr_statsn = htonl(conn->conn_statsn++);
161	bhslr2->bhslr_expcmdsn = htonl(conn->conn_cmdsn);
162	bhslr2->bhslr_maxcmdsn = htonl(conn->conn_cmdsn);
163
164	return (response);
165}
166
167static void
168discovery_add_target(struct keys *response_keys, const struct target *targ)
169{
170	struct port *port;
171	struct portal *portal;
172	char *buf;
173	char hbuf[NI_MAXHOST], sbuf[NI_MAXSERV];
174	struct addrinfo *ai;
175	int ret;
176
177	keys_add(response_keys, "TargetName", targ->t_name);
178	TAILQ_FOREACH(port, &targ->t_ports, p_ts) {
179	    if (port->p_portal_group == NULL)
180		continue;
181	    TAILQ_FOREACH(portal, &port->p_portal_group->pg_portals, p_next) {
182		ai = portal->p_ai;
183		ret = getnameinfo(ai->ai_addr, ai->ai_addrlen,
184		    hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
185		    NI_NUMERICHOST | NI_NUMERICSERV);
186		if (ret != 0) {
187			log_warnx("getnameinfo: %s", gai_strerror(ret));
188			continue;
189		}
190		switch (ai->ai_addr->sa_family) {
191		case AF_INET:
192			if (strcmp(hbuf, "0.0.0.0") == 0)
193				continue;
194			ret = asprintf(&buf, "%s:%s,%d", hbuf, sbuf,
195			    port->p_portal_group->pg_tag);
196			break;
197		case AF_INET6:
198			if (strcmp(hbuf, "::") == 0)
199				continue;
200			ret = asprintf(&buf, "[%s]:%s,%d", hbuf, sbuf,
201			    port->p_portal_group->pg_tag);
202			break;
203		default:
204			continue;
205		}
206		if (ret <= 0)
207		    log_err(1, "asprintf");
208		keys_add(response_keys, "TargetAddress", buf);
209		free(buf);
210	    }
211	}
212}
213
214static bool
215discovery_target_filtered_out(const struct connection *conn,
216    const struct port *port)
217{
218	const struct auth_group *ag;
219	const struct portal_group *pg;
220	const struct target *targ;
221	const struct auth *auth;
222	int error;
223
224	targ = port->p_target;
225	ag = port->p_auth_group;
226	if (ag == NULL)
227		ag = targ->t_auth_group;
228	pg = conn->conn_portal->p_portal_group;
229
230	assert(pg->pg_discovery_auth_group != PG_FILTER_UNKNOWN);
231
232	if (pg->pg_discovery_filter >= PG_FILTER_PORTAL &&
233	    auth_portal_check(ag, &conn->conn_initiator_sa) != 0) {
234		log_debugx("initiator does not match initiator portals "
235		    "allowed for target \"%s\"; skipping", targ->t_name);
236		return (true);
237	}
238
239	if (pg->pg_discovery_filter >= PG_FILTER_PORTAL_NAME &&
240	    auth_name_check(ag, conn->conn_initiator_name) != 0) {
241		log_debugx("initiator does not match initiator names "
242		    "allowed for target \"%s\"; skipping", targ->t_name);
243		return (true);
244	}
245
246	if (pg->pg_discovery_filter >= PG_FILTER_PORTAL_NAME_AUTH &&
247	    ag->ag_type != AG_TYPE_NO_AUTHENTICATION) {
248		if (conn->conn_chap == NULL) {
249			assert(pg->pg_discovery_auth_group->ag_type ==
250			    AG_TYPE_NO_AUTHENTICATION);
251
252			log_debugx("initiator didn't authenticate, but target "
253			    "\"%s\" requires CHAP; skipping", targ->t_name);
254			return (true);
255		}
256
257		assert(conn->conn_user != NULL);
258		auth = auth_find(ag, conn->conn_user);
259		if (auth == NULL) {
260			log_debugx("CHAP user \"%s\" doesn't match target "
261			    "\"%s\"; skipping", conn->conn_user, targ->t_name);
262			return (true);
263		}
264
265		error = chap_authenticate(conn->conn_chap, auth->a_secret);
266		if (error != 0) {
267			log_debugx("password for CHAP user \"%s\" doesn't "
268			    "match target \"%s\"; skipping",
269			    conn->conn_user, targ->t_name);
270			return (true);
271		}
272	}
273
274	return (false);
275}
276
277void
278discovery(struct connection *conn)
279{
280	struct pdu *request, *response;
281	struct keys *request_keys, *response_keys;
282	const struct port *port;
283	const struct portal_group *pg;
284	const char *send_targets;
285
286	pg = conn->conn_portal->p_portal_group;
287
288	log_debugx("beginning discovery session; waiting for Text PDU");
289	request = text_receive(conn);
290	request_keys = keys_new();
291	keys_load(request_keys, request);
292
293	send_targets = keys_find(request_keys, "SendTargets");
294	if (send_targets == NULL)
295		log_errx(1, "received Text PDU without SendTargets");
296
297	response = text_new_response(request);
298	response_keys = keys_new();
299
300	if (strcmp(send_targets, "All") == 0) {
301		TAILQ_FOREACH(port, &pg->pg_ports, p_pgs) {
302			if (discovery_target_filtered_out(conn, port)) {
303				/* Ignore this target. */
304				continue;
305			}
306			discovery_add_target(response_keys, port->p_target);
307		}
308	} else {
309		port = port_find_in_pg(pg, send_targets);
310		if (port == NULL) {
311			log_debugx("initiator requested information on unknown "
312			    "target \"%s\"; returning nothing", send_targets);
313		} else {
314			if (discovery_target_filtered_out(conn, port)) {
315				/* Ignore this target. */
316			} else {
317				discovery_add_target(response_keys, port->p_target);
318			}
319		}
320	}
321	keys_save(response_keys, response);
322
323	pdu_send(response);
324	pdu_delete(response);
325	keys_delete(response_keys);
326	pdu_delete(request);
327	keys_delete(request_keys);
328
329	log_debugx("done sending targets; waiting for Logout PDU");
330	request = logout_receive(conn);
331	response = logout_new_response(request);
332
333	pdu_send(response);
334	pdu_delete(response);
335	pdu_delete(request);
336
337	log_debugx("discovery session done");
338}
339