2 * Copyright (c) 2015 iXsystems Inc.
5 * This software was developed by Jakub Klama <jceel@FreeBSD.org>
6 * under sponsorship from iXsystems Inc.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 #include <sys/queue.h>
33 #include <sys/types.h>
43 static struct conf *conf = NULL;
45 static int uclparse_toplevel(const ucl_object_t *);
46 static int uclparse_chap(struct auth_group *, const ucl_object_t *);
47 static int uclparse_chap_mutual(struct auth_group *, const ucl_object_t *);
48 static int uclparse_lun(const char *, const ucl_object_t *);
49 static int uclparse_auth_group(const char *, const ucl_object_t *);
50 static int uclparse_portal_group(const char *, const ucl_object_t *);
51 static int uclparse_target(const char *, const ucl_object_t *);
52 static int uclparse_target_portal_group(struct target *, const ucl_object_t *);
53 static int uclparse_target_lun(struct target *, const ucl_object_t *);
56 uclparse_chap(struct auth_group *auth_group, const ucl_object_t *obj)
58 const struct auth *ca;
59 const ucl_object_t *user, *secret;
61 user = ucl_object_find_key(obj, "user");
62 if (!user || user->type != UCL_STRING) {
63 log_warnx("chap section in auth-group \"%s\" is missing "
64 "\"user\" string key", auth_group->ag_name);
68 secret = ucl_object_find_key(obj, "secret");
69 if (!secret || secret->type != UCL_STRING) {
70 log_warnx("chap section in auth-group \"%s\" is missing "
71 "\"secret\" string key", auth_group->ag_name);
74 ca = auth_new_chap(auth_group,
75 ucl_object_tostring(user),
76 ucl_object_tostring(secret));
85 uclparse_chap_mutual(struct auth_group *auth_group, const ucl_object_t *obj)
87 const struct auth *ca;
88 const ucl_object_t *user, *secret, *mutual_user;
89 const ucl_object_t *mutual_secret;
91 user = ucl_object_find_key(obj, "user");
92 if (!user || user->type != UCL_STRING) {
93 log_warnx("chap-mutual section in auth-group \"%s\" is missing "
94 "\"user\" string key", auth_group->ag_name);
98 secret = ucl_object_find_key(obj, "secret");
99 if (!secret || secret->type != UCL_STRING) {
100 log_warnx("chap-mutual section in auth-group \"%s\" is missing "
101 "\"secret\" string key", auth_group->ag_name);
105 mutual_user = ucl_object_find_key(obj, "mutual-user");
106 if (!user || user->type != UCL_STRING) {
107 log_warnx("chap-mutual section in auth-group \"%s\" is missing "
108 "\"mutual-user\" string key", auth_group->ag_name);
112 mutual_secret = ucl_object_find_key(obj, "mutual-secret");
113 if (!secret || secret->type != UCL_STRING) {
114 log_warnx("chap-mutual section in auth-group \"%s\" is missing "
115 "\"mutual-secret\" string key", auth_group->ag_name);
119 ca = auth_new_chap_mutual(auth_group,
120 ucl_object_tostring(user),
121 ucl_object_tostring(secret),
122 ucl_object_tostring(mutual_user),
123 ucl_object_tostring(mutual_secret));
132 uclparse_target_portal_group(struct target *target, const ucl_object_t *obj)
134 struct portal_group *tpg;
135 struct auth_group *tag = NULL;
137 const ucl_object_t *portal_group, *auth_group;
139 portal_group = ucl_object_find_key(obj, "name");
140 if (!portal_group || portal_group->type != UCL_STRING) {
141 log_warnx("portal-group section in target \"%s\" is missing "
142 "\"name\" string key", target->t_name);
146 auth_group = ucl_object_find_key(obj, "auth-group-name");
147 if (auth_group && auth_group->type != UCL_STRING) {
148 log_warnx("portal-group section in target \"%s\" is missing "
149 "\"auth-group-name\" string key", target->t_name);
154 tpg = portal_group_find(conf, ucl_object_tostring(portal_group));
156 log_warnx("unknown portal-group \"%s\" for target "
157 "\"%s\"", ucl_object_tostring(portal_group), target->t_name);
162 tag = auth_group_find(conf, ucl_object_tostring(auth_group));
164 log_warnx("unknown auth-group \"%s\" for target "
165 "\"%s\"", ucl_object_tostring(auth_group),
171 tp = port_new(conf, target, tpg);
173 log_warnx("can't link portal-group \"%s\" to target "
174 "\"%s\"", ucl_object_tostring(portal_group), target->t_name);
177 tp->p_auth_group = tag;
183 uclparse_target_lun(struct target *target, const ucl_object_t *obj)
187 if (obj->type == UCL_INT) {
190 asprintf(&name, "%s,lun,%ju", target->t_name,
191 ucl_object_toint(obj));
192 lun = lun_new(conf, name);
196 lun_set_scsiname(lun, name);
197 target->t_luns[ucl_object_toint(obj)] = lun;
201 if (obj->type == UCL_OBJECT) {
202 const ucl_object_t *num = ucl_object_find_key(obj, "number");
203 const ucl_object_t *name = ucl_object_find_key(obj, "name");
205 if (num == NULL || num->type != UCL_INT) {
206 log_warnx("lun section in target \"%s\" is missing "
207 "\"number\" integer property", target->t_name);
211 if (name == NULL || name->type != UCL_STRING) {
212 log_warnx("lun section in target \"%s\" is missing "
213 "\"name\" string property", target->t_name);
217 lun = lun_find(conf, ucl_object_tostring(name));
221 target->t_luns[ucl_object_toint(num)] = lun;
228 uclparse_toplevel(const ucl_object_t *top)
230 ucl_object_iter_t it = NULL, iter = NULL;
231 const ucl_object_t *obj = NULL, *child = NULL;
234 /* Pass 1 - everything except targets */
235 while ((obj = ucl_iterate_object(top, &it, true))) {
236 const char *key = ucl_object_key(obj);
238 if (!strcmp(key, "debug")) {
239 if (obj->type == UCL_INT)
240 conf->conf_debug = ucl_object_toint(obj);
242 log_warnx("\"debug\" property value is not integer");
247 if (!strcmp(key, "timeout")) {
248 if (obj->type == UCL_INT)
249 conf->conf_timeout = ucl_object_toint(obj);
251 log_warnx("\"timeout\" property value is not integer");
256 if (!strcmp(key, "maxproc")) {
257 if (obj->type == UCL_INT)
258 conf->conf_maxproc = ucl_object_toint(obj);
260 log_warnx("\"maxproc\" property value is not integer");
265 if (!strcmp(key, "pidfile")) {
266 if (obj->type == UCL_STRING)
267 conf->conf_pidfile_path = strdup(
268 ucl_object_tostring(obj));
270 log_warnx("\"pidfile\" property value is not string");
275 if (!strcmp(key, "isns-server")) {
276 if (obj->type == UCL_ARRAY) {
278 while ((child = ucl_iterate_object(obj, &iter,
280 if (child->type != UCL_STRING)
284 ucl_object_tostring(child));
290 log_warnx("\"isns-server\" property value is "
296 if (!strcmp(key, "isns-period")) {
297 if (obj->type == UCL_INT)
298 conf->conf_timeout = ucl_object_toint(obj);
300 log_warnx("\"isns-period\" property value is not integer");
305 if (!strcmp(key, "isns-timeout")) {
306 if (obj->type == UCL_INT)
307 conf->conf_timeout = ucl_object_toint(obj);
309 log_warnx("\"isns-timeout\" property value is not integer");
314 if (!strcmp(key, "auth-group")) {
315 if (obj->type == UCL_OBJECT) {
317 while ((child = ucl_iterate_object(obj, &iter, true))) {
318 uclparse_auth_group(ucl_object_key(child), child);
321 log_warnx("\"auth-group\" section is not an object");
326 if (!strcmp(key, "portal-group")) {
327 if (obj->type == UCL_OBJECT) {
329 while ((child = ucl_iterate_object(obj, &iter, true))) {
330 uclparse_portal_group(ucl_object_key(child), child);
333 log_warnx("\"portal-group\" section is not an object");
338 if (!strcmp(key, "lun")) {
339 if (obj->type == UCL_OBJECT) {
341 while ((child = ucl_iterate_object(obj, &iter, true))) {
342 uclparse_lun(ucl_object_key(child), child);
345 log_warnx("\"lun\" section is not an object");
351 /* Pass 2 - targets */
353 while ((obj = ucl_iterate_object(top, &it, true))) {
354 const char *key = ucl_object_key(obj);
356 if (!strcmp(key, "target")) {
357 if (obj->type == UCL_OBJECT) {
359 while ((child = ucl_iterate_object(obj, &iter,
361 uclparse_target(ucl_object_key(child),
365 log_warnx("\"target\" section is not an object");
375 uclparse_auth_group(const char *name, const ucl_object_t *top)
377 struct auth_group *auth_group;
378 const struct auth_name *an;
379 const struct auth_portal *ap;
380 ucl_object_iter_t it = NULL, it2 = NULL;
381 const ucl_object_t *obj = NULL, *tmp = NULL;
385 if (!strcmp(name, "default") &&
386 conf->conf_default_ag_defined == false) {
387 auth_group = auth_group_find(conf, name);
388 conf->conf_default_ag_defined = true;
390 auth_group = auth_group_new(conf, name);
393 if (auth_group == NULL)
396 while ((obj = ucl_iterate_object(top, &it, true))) {
397 key = ucl_object_key(obj);
399 if (!strcmp(key, "auth-type")) {
400 const char *value = ucl_object_tostring(obj);
402 err = auth_group_set_type(auth_group, value);
407 if (!strcmp(key, "chap")) {
408 if (obj->type != UCL_ARRAY) {
409 log_warnx("\"chap\" property of "
410 "auth-group \"%s\" is not an array",
416 while ((tmp = ucl_iterate_object(obj, &it2, true))) {
417 if (uclparse_chap(auth_group, tmp) != 0)
422 if (!strcmp(key, "chap-mutual")) {
423 if (obj->type != UCL_ARRAY) {
424 log_warnx("\"chap-mutual\" property of "
425 "auth-group \"%s\" is not an array",
431 while ((tmp = ucl_iterate_object(obj, &it2, true))) {
432 if (uclparse_chap_mutual(auth_group, tmp) != 0)
437 if (!strcmp(key, "initiator-name")) {
438 if (obj->type != UCL_ARRAY) {
439 log_warnx("\"initiator-name\" property of "
440 "auth-group \"%s\" is not an array",
446 while ((tmp = ucl_iterate_object(obj, &it2, true))) {
447 const char *value = ucl_object_tostring(tmp);
449 an = auth_name_new(auth_group, value);
455 if (!strcmp(key, "initiator-portal")) {
456 if (obj->type != UCL_ARRAY) {
457 log_warnx("\"initiator-portal\" property of "
458 "auth-group \"%s\" is not an array",
464 while ((tmp = ucl_iterate_object(obj, &it2, true))) {
465 const char *value = ucl_object_tostring(tmp);
467 ap = auth_portal_new(auth_group, value);
478 uclparse_portal_group(const char *name, const ucl_object_t *top)
480 struct portal_group *portal_group;
481 ucl_object_iter_t it = NULL, it2 = NULL;
482 const ucl_object_t *obj = NULL, *tmp = NULL;
485 if (strcmp(name, "default") == 0 &&
486 conf->conf_default_pg_defined == false) {
487 portal_group = portal_group_find(conf, name);
488 conf->conf_default_pg_defined = true;
490 portal_group = portal_group_new(conf, name);
493 if (portal_group == NULL)
496 while ((obj = ucl_iterate_object(top, &it, true))) {
497 key = ucl_object_key(obj);
499 if (!strcmp(key, "discovery-auth-group")) {
500 portal_group->pg_discovery_auth_group =
501 auth_group_find(conf, ucl_object_tostring(obj));
502 if (portal_group->pg_discovery_auth_group == NULL) {
503 log_warnx("unknown discovery-auth-group \"%s\" "
504 "for portal-group \"%s\"",
505 ucl_object_tostring(obj),
506 portal_group->pg_name);
511 if (!strcmp(key, "discovery-filter")) {
512 if (obj->type != UCL_STRING) {
513 log_warnx("\"discovery-filter\" property of "
514 "portal-group \"%s\" is not a string",
515 portal_group->pg_name);
519 if (portal_group_set_filter(portal_group,
520 ucl_object_tostring(obj)) != 0)
524 if (!strcmp(key, "listen")) {
525 if (obj->type == UCL_STRING) {
526 if (portal_group_add_listen(portal_group,
527 ucl_object_tostring(obj), false) != 0)
529 } else if (obj->type == UCL_ARRAY) {
530 while ((tmp = ucl_iterate_object(obj, &it2,
532 if (portal_group_add_listen(
534 ucl_object_tostring(tmp),
539 log_warnx("\"listen\" property of "
540 "portal-group \"%s\" is not a string",
541 portal_group->pg_name);
546 if (!strcmp(key, "listen-iser")) {
547 if (obj->type == UCL_STRING) {
548 if (portal_group_add_listen(portal_group,
549 ucl_object_tostring(obj), true) != 0)
551 } else if (obj->type == UCL_ARRAY) {
552 while ((tmp = ucl_iterate_object(obj, &it2,
554 if (portal_group_add_listen(
556 ucl_object_tostring(tmp),
561 log_warnx("\"listen\" property of "
562 "portal-group \"%s\" is not a string",
563 portal_group->pg_name);
568 if (!strcmp(key, "redirect")) {
569 if (obj->type != UCL_STRING) {
570 log_warnx("\"listen\" property of "
571 "portal-group \"%s\" is not a string",
572 portal_group->pg_name);
576 if (portal_group_set_redirection(portal_group,
577 ucl_object_tostring(obj)) != 0)
581 if (!strcmp(key, "options")) {
582 if (obj->type != UCL_OBJECT) {
583 log_warnx("\"options\" property of portal group "
584 "\"%s\" is not an object", portal_group->pg_name);
588 while ((tmp = ucl_iterate_object(obj, &it2,
590 option_new(&portal_group->pg_options,
592 ucl_object_tostring_forced(tmp));
601 uclparse_target(const char *name, const ucl_object_t *top)
603 struct target *target;
604 ucl_object_iter_t it = NULL, it2 = NULL;
605 const ucl_object_t *obj = NULL, *tmp = NULL;
608 target = target_new(conf, name);
610 while ((obj = ucl_iterate_object(top, &it, true))) {
611 key = ucl_object_key(obj);
613 if (!strcmp(key, "alias")) {
614 if (obj->type != UCL_STRING) {
615 log_warnx("\"alias\" property of target "
616 "\"%s\" is not a string", target->t_name);
620 target->t_alias = strdup(ucl_object_tostring(obj));
623 if (!strcmp(key, "auth-group")) {
624 if (target->t_auth_group != NULL) {
625 if (target->t_auth_group->ag_name != NULL)
626 log_warnx("auth-group for target \"%s\" "
627 "specified more than once",
630 log_warnx("cannot use both auth-group "
631 "and explicit authorisations for "
632 "target \"%s\"", target->t_name);
635 target->t_auth_group = auth_group_find(conf,
636 ucl_object_tostring(obj));
637 if (target->t_auth_group == NULL) {
638 log_warnx("unknown auth-group \"%s\" for target "
639 "\"%s\"", ucl_object_tostring(obj),
645 if (!strcmp(key, "auth-type")) {
648 if (target->t_auth_group != NULL) {
649 if (target->t_auth_group->ag_name != NULL) {
650 log_warnx("cannot use both auth-group and "
651 "auth-type for target \"%s\"",
656 target->t_auth_group = auth_group_new(conf, NULL);
657 if (target->t_auth_group == NULL)
660 target->t_auth_group->ag_target = target;
662 error = auth_group_set_type(target->t_auth_group,
663 ucl_object_tostring(obj));
668 if (!strcmp(key, "chap")) {
669 if (uclparse_chap(target->t_auth_group, obj) != 0)
673 if (!strcmp(key, "chap-mutual")) {
674 if (uclparse_chap_mutual(target->t_auth_group, obj) != 0)
678 if (!strcmp(key, "initiator-name")) {
679 const struct auth_name *an;
681 if (target->t_auth_group != NULL) {
682 if (target->t_auth_group->ag_name != NULL) {
683 log_warnx("cannot use both auth-group and "
684 "initiator-name for target \"%s\"",
689 target->t_auth_group = auth_group_new(conf, NULL);
690 if (target->t_auth_group == NULL)
693 target->t_auth_group->ag_target = target;
695 an = auth_name_new(target->t_auth_group,
696 ucl_object_tostring(obj));
701 if (!strcmp(key, "initiator-portal")) {
702 const struct auth_portal *ap;
704 if (target->t_auth_group != NULL) {
705 if (target->t_auth_group->ag_name != NULL) {
706 log_warnx("cannot use both auth-group and "
707 "initiator-portal for target \"%s\"",
712 target->t_auth_group = auth_group_new(conf, NULL);
713 if (target->t_auth_group == NULL)
716 target->t_auth_group->ag_target = target;
718 ap = auth_portal_new(target->t_auth_group,
719 ucl_object_tostring(obj));
724 if (!strcmp(key, "portal-group")) {
725 if (obj->type == UCL_OBJECT) {
726 if (uclparse_target_portal_group(target, obj) != 0)
730 if (obj->type == UCL_ARRAY) {
731 while ((tmp = ucl_iterate_object(obj, &it2,
733 if (uclparse_target_portal_group(target,
740 if (!strcmp(key, "port")) {
743 const char *value = ucl_object_tostring(obj);
745 pp = pport_find(conf, value);
747 log_warnx("unknown port \"%s\" for target \"%s\"",
748 value, target->t_name);
751 if (!TAILQ_EMPTY(&pp->pp_ports)) {
752 log_warnx("can't link port \"%s\" to target \"%s\", "
753 "port already linked to some target",
754 value, target->t_name);
757 tp = port_new_pp(conf, target, pp);
759 log_warnx("can't link port \"%s\" to target \"%s\"",
760 value, target->t_name);
765 if (!strcmp(key, "redirect")) {
766 if (obj->type != UCL_STRING) {
767 log_warnx("\"redirect\" property of target "
768 "\"%s\" is not a string", target->t_name);
772 if (target_set_redirection(target,
773 ucl_object_tostring(obj)) != 0)
777 if (!strcmp(key, "lun")) {
778 while ((tmp = ucl_iterate_object(obj, &it2, true))) {
779 if (uclparse_target_lun(target, tmp) != 0)
789 uclparse_lun(const char *name, const ucl_object_t *top)
792 ucl_object_iter_t it = NULL, child_it = NULL;
793 const ucl_object_t *obj = NULL, *child = NULL;
796 lun = lun_new(conf, name);
798 while ((obj = ucl_iterate_object(top, &it, true))) {
799 key = ucl_object_key(obj);
801 if (!strcmp(key, "backend")) {
802 if (obj->type != UCL_STRING) {
803 log_warnx("\"backend\" property of lun "
804 "\"%s\" is not a string",
809 lun_set_backend(lun, ucl_object_tostring(obj));
812 if (!strcmp(key, "blocksize")) {
813 if (obj->type != UCL_INT) {
814 log_warnx("\"blocksize\" property of lun "
815 "\"%s\" is not an integer", lun->l_name);
819 lun_set_blocksize(lun, ucl_object_toint(obj));
822 if (!strcmp(key, "device-id")) {
823 if (obj->type != UCL_STRING) {
824 log_warnx("\"device-id\" property of lun "
825 "\"%s\" is not an integer", lun->l_name);
829 lun_set_device_id(lun, ucl_object_tostring(obj));
832 if (!strcmp(key, "options")) {
833 if (obj->type != UCL_OBJECT) {
834 log_warnx("\"options\" property of lun "
835 "\"%s\" is not an object", lun->l_name);
839 while ((child = ucl_iterate_object(obj, &child_it,
841 option_new(&lun->l_options,
842 ucl_object_key(child),
843 ucl_object_tostring_forced(child));
847 if (!strcmp(key, "path")) {
848 if (obj->type != UCL_STRING) {
849 log_warnx("\"path\" property of lun "
850 "\"%s\" is not a string", lun->l_name);
854 lun_set_path(lun, ucl_object_tostring(obj));
857 if (!strcmp(key, "serial")) {
858 if (obj->type != UCL_STRING) {
859 log_warnx("\"serial\" property of lun "
860 "\"%s\" is not a string", lun->l_name);
864 lun_set_serial(lun, ucl_object_tostring(obj));
867 if (!strcmp(key, "size")) {
868 if (obj->type != UCL_INT) {
869 log_warnx("\"size\" property of lun "
870 "\"%s\" is not an integer", lun->l_name);
874 lun_set_size(lun, ucl_object_toint(obj));
882 uclparse_conf(struct conf *newconf, const char *path)
884 struct ucl_parser *parser;
888 parser = ucl_parser_new(0);
890 if (!ucl_parser_add_file(parser, path)) {
891 log_warn("unable to parse configuration file %s: %s", path,
892 ucl_parser_get_error(parser));
896 error = uclparse_toplevel(ucl_parser_get_object(parser));