3 * Copyright (c) 2012 The FreeBSD Foundation
6 * This software was developed by Edward Tomasz Napierala under sponsorship
7 * from the FreeBSD Foundation.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 #include <sys/queue.h>
34 #include <sys/types.h>
48 static struct conf *conf = NULL;
49 static struct auth_group *auth_group = NULL;
50 static struct portal_group *portal_group = NULL;
51 static struct target *target = NULL;
52 static struct lun *lun = NULL;
54 extern void yyerror(const char *);
55 extern int yylex(void);
56 extern void yyrestart(FILE *);
60 %token ALIAS AUTH_GROUP AUTH_TYPE BACKEND BLOCKSIZE CHAP CHAP_MUTUAL
61 %token CLOSING_BRACKET DEBUG DEVICE_ID DISCOVERY_AUTH_GROUP INITIATOR_NAME
62 %token INITIATOR_PORTAL LISTEN LISTEN_ISER LUN MAXPROC NUM OPENING_BRACKET
63 %token OPTION PATH PIDFILE PORTAL_GROUP SERIAL SIZE STR TARGET TIMEOUT
99 conf->conf_debug = $2;
105 conf->conf_timeout = $2;
111 conf->conf_maxproc = $2;
117 if (conf->conf_pidfile_path != NULL) {
118 log_warnx("pidfile specified more than once");
122 conf->conf_pidfile_path = $2;
126 auth_group: AUTH_GROUP auth_group_name
127 OPENING_BRACKET auth_group_entries CLOSING_BRACKET
136 * Make it possible to redefine default
137 * auth-group. but only once.
139 if (strcmp($1, "default") == 0 &&
140 conf->conf_default_ag_defined == false) {
141 auth_group = auth_group_find(conf, $1);
142 conf->conf_default_ag_defined = true;
144 auth_group = auth_group_new(conf, $1);
147 if (auth_group == NULL)
154 auth_group_entries auth_group_entry
162 auth_group_chap_mutual
164 auth_group_initiator_name
166 auth_group_initiator_portal
169 auth_group_auth_type: AUTH_TYPE STR
173 error = auth_group_set_type_str(auth_group, $2);
180 auth_group_chap: CHAP STR STR
182 const struct auth *ca;
184 ca = auth_new_chap(auth_group, $2, $3);
192 auth_group_chap_mutual: CHAP_MUTUAL STR STR STR STR
194 const struct auth *ca;
196 ca = auth_new_chap_mutual(auth_group, $2, $3, $4, $5);
206 auth_group_initiator_name: INITIATOR_NAME STR
208 const struct auth_name *an;
210 an = auth_name_new(auth_group, $2);
217 auth_group_initiator_portal: INITIATOR_PORTAL STR
219 const struct auth_portal *ap;
221 ap = auth_portal_new(auth_group, $2);
228 portal_group: PORTAL_GROUP portal_group_name
229 OPENING_BRACKET portal_group_entries CLOSING_BRACKET
235 portal_group_name: STR
238 * Make it possible to redefine default
239 * portal-group. but only once.
241 if (strcmp($1, "default") == 0 &&
242 conf->conf_default_pg_defined == false) {
243 portal_group = portal_group_find(conf, $1);
244 conf->conf_default_pg_defined = true;
246 portal_group = portal_group_new(conf, $1);
249 if (portal_group == NULL)
254 portal_group_entries:
256 portal_group_entries portal_group_entry
260 portal_group_discovery_auth_group
264 portal_group_listen_iser
267 portal_group_discovery_auth_group: DISCOVERY_AUTH_GROUP STR
269 if (portal_group->pg_discovery_auth_group != NULL) {
270 log_warnx("discovery-auth-group for portal-group "
271 "\"%s\" specified more than once",
272 portal_group->pg_name);
275 portal_group->pg_discovery_auth_group =
276 auth_group_find(conf, $2);
277 if (portal_group->pg_discovery_auth_group == NULL) {
278 log_warnx("unknown discovery-auth-group \"%s\" "
279 "for portal-group \"%s\"",
280 $2, portal_group->pg_name);
287 portal_group_listen: LISTEN STR
291 error = portal_group_add_listen(portal_group, $2, false);
298 portal_group_listen_iser: LISTEN_ISER STR
302 error = portal_group_add_listen(portal_group, $2, true);
309 target: TARGET target_name
310 OPENING_BRACKET target_entries CLOSING_BRACKET
318 target = target_new(conf, $1);
327 target_entries target_entry
341 target_initiator_name
343 target_initiator_portal
350 target_alias: ALIAS STR
352 if (target->t_alias != NULL) {
353 log_warnx("alias for target \"%s\" "
354 "specified more than once", target->t_name);
357 target->t_alias = $2;
361 target_auth_group: AUTH_GROUP STR
363 if (target->t_auth_group != NULL) {
364 if (target->t_auth_group->ag_name != NULL)
365 log_warnx("auth-group for target \"%s\" "
366 "specified more than once", target->t_name);
368 log_warnx("cannot use both auth-group and explicit "
369 "authorisations for target \"%s\"",
373 target->t_auth_group = auth_group_find(conf, $2);
374 if (target->t_auth_group == NULL) {
375 log_warnx("unknown auth-group \"%s\" for target "
376 "\"%s\"", $2, target->t_name);
383 target_auth_type: AUTH_TYPE STR
387 if (target->t_auth_group != NULL) {
388 if (target->t_auth_group->ag_name != NULL) {
389 log_warnx("cannot use both auth-group and "
390 "auth-type for target \"%s\"",
395 target->t_auth_group = auth_group_new(conf, NULL);
396 if (target->t_auth_group == NULL) {
400 target->t_auth_group->ag_target = target;
402 error = auth_group_set_type_str(target->t_auth_group, $2);
409 target_chap: CHAP STR STR
411 const struct auth *ca;
413 if (target->t_auth_group != NULL) {
414 if (target->t_auth_group->ag_name != NULL) {
415 log_warnx("cannot use both auth-group and "
416 "chap for target \"%s\"",
423 target->t_auth_group = auth_group_new(conf, NULL);
424 if (target->t_auth_group == NULL) {
429 target->t_auth_group->ag_target = target;
431 ca = auth_new_chap(target->t_auth_group, $2, $3);
439 target_chap_mutual: CHAP_MUTUAL STR STR STR STR
441 const struct auth *ca;
443 if (target->t_auth_group != NULL) {
444 if (target->t_auth_group->ag_name != NULL) {
445 log_warnx("cannot use both auth-group and "
446 "chap-mutual for target \"%s\"",
455 target->t_auth_group = auth_group_new(conf, NULL);
456 if (target->t_auth_group == NULL) {
463 target->t_auth_group->ag_target = target;
465 ca = auth_new_chap_mutual(target->t_auth_group,
476 target_initiator_name: INITIATOR_NAME STR
478 const struct auth_name *an;
480 if (target->t_auth_group != NULL) {
481 if (target->t_auth_group->ag_name != NULL) {
482 log_warnx("cannot use both auth-group and "
483 "initiator-name for target \"%s\"",
489 target->t_auth_group = auth_group_new(conf, NULL);
490 if (target->t_auth_group == NULL) {
494 target->t_auth_group->ag_target = target;
496 an = auth_name_new(target->t_auth_group, $2);
503 target_initiator_portal: INITIATOR_PORTAL STR
505 const struct auth_portal *ap;
507 if (target->t_auth_group != NULL) {
508 if (target->t_auth_group->ag_name != NULL) {
509 log_warnx("cannot use both auth-group and "
510 "initiator-portal for target \"%s\"",
516 target->t_auth_group = auth_group_new(conf, NULL);
517 if (target->t_auth_group == NULL) {
521 target->t_auth_group->ag_target = target;
523 ap = auth_portal_new(target->t_auth_group, $2);
530 target_portal_group: PORTAL_GROUP STR
532 if (target->t_portal_group != NULL) {
533 log_warnx("portal-group for target \"%s\" "
534 "specified more than once", target->t_name);
538 target->t_portal_group = portal_group_find(conf, $2);
539 if (target->t_portal_group == NULL) {
540 log_warnx("unknown portal-group \"%s\" for target "
541 "\"%s\"", $2, target->t_name);
549 target_lun: LUN lun_number
550 OPENING_BRACKET lun_entries CLOSING_BRACKET
558 lun = lun_new(target, $1);
566 lun_entries lun_entry
585 lun_backend: BACKEND STR
587 if (lun->l_backend != NULL) {
588 log_warnx("backend for lun %d, target \"%s\" "
589 "specified more than once",
590 lun->l_lun, target->t_name);
594 lun_set_backend(lun, $2);
599 lun_blocksize: BLOCKSIZE NUM
601 if (lun->l_blocksize != 0) {
602 log_warnx("blocksize for lun %d, target \"%s\" "
603 "specified more than once",
604 lun->l_lun, target->t_name);
607 lun_set_blocksize(lun, $2);
611 lun_device_id: DEVICE_ID STR
613 if (lun->l_device_id != NULL) {
614 log_warnx("device_id for lun %d, target \"%s\" "
615 "specified more than once",
616 lun->l_lun, target->t_name);
620 lun_set_device_id(lun, $2);
625 lun_option: OPTION STR STR
627 struct lun_option *clo;
629 clo = lun_option_new(lun, $2, $3);
639 if (lun->l_path != NULL) {
640 log_warnx("path for lun %d, target \"%s\" "
641 "specified more than once",
642 lun->l_lun, target->t_name);
646 lun_set_path(lun, $2);
651 lun_serial: SERIAL STR
653 if (lun->l_serial != NULL) {
654 log_warnx("serial for lun %d, target \"%s\" "
655 "specified more than once",
656 lun->l_lun, target->t_name);
660 lun_set_serial(lun, $2);
667 if (lun->l_size != 0) {
668 log_warnx("size for lun %d, target \"%s\" "
669 "specified more than once",
670 lun->l_lun, target->t_name);
673 lun_set_size(lun, $2);
679 yyerror(const char *str)
682 log_warnx("error in configuration file at line %d near '%s': %s",
683 lineno, yytext, str);
687 check_perms(const char *path)
692 error = stat(path, &sb);
697 if (sb.st_mode & S_IWOTH) {
698 log_warnx("%s is world-writable", path);
699 } else if (sb.st_mode & S_IROTH) {
700 log_warnx("%s is world-readable", path);
701 } else if (sb.st_mode & S_IXOTH) {
703 * Ok, this one doesn't matter, but still do it,
704 * just for consistency.
706 log_warnx("%s is world-executable", path);
710 * XXX: Should we also check for owner != 0?
715 conf_new_from_file(const char *path)
717 struct auth_group *ag;
718 struct portal_group *pg;
721 log_debugx("obtaining configuration from %s", path);
725 ag = auth_group_new(conf, "default");
728 ag = auth_group_new(conf, "no-authentication");
730 ag->ag_type = AG_TYPE_NO_AUTHENTICATION;
732 ag = auth_group_new(conf, "no-access");
734 ag->ag_type = AG_TYPE_DENY;
736 pg = portal_group_new(conf, "default");
739 yyin = fopen(path, "r");
741 log_warn("unable to open configuration file %s", path);
759 if (conf->conf_default_ag_defined == false) {
760 log_debugx("auth-group \"default\" not defined; "
761 "going with defaults");
762 ag = auth_group_find(conf, "default");
764 ag->ag_type = AG_TYPE_DENY;
767 if (conf->conf_default_pg_defined == false) {
768 log_debugx("portal-group \"default\" not defined; "
769 "going with defaults");
770 pg = portal_group_find(conf, "default");
772 portal_group_add_listen(pg, "0.0.0.0:3260", false);
773 portal_group_add_listen(pg, "[::]:3260", false);
776 error = conf_verify(conf);