ctld.c revision 274949
1/*- 2 * Copyright (c) 2012 The FreeBSD Foundation 3 * All rights reserved. 4 * 5 * This software was developed by Edward Tomasz Napierala under sponsorship 6 * from the FreeBSD Foundation. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 */ 30 31#include <sys/cdefs.h> 32__FBSDID("$FreeBSD: stable/10/usr.sbin/ctld/ctld.c 274949 2014-11-24 07:59:44Z trasz $"); 33 34#include <sys/types.h> 35#include <sys/time.h> 36#include <sys/socket.h> 37#include <sys/wait.h> 38#include <netinet/in.h> 39#include <arpa/inet.h> 40#include <assert.h> 41#include <ctype.h> 42#include <errno.h> 43#include <netdb.h> 44#include <signal.h> 45#include <stdbool.h> 46#include <stdio.h> 47#include <stdint.h> 48#include <stdlib.h> 49#include <string.h> 50#include <unistd.h> 51 52#include "ctld.h" 53#include "isns.h" 54 55bool proxy_mode = false; 56 57static volatile bool sighup_received = false; 58static volatile bool sigterm_received = false; 59static volatile bool sigalrm_received = false; 60 61static int nchildren = 0; 62 63static void 64usage(void) 65{ 66 67 fprintf(stderr, "usage: ctld [-d][-f config-file]\n"); 68 exit(1); 69} 70 71char * 72checked_strdup(const char *s) 73{ 74 char *c; 75 76 c = strdup(s); 77 if (c == NULL) 78 log_err(1, "strdup"); 79 return (c); 80} 81 82struct conf * 83conf_new(void) 84{ 85 struct conf *conf; 86 87 conf = calloc(1, sizeof(*conf)); 88 if (conf == NULL) 89 log_err(1, "calloc"); 90 TAILQ_INIT(&conf->conf_targets); 91 TAILQ_INIT(&conf->conf_auth_groups); 92 TAILQ_INIT(&conf->conf_portal_groups); 93 TAILQ_INIT(&conf->conf_isns); 94 95 conf->conf_isns_period = 900; 96 conf->conf_isns_timeout = 5; 97 conf->conf_debug = 0; 98 conf->conf_timeout = 60; 99 conf->conf_maxproc = 30; 100 101 return (conf); 102} 103 104void 105conf_delete(struct conf *conf) 106{ 107 struct target *targ, *tmp; 108 struct auth_group *ag, *cagtmp; 109 struct portal_group *pg, *cpgtmp; 110 struct isns *is, *istmp; 111 112 assert(conf->conf_pidfh == NULL); 113 114 TAILQ_FOREACH_SAFE(targ, &conf->conf_targets, t_next, tmp) 115 target_delete(targ); 116 TAILQ_FOREACH_SAFE(ag, &conf->conf_auth_groups, ag_next, cagtmp) 117 auth_group_delete(ag); 118 TAILQ_FOREACH_SAFE(pg, &conf->conf_portal_groups, pg_next, cpgtmp) 119 portal_group_delete(pg); 120 TAILQ_FOREACH_SAFE(is, &conf->conf_isns, i_next, istmp) 121 isns_delete(is); 122 free(conf->conf_pidfile_path); 123 free(conf); 124} 125 126static struct auth * 127auth_new(struct auth_group *ag) 128{ 129 struct auth *auth; 130 131 auth = calloc(1, sizeof(*auth)); 132 if (auth == NULL) 133 log_err(1, "calloc"); 134 auth->a_auth_group = ag; 135 TAILQ_INSERT_TAIL(&ag->ag_auths, auth, a_next); 136 return (auth); 137} 138 139static void 140auth_delete(struct auth *auth) 141{ 142 TAILQ_REMOVE(&auth->a_auth_group->ag_auths, auth, a_next); 143 144 free(auth->a_user); 145 free(auth->a_secret); 146 free(auth->a_mutual_user); 147 free(auth->a_mutual_secret); 148 free(auth); 149} 150 151const struct auth * 152auth_find(const struct auth_group *ag, const char *user) 153{ 154 const struct auth *auth; 155 156 TAILQ_FOREACH(auth, &ag->ag_auths, a_next) { 157 if (strcmp(auth->a_user, user) == 0) 158 return (auth); 159 } 160 161 return (NULL); 162} 163 164static void 165auth_check_secret_length(struct auth *auth) 166{ 167 size_t len; 168 169 len = strlen(auth->a_secret); 170 if (len > 16) { 171 if (auth->a_auth_group->ag_name != NULL) 172 log_warnx("secret for user \"%s\", auth-group \"%s\", " 173 "is too long; it should be at most 16 characters " 174 "long", auth->a_user, auth->a_auth_group->ag_name); 175 else 176 log_warnx("secret for user \"%s\", target \"%s\", " 177 "is too long; it should be at most 16 characters " 178 "long", auth->a_user, 179 auth->a_auth_group->ag_target->t_name); 180 } 181 if (len < 12) { 182 if (auth->a_auth_group->ag_name != NULL) 183 log_warnx("secret for user \"%s\", auth-group \"%s\", " 184 "is too short; it should be at least 12 characters " 185 "long", auth->a_user, 186 auth->a_auth_group->ag_name); 187 else 188 log_warnx("secret for user \"%s\", target \"%s\", " 189 "is too short; it should be at least 16 characters " 190 "long", auth->a_user, 191 auth->a_auth_group->ag_target->t_name); 192 } 193 194 if (auth->a_mutual_secret != NULL) { 195 len = strlen(auth->a_secret); 196 if (len > 16) { 197 if (auth->a_auth_group->ag_name != NULL) 198 log_warnx("mutual secret for user \"%s\", " 199 "auth-group \"%s\", is too long; it should " 200 "be at most 16 characters long", 201 auth->a_user, auth->a_auth_group->ag_name); 202 else 203 log_warnx("mutual secret for user \"%s\", " 204 "target \"%s\", is too long; it should " 205 "be at most 16 characters long", 206 auth->a_user, 207 auth->a_auth_group->ag_target->t_name); 208 } 209 if (len < 12) { 210 if (auth->a_auth_group->ag_name != NULL) 211 log_warnx("mutual secret for user \"%s\", " 212 "auth-group \"%s\", is too short; it " 213 "should be at least 12 characters long", 214 auth->a_user, auth->a_auth_group->ag_name); 215 else 216 log_warnx("mutual secret for user \"%s\", " 217 "target \"%s\", is too short; it should be " 218 "at least 16 characters long", 219 auth->a_user, 220 auth->a_auth_group->ag_target->t_name); 221 } 222 } 223} 224 225const struct auth * 226auth_new_chap(struct auth_group *ag, const char *user, 227 const char *secret) 228{ 229 struct auth *auth; 230 231 if (ag->ag_type == AG_TYPE_UNKNOWN) 232 ag->ag_type = AG_TYPE_CHAP; 233 if (ag->ag_type != AG_TYPE_CHAP) { 234 if (ag->ag_name != NULL) 235 log_warnx("cannot mix \"chap\" authentication with " 236 "other types for auth-group \"%s\"", ag->ag_name); 237 else 238 log_warnx("cannot mix \"chap\" authentication with " 239 "other types for target \"%s\"", 240 ag->ag_target->t_name); 241 return (NULL); 242 } 243 244 auth = auth_new(ag); 245 auth->a_user = checked_strdup(user); 246 auth->a_secret = checked_strdup(secret); 247 248 auth_check_secret_length(auth); 249 250 return (auth); 251} 252 253const struct auth * 254auth_new_chap_mutual(struct auth_group *ag, const char *user, 255 const char *secret, const char *user2, const char *secret2) 256{ 257 struct auth *auth; 258 259 if (ag->ag_type == AG_TYPE_UNKNOWN) 260 ag->ag_type = AG_TYPE_CHAP_MUTUAL; 261 if (ag->ag_type != AG_TYPE_CHAP_MUTUAL) { 262 if (ag->ag_name != NULL) 263 log_warnx("cannot mix \"chap-mutual\" authentication " 264 "with other types for auth-group \"%s\"", 265 ag->ag_name); 266 else 267 log_warnx("cannot mix \"chap-mutual\" authentication " 268 "with other types for target \"%s\"", 269 ag->ag_target->t_name); 270 return (NULL); 271 } 272 273 auth = auth_new(ag); 274 auth->a_user = checked_strdup(user); 275 auth->a_secret = checked_strdup(secret); 276 auth->a_mutual_user = checked_strdup(user2); 277 auth->a_mutual_secret = checked_strdup(secret2); 278 279 auth_check_secret_length(auth); 280 281 return (auth); 282} 283 284const struct auth_name * 285auth_name_new(struct auth_group *ag, const char *name) 286{ 287 struct auth_name *an; 288 289 an = calloc(1, sizeof(*an)); 290 if (an == NULL) 291 log_err(1, "calloc"); 292 an->an_auth_group = ag; 293 an->an_initator_name = checked_strdup(name); 294 TAILQ_INSERT_TAIL(&ag->ag_names, an, an_next); 295 return (an); 296} 297 298static void 299auth_name_delete(struct auth_name *an) 300{ 301 TAILQ_REMOVE(&an->an_auth_group->ag_names, an, an_next); 302 303 free(an->an_initator_name); 304 free(an); 305} 306 307bool 308auth_name_defined(const struct auth_group *ag) 309{ 310 if (TAILQ_EMPTY(&ag->ag_names)) 311 return (false); 312 return (true); 313} 314 315const struct auth_name * 316auth_name_find(const struct auth_group *ag, const char *name) 317{ 318 const struct auth_name *auth_name; 319 320 TAILQ_FOREACH(auth_name, &ag->ag_names, an_next) { 321 if (strcmp(auth_name->an_initator_name, name) == 0) 322 return (auth_name); 323 } 324 325 return (NULL); 326} 327 328int 329auth_name_check(const struct auth_group *ag, const char *initiator_name) 330{ 331 if (!auth_name_defined(ag)) 332 return (0); 333 334 if (auth_name_find(ag, initiator_name) == NULL) 335 return (1); 336 337 return (0); 338} 339 340const struct auth_portal * 341auth_portal_new(struct auth_group *ag, const char *portal) 342{ 343 struct auth_portal *ap; 344 char *net, *mask, *str, *tmp; 345 int len, dm, m; 346 347 ap = calloc(1, sizeof(*ap)); 348 if (ap == NULL) 349 log_err(1, "calloc"); 350 ap->ap_auth_group = ag; 351 ap->ap_initator_portal = checked_strdup(portal); 352 mask = str = checked_strdup(portal); 353 net = strsep(&mask, "/"); 354 if (net[0] == '[') 355 net++; 356 len = strlen(net); 357 if (len == 0) 358 goto error; 359 if (net[len - 1] == ']') 360 net[len - 1] = 0; 361 if (strchr(net, ':') != NULL) { 362 struct sockaddr_in6 *sin6 = 363 (struct sockaddr_in6 *)&ap->ap_sa; 364 365 sin6->sin6_len = sizeof(*sin6); 366 sin6->sin6_family = AF_INET6; 367 if (inet_pton(AF_INET6, net, &sin6->sin6_addr) <= 0) 368 goto error; 369 dm = 128; 370 } else { 371 struct sockaddr_in *sin = 372 (struct sockaddr_in *)&ap->ap_sa; 373 374 sin->sin_len = sizeof(*sin); 375 sin->sin_family = AF_INET; 376 if (inet_pton(AF_INET, net, &sin->sin_addr) <= 0) 377 goto error; 378 dm = 32; 379 } 380 if (mask != NULL) { 381 m = strtol(mask, &tmp, 0); 382 if (m < 0 || m > dm || tmp[0] != 0) 383 goto error; 384 } else 385 m = dm; 386 ap->ap_mask = m; 387 free(str); 388 TAILQ_INSERT_TAIL(&ag->ag_portals, ap, ap_next); 389 return (ap); 390 391error: 392 log_errx(1, "Incorrect initiator portal '%s'", portal); 393 return (NULL); 394} 395 396static void 397auth_portal_delete(struct auth_portal *ap) 398{ 399 TAILQ_REMOVE(&ap->ap_auth_group->ag_portals, ap, ap_next); 400 401 free(ap->ap_initator_portal); 402 free(ap); 403} 404 405bool 406auth_portal_defined(const struct auth_group *ag) 407{ 408 if (TAILQ_EMPTY(&ag->ag_portals)) 409 return (false); 410 return (true); 411} 412 413const struct auth_portal * 414auth_portal_find(const struct auth_group *ag, const struct sockaddr_storage *ss) 415{ 416 const struct auth_portal *ap; 417 const uint8_t *a, *b; 418 int i; 419 uint8_t bmask; 420 421 TAILQ_FOREACH(ap, &ag->ag_portals, ap_next) { 422 if (ap->ap_sa.ss_family != ss->ss_family) 423 continue; 424 if (ss->ss_family == AF_INET) { 425 a = (const uint8_t *) 426 &((const struct sockaddr_in *)ss)->sin_addr; 427 b = (const uint8_t *) 428 &((const struct sockaddr_in *)&ap->ap_sa)->sin_addr; 429 } else { 430 a = (const uint8_t *) 431 &((const struct sockaddr_in6 *)ss)->sin6_addr; 432 b = (const uint8_t *) 433 &((const struct sockaddr_in6 *)&ap->ap_sa)->sin6_addr; 434 } 435 for (i = 0; i < ap->ap_mask / 8; i++) { 436 if (a[i] != b[i]) 437 goto next; 438 } 439 if (ap->ap_mask % 8) { 440 bmask = 0xff << (8 - (ap->ap_mask % 8)); 441 if ((a[i] & bmask) != (b[i] & bmask)) 442 goto next; 443 } 444 return (ap); 445next: 446 ; 447 } 448 449 return (NULL); 450} 451 452int 453auth_portal_check(const struct auth_group *ag, const struct sockaddr_storage *sa) 454{ 455 456 if (!auth_portal_defined(ag)) 457 return (0); 458 459 if (auth_portal_find(ag, sa) == NULL) 460 return (1); 461 462 return (0); 463} 464 465struct auth_group * 466auth_group_new(struct conf *conf, const char *name) 467{ 468 struct auth_group *ag; 469 470 if (name != NULL) { 471 ag = auth_group_find(conf, name); 472 if (ag != NULL) { 473 log_warnx("duplicated auth-group \"%s\"", name); 474 return (NULL); 475 } 476 } 477 478 ag = calloc(1, sizeof(*ag)); 479 if (ag == NULL) 480 log_err(1, "calloc"); 481 if (name != NULL) 482 ag->ag_name = checked_strdup(name); 483 TAILQ_INIT(&ag->ag_auths); 484 TAILQ_INIT(&ag->ag_names); 485 TAILQ_INIT(&ag->ag_portals); 486 ag->ag_conf = conf; 487 TAILQ_INSERT_TAIL(&conf->conf_auth_groups, ag, ag_next); 488 489 return (ag); 490} 491 492void 493auth_group_delete(struct auth_group *ag) 494{ 495 struct auth *auth, *auth_tmp; 496 struct auth_name *auth_name, *auth_name_tmp; 497 struct auth_portal *auth_portal, *auth_portal_tmp; 498 499 TAILQ_REMOVE(&ag->ag_conf->conf_auth_groups, ag, ag_next); 500 501 TAILQ_FOREACH_SAFE(auth, &ag->ag_auths, a_next, auth_tmp) 502 auth_delete(auth); 503 TAILQ_FOREACH_SAFE(auth_name, &ag->ag_names, an_next, auth_name_tmp) 504 auth_name_delete(auth_name); 505 TAILQ_FOREACH_SAFE(auth_portal, &ag->ag_portals, ap_next, 506 auth_portal_tmp) 507 auth_portal_delete(auth_portal); 508 free(ag->ag_name); 509 free(ag); 510} 511 512struct auth_group * 513auth_group_find(const struct conf *conf, const char *name) 514{ 515 struct auth_group *ag; 516 517 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 518 if (ag->ag_name != NULL && strcmp(ag->ag_name, name) == 0) 519 return (ag); 520 } 521 522 return (NULL); 523} 524 525static int 526auth_group_set_type(struct auth_group *ag, int type) 527{ 528 529 if (ag->ag_type == AG_TYPE_UNKNOWN) { 530 ag->ag_type = type; 531 return (0); 532 } 533 534 if (ag->ag_type == type) 535 return (0); 536 537 return (1); 538} 539 540int 541auth_group_set_type_str(struct auth_group *ag, const char *str) 542{ 543 int error, type; 544 545 if (strcmp(str, "none") == 0) { 546 type = AG_TYPE_NO_AUTHENTICATION; 547 } else if (strcmp(str, "deny") == 0) { 548 type = AG_TYPE_DENY; 549 } else if (strcmp(str, "chap") == 0) { 550 type = AG_TYPE_CHAP; 551 } else if (strcmp(str, "chap-mutual") == 0) { 552 type = AG_TYPE_CHAP_MUTUAL; 553 } else { 554 if (ag->ag_name != NULL) 555 log_warnx("invalid auth-type \"%s\" for auth-group " 556 "\"%s\"", str, ag->ag_name); 557 else 558 log_warnx("invalid auth-type \"%s\" for target " 559 "\"%s\"", str, ag->ag_target->t_name); 560 return (1); 561 } 562 563 error = auth_group_set_type(ag, type); 564 if (error != 0) { 565 if (ag->ag_name != NULL) 566 log_warnx("cannot set auth-type to \"%s\" for " 567 "auth-group \"%s\"; already has a different " 568 "type", str, ag->ag_name); 569 else 570 log_warnx("cannot set auth-type to \"%s\" for target " 571 "\"%s\"; already has a different type", 572 str, ag->ag_target->t_name); 573 return (1); 574 } 575 576 return (error); 577} 578 579static struct portal * 580portal_new(struct portal_group *pg) 581{ 582 struct portal *portal; 583 584 portal = calloc(1, sizeof(*portal)); 585 if (portal == NULL) 586 log_err(1, "calloc"); 587 TAILQ_INIT(&portal->p_targets); 588 portal->p_portal_group = pg; 589 TAILQ_INSERT_TAIL(&pg->pg_portals, portal, p_next); 590 return (portal); 591} 592 593static void 594portal_delete(struct portal *portal) 595{ 596 597 TAILQ_REMOVE(&portal->p_portal_group->pg_portals, portal, p_next); 598 if (portal->p_ai != NULL) 599 freeaddrinfo(portal->p_ai); 600 free(portal->p_listen); 601 free(portal); 602} 603 604struct portal_group * 605portal_group_new(struct conf *conf, const char *name) 606{ 607 struct portal_group *pg; 608 609 pg = portal_group_find(conf, name); 610 if (pg != NULL) { 611 log_warnx("duplicated portal-group \"%s\"", name); 612 return (NULL); 613 } 614 615 pg = calloc(1, sizeof(*pg)); 616 if (pg == NULL) 617 log_err(1, "calloc"); 618 pg->pg_name = checked_strdup(name); 619 TAILQ_INIT(&pg->pg_portals); 620 pg->pg_conf = conf; 621 conf->conf_last_portal_group_tag++; 622 pg->pg_tag = conf->conf_last_portal_group_tag; 623 TAILQ_INSERT_TAIL(&conf->conf_portal_groups, pg, pg_next); 624 625 return (pg); 626} 627 628void 629portal_group_delete(struct portal_group *pg) 630{ 631 struct portal *portal, *tmp; 632 633 TAILQ_REMOVE(&pg->pg_conf->conf_portal_groups, pg, pg_next); 634 635 TAILQ_FOREACH_SAFE(portal, &pg->pg_portals, p_next, tmp) 636 portal_delete(portal); 637 free(pg->pg_name); 638 free(pg); 639} 640 641struct portal_group * 642portal_group_find(const struct conf *conf, const char *name) 643{ 644 struct portal_group *pg; 645 646 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 647 if (strcmp(pg->pg_name, name) == 0) 648 return (pg); 649 } 650 651 return (NULL); 652} 653 654static int 655parse_addr_port(char *arg, const char *def_port, struct addrinfo **ai) 656{ 657 struct addrinfo hints; 658 char *addr, *ch; 659 const char *port; 660 int error, colons = 0; 661 662 if (arg[0] == '[') { 663 /* 664 * IPv6 address in square brackets, perhaps with port. 665 */ 666 arg++; 667 addr = strsep(&arg, "]"); 668 if (arg == NULL) 669 return (1); 670 if (arg[0] == '\0') { 671 port = def_port; 672 } else if (arg[0] == ':') { 673 port = arg + 1; 674 } else 675 return (1); 676 } else { 677 /* 678 * Either IPv6 address without brackets - and without 679 * a port - or IPv4 address. Just count the colons. 680 */ 681 for (ch = arg; *ch != '\0'; ch++) { 682 if (*ch == ':') 683 colons++; 684 } 685 if (colons > 1) { 686 addr = arg; 687 port = def_port; 688 } else { 689 addr = strsep(&arg, ":"); 690 if (arg == NULL) 691 port = def_port; 692 else 693 port = arg; 694 } 695 } 696 697 memset(&hints, 0, sizeof(hints)); 698 hints.ai_family = PF_UNSPEC; 699 hints.ai_socktype = SOCK_STREAM; 700 hints.ai_flags = AI_PASSIVE; 701 error = getaddrinfo(addr, port, &hints, ai); 702 if (error != 0) 703 return (1); 704 return (0); 705} 706 707int 708portal_group_add_listen(struct portal_group *pg, const char *value, bool iser) 709{ 710 struct portal *portal; 711 712 portal = portal_new(pg); 713 portal->p_listen = checked_strdup(value); 714 portal->p_iser = iser; 715 716 if (parse_addr_port(portal->p_listen, "3260", &portal->p_ai)) { 717 log_warnx("invalid listen address %s", portal->p_listen); 718 portal_delete(portal); 719 return (1); 720 } 721 722 /* 723 * XXX: getaddrinfo(3) may return multiple addresses; we should turn 724 * those into multiple portals. 725 */ 726 727 return (0); 728} 729 730int 731isns_new(struct conf *conf, const char *addr) 732{ 733 struct isns *isns; 734 735 isns = calloc(1, sizeof(*isns)); 736 if (isns == NULL) 737 log_err(1, "calloc"); 738 isns->i_conf = conf; 739 TAILQ_INSERT_TAIL(&conf->conf_isns, isns, i_next); 740 isns->i_addr = checked_strdup(addr); 741 742 if (parse_addr_port(isns->i_addr, "3205", &isns->i_ai)) { 743 log_warnx("invalid iSNS address %s", isns->i_addr); 744 isns_delete(isns); 745 return (1); 746 } 747 748 /* 749 * XXX: getaddrinfo(3) may return multiple addresses; we should turn 750 * those into multiple servers. 751 */ 752 753 return (0); 754} 755 756void 757isns_delete(struct isns *isns) 758{ 759 760 TAILQ_REMOVE(&isns->i_conf->conf_isns, isns, i_next); 761 free(isns->i_addr); 762 if (isns->i_ai != NULL) 763 freeaddrinfo(isns->i_ai); 764 free(isns); 765} 766 767static int 768isns_do_connect(struct isns *isns) 769{ 770 int s; 771 772 s = socket(isns->i_ai->ai_family, isns->i_ai->ai_socktype, 773 isns->i_ai->ai_protocol); 774 if (s < 0) { 775 log_warn("socket(2) failed for %s", isns->i_addr); 776 return (-1); 777 } 778 if (connect(s, isns->i_ai->ai_addr, isns->i_ai->ai_addrlen)) { 779 log_warn("connect(2) failed for %s", isns->i_addr); 780 close(s); 781 return (-1); 782 } 783 return(s); 784} 785 786static int 787isns_do_register(struct isns *isns, int s, const char *hostname) 788{ 789 struct conf *conf = isns->i_conf; 790 struct target *target; 791 struct portal *portal; 792 struct portal_group *pg; 793 struct isns_req *req; 794 int res = 0; 795 uint32_t error; 796 797 req = isns_req_create(ISNS_FUNC_DEVATTRREG, ISNS_FLAG_CLIENT); 798 isns_req_add_str(req, 32, TAILQ_FIRST(&conf->conf_targets)->t_name); 799 isns_req_add_delim(req); 800 isns_req_add_str(req, 1, hostname); 801 isns_req_add_32(req, 2, 2); /* 2 -- iSCSI */ 802 isns_req_add_32(req, 6, conf->conf_isns_period); 803 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 804 if (pg->pg_unassigned) 805 continue; 806 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 807 isns_req_add_addr(req, 16, portal->p_ai); 808 isns_req_add_port(req, 17, portal->p_ai); 809 } 810 } 811 TAILQ_FOREACH(target, &conf->conf_targets, t_next) { 812 isns_req_add_str(req, 32, target->t_name); 813 isns_req_add_32(req, 33, 1); /* 1 -- Target*/ 814 if (target->t_alias != NULL) 815 isns_req_add_str(req, 34, target->t_alias); 816 pg = target->t_portal_group; 817 isns_req_add_32(req, 51, pg->pg_tag); 818 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 819 isns_req_add_addr(req, 49, portal->p_ai); 820 isns_req_add_port(req, 50, portal->p_ai); 821 } 822 } 823 res = isns_req_send(s, req); 824 if (res < 0) { 825 log_warn("send(2) failed for %s", isns->i_addr); 826 goto quit; 827 } 828 res = isns_req_receive(s, req); 829 if (res < 0) { 830 log_warn("receive(2) failed for %s", isns->i_addr); 831 goto quit; 832 } 833 error = isns_req_get_status(req); 834 if (error != 0) { 835 log_warnx("iSNS register error %d for %s", error, isns->i_addr); 836 res = -1; 837 } 838quit: 839 isns_req_free(req); 840 return (res); 841} 842 843static int 844isns_do_check(struct isns *isns, int s, const char *hostname) 845{ 846 struct conf *conf = isns->i_conf; 847 struct isns_req *req; 848 int res = 0; 849 uint32_t error; 850 851 req = isns_req_create(ISNS_FUNC_DEVATTRQRY, ISNS_FLAG_CLIENT); 852 isns_req_add_str(req, 32, TAILQ_FIRST(&conf->conf_targets)->t_name); 853 isns_req_add_str(req, 1, hostname); 854 isns_req_add_delim(req); 855 isns_req_add(req, 2, 0, NULL); 856 res = isns_req_send(s, req); 857 if (res < 0) { 858 log_warn("send(2) failed for %s", isns->i_addr); 859 goto quit; 860 } 861 res = isns_req_receive(s, req); 862 if (res < 0) { 863 log_warn("receive(2) failed for %s", isns->i_addr); 864 goto quit; 865 } 866 error = isns_req_get_status(req); 867 if (error != 0) { 868 log_warnx("iSNS check error %d for %s", error, isns->i_addr); 869 res = -1; 870 } 871quit: 872 isns_req_free(req); 873 return (res); 874} 875 876static int 877isns_do_deregister(struct isns *isns, int s, const char *hostname) 878{ 879 struct conf *conf = isns->i_conf; 880 struct isns_req *req; 881 int res = 0; 882 uint32_t error; 883 884 req = isns_req_create(ISNS_FUNC_DEVDEREG, ISNS_FLAG_CLIENT); 885 isns_req_add_str(req, 32, TAILQ_FIRST(&conf->conf_targets)->t_name); 886 isns_req_add_delim(req); 887 isns_req_add_str(req, 1, hostname); 888 res = isns_req_send(s, req); 889 if (res < 0) { 890 log_warn("send(2) failed for %s", isns->i_addr); 891 goto quit; 892 } 893 res = isns_req_receive(s, req); 894 if (res < 0) { 895 log_warn("receive(2) failed for %s", isns->i_addr); 896 goto quit; 897 } 898 error = isns_req_get_status(req); 899 if (error != 0) { 900 log_warnx("iSNS deregister error %d for %s", error, isns->i_addr); 901 res = -1; 902 } 903quit: 904 isns_req_free(req); 905 return (res); 906} 907 908void 909isns_register(struct isns *isns, struct isns *oldisns) 910{ 911 struct conf *conf = isns->i_conf; 912 int s, res; 913 char hostname[256]; 914 915 if (TAILQ_EMPTY(&conf->conf_targets) || 916 TAILQ_EMPTY(&conf->conf_portal_groups)) 917 return; 918 set_timeout(conf->conf_isns_timeout, false); 919 s = isns_do_connect(isns); 920 if (s < 0) { 921 set_timeout(0, false); 922 return; 923 } 924 gethostname(hostname, sizeof(hostname)); 925 926 if (oldisns == NULL || TAILQ_EMPTY(&oldisns->i_conf->conf_targets)) 927 oldisns = isns; 928 res = isns_do_deregister(oldisns, s, hostname); 929 res = isns_do_register(isns, s, hostname); 930 close(s); 931 set_timeout(0, false); 932} 933 934void 935isns_check(struct isns *isns) 936{ 937 struct conf *conf = isns->i_conf; 938 int s, res; 939 char hostname[256]; 940 941 if (TAILQ_EMPTY(&conf->conf_targets) || 942 TAILQ_EMPTY(&conf->conf_portal_groups)) 943 return; 944 set_timeout(conf->conf_isns_timeout, false); 945 s = isns_do_connect(isns); 946 if (s < 0) { 947 set_timeout(0, false); 948 return; 949 } 950 gethostname(hostname, sizeof(hostname)); 951 952 res = isns_do_check(isns, s, hostname); 953 if (res < 0) { 954 res = isns_do_deregister(isns, s, hostname); 955 res = isns_do_register(isns, s, hostname); 956 } 957 close(s); 958 set_timeout(0, false); 959} 960 961void 962isns_deregister(struct isns *isns) 963{ 964 struct conf *conf = isns->i_conf; 965 int s, res; 966 char hostname[256]; 967 968 if (TAILQ_EMPTY(&conf->conf_targets) || 969 TAILQ_EMPTY(&conf->conf_portal_groups)) 970 return; 971 set_timeout(conf->conf_isns_timeout, false); 972 s = isns_do_connect(isns); 973 if (s < 0) 974 return; 975 gethostname(hostname, sizeof(hostname)); 976 977 res = isns_do_deregister(isns, s, hostname); 978 close(s); 979 set_timeout(0, false); 980} 981 982static bool 983valid_hex(const char ch) 984{ 985 switch (ch) { 986 case '0': 987 case '1': 988 case '2': 989 case '3': 990 case '4': 991 case '5': 992 case '6': 993 case '7': 994 case '8': 995 case '9': 996 case 'a': 997 case 'A': 998 case 'b': 999 case 'B': 1000 case 'c': 1001 case 'C': 1002 case 'd': 1003 case 'D': 1004 case 'e': 1005 case 'E': 1006 case 'f': 1007 case 'F': 1008 return (true); 1009 default: 1010 return (false); 1011 } 1012} 1013 1014bool 1015valid_iscsi_name(const char *name) 1016{ 1017 int i; 1018 1019 if (strlen(name) >= MAX_NAME_LEN) { 1020 log_warnx("overlong name for target \"%s\"; max length allowed " 1021 "by iSCSI specification is %d characters", 1022 name, MAX_NAME_LEN); 1023 return (false); 1024 } 1025 1026 /* 1027 * In the cases below, we don't return an error, just in case the admin 1028 * was right, and we're wrong. 1029 */ 1030 if (strncasecmp(name, "iqn.", strlen("iqn.")) == 0) { 1031 for (i = strlen("iqn."); name[i] != '\0'; i++) { 1032 /* 1033 * XXX: We should verify UTF-8 normalisation, as defined 1034 * by 3.2.6.2: iSCSI Name Encoding. 1035 */ 1036 if (isalnum(name[i])) 1037 continue; 1038 if (name[i] == '-' || name[i] == '.' || name[i] == ':') 1039 continue; 1040 log_warnx("invalid character \"%c\" in target name " 1041 "\"%s\"; allowed characters are letters, digits, " 1042 "'-', '.', and ':'", name[i], name); 1043 break; 1044 } 1045 /* 1046 * XXX: Check more stuff: valid date and a valid reversed domain. 1047 */ 1048 } else if (strncasecmp(name, "eui.", strlen("eui.")) == 0) { 1049 if (strlen(name) != strlen("eui.") + 16) 1050 log_warnx("invalid target name \"%s\"; the \"eui.\" " 1051 "should be followed by exactly 16 hexadecimal " 1052 "digits", name); 1053 for (i = strlen("eui."); name[i] != '\0'; i++) { 1054 if (!valid_hex(name[i])) { 1055 log_warnx("invalid character \"%c\" in target " 1056 "name \"%s\"; allowed characters are 1-9 " 1057 "and A-F", name[i], name); 1058 break; 1059 } 1060 } 1061 } else if (strncasecmp(name, "naa.", strlen("naa.")) == 0) { 1062 if (strlen(name) > strlen("naa.") + 32) 1063 log_warnx("invalid target name \"%s\"; the \"naa.\" " 1064 "should be followed by at most 32 hexadecimal " 1065 "digits", name); 1066 for (i = strlen("naa."); name[i] != '\0'; i++) { 1067 if (!valid_hex(name[i])) { 1068 log_warnx("invalid character \"%c\" in target " 1069 "name \"%s\"; allowed characters are 1-9 " 1070 "and A-F", name[i], name); 1071 break; 1072 } 1073 } 1074 } else { 1075 log_warnx("invalid target name \"%s\"; should start with " 1076 "either \".iqn\", \"eui.\", or \"naa.\"", 1077 name); 1078 } 1079 return (true); 1080} 1081 1082struct target * 1083target_new(struct conf *conf, const char *name) 1084{ 1085 struct target *targ; 1086 int i, len; 1087 1088 targ = target_find(conf, name); 1089 if (targ != NULL) { 1090 log_warnx("duplicated target \"%s\"", name); 1091 return (NULL); 1092 } 1093 if (valid_iscsi_name(name) == false) { 1094 log_warnx("target name \"%s\" is invalid", name); 1095 return (NULL); 1096 } 1097 targ = calloc(1, sizeof(*targ)); 1098 if (targ == NULL) 1099 log_err(1, "calloc"); 1100 targ->t_name = checked_strdup(name); 1101 1102 /* 1103 * RFC 3722 requires us to normalize the name to lowercase. 1104 */ 1105 len = strlen(name); 1106 for (i = 0; i < len; i++) 1107 targ->t_name[i] = tolower(targ->t_name[i]); 1108 1109 TAILQ_INIT(&targ->t_luns); 1110 targ->t_conf = conf; 1111 TAILQ_INSERT_TAIL(&conf->conf_targets, targ, t_next); 1112 1113 return (targ); 1114} 1115 1116void 1117target_delete(struct target *targ) 1118{ 1119 struct lun *lun, *tmp; 1120 1121 TAILQ_REMOVE(&targ->t_conf->conf_targets, targ, t_next); 1122 1123 TAILQ_FOREACH_SAFE(lun, &targ->t_luns, l_next, tmp) 1124 lun_delete(lun); 1125 free(targ->t_name); 1126 free(targ); 1127} 1128 1129struct target * 1130target_find(struct conf *conf, const char *name) 1131{ 1132 struct target *targ; 1133 1134 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1135 if (strcasecmp(targ->t_name, name) == 0) 1136 return (targ); 1137 } 1138 1139 return (NULL); 1140} 1141 1142struct lun * 1143lun_new(struct target *targ, int lun_id) 1144{ 1145 struct lun *lun; 1146 1147 lun = lun_find(targ, lun_id); 1148 if (lun != NULL) { 1149 log_warnx("duplicated lun %d for target \"%s\"", 1150 lun_id, targ->t_name); 1151 return (NULL); 1152 } 1153 1154 lun = calloc(1, sizeof(*lun)); 1155 if (lun == NULL) 1156 log_err(1, "calloc"); 1157 lun->l_lun = lun_id; 1158 TAILQ_INIT(&lun->l_options); 1159 lun->l_target = targ; 1160 TAILQ_INSERT_TAIL(&targ->t_luns, lun, l_next); 1161 1162 return (lun); 1163} 1164 1165void 1166lun_delete(struct lun *lun) 1167{ 1168 struct lun_option *lo, *tmp; 1169 1170 TAILQ_REMOVE(&lun->l_target->t_luns, lun, l_next); 1171 1172 TAILQ_FOREACH_SAFE(lo, &lun->l_options, lo_next, tmp) 1173 lun_option_delete(lo); 1174 free(lun->l_backend); 1175 free(lun->l_device_id); 1176 free(lun->l_path); 1177 free(lun->l_serial); 1178 free(lun); 1179} 1180 1181struct lun * 1182lun_find(const struct target *targ, int lun_id) 1183{ 1184 struct lun *lun; 1185 1186 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 1187 if (lun->l_lun == lun_id) 1188 return (lun); 1189 } 1190 1191 return (NULL); 1192} 1193 1194void 1195lun_set_backend(struct lun *lun, const char *value) 1196{ 1197 free(lun->l_backend); 1198 lun->l_backend = checked_strdup(value); 1199} 1200 1201void 1202lun_set_blocksize(struct lun *lun, size_t value) 1203{ 1204 1205 lun->l_blocksize = value; 1206} 1207 1208void 1209lun_set_device_id(struct lun *lun, const char *value) 1210{ 1211 free(lun->l_device_id); 1212 lun->l_device_id = checked_strdup(value); 1213} 1214 1215void 1216lun_set_path(struct lun *lun, const char *value) 1217{ 1218 free(lun->l_path); 1219 lun->l_path = checked_strdup(value); 1220} 1221 1222void 1223lun_set_serial(struct lun *lun, const char *value) 1224{ 1225 free(lun->l_serial); 1226 lun->l_serial = checked_strdup(value); 1227} 1228 1229void 1230lun_set_size(struct lun *lun, size_t value) 1231{ 1232 1233 lun->l_size = value; 1234} 1235 1236void 1237lun_set_ctl_lun(struct lun *lun, uint32_t value) 1238{ 1239 1240 lun->l_ctl_lun = value; 1241} 1242 1243struct lun_option * 1244lun_option_new(struct lun *lun, const char *name, const char *value) 1245{ 1246 struct lun_option *lo; 1247 1248 lo = lun_option_find(lun, name); 1249 if (lo != NULL) { 1250 log_warnx("duplicated lun option %s for lun %d, target \"%s\"", 1251 name, lun->l_lun, lun->l_target->t_name); 1252 return (NULL); 1253 } 1254 1255 lo = calloc(1, sizeof(*lo)); 1256 if (lo == NULL) 1257 log_err(1, "calloc"); 1258 lo->lo_name = checked_strdup(name); 1259 lo->lo_value = checked_strdup(value); 1260 lo->lo_lun = lun; 1261 TAILQ_INSERT_TAIL(&lun->l_options, lo, lo_next); 1262 1263 return (lo); 1264} 1265 1266void 1267lun_option_delete(struct lun_option *lo) 1268{ 1269 1270 TAILQ_REMOVE(&lo->lo_lun->l_options, lo, lo_next); 1271 1272 free(lo->lo_name); 1273 free(lo->lo_value); 1274 free(lo); 1275} 1276 1277struct lun_option * 1278lun_option_find(const struct lun *lun, const char *name) 1279{ 1280 struct lun_option *lo; 1281 1282 TAILQ_FOREACH(lo, &lun->l_options, lo_next) { 1283 if (strcmp(lo->lo_name, name) == 0) 1284 return (lo); 1285 } 1286 1287 return (NULL); 1288} 1289 1290void 1291lun_option_set(struct lun_option *lo, const char *value) 1292{ 1293 1294 free(lo->lo_value); 1295 lo->lo_value = checked_strdup(value); 1296} 1297 1298static struct connection * 1299connection_new(struct portal *portal, int fd, const char *host, 1300 const struct sockaddr *client_sa) 1301{ 1302 struct connection *conn; 1303 1304 conn = calloc(1, sizeof(*conn)); 1305 if (conn == NULL) 1306 log_err(1, "calloc"); 1307 conn->conn_portal = portal; 1308 conn->conn_socket = fd; 1309 conn->conn_initiator_addr = checked_strdup(host); 1310 memcpy(&conn->conn_initiator_sa, client_sa, client_sa->sa_len); 1311 1312 /* 1313 * Default values, from RFC 3720, section 12. 1314 */ 1315 conn->conn_max_data_segment_length = 8192; 1316 conn->conn_max_burst_length = 262144; 1317 conn->conn_immediate_data = true; 1318 1319 return (conn); 1320} 1321 1322#if 0 1323static void 1324conf_print(struct conf *conf) 1325{ 1326 struct auth_group *ag; 1327 struct auth *auth; 1328 struct auth_name *auth_name; 1329 struct auth_portal *auth_portal; 1330 struct portal_group *pg; 1331 struct portal *portal; 1332 struct target *targ; 1333 struct lun *lun; 1334 struct lun_option *lo; 1335 1336 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 1337 fprintf(stderr, "auth-group %s {\n", ag->ag_name); 1338 TAILQ_FOREACH(auth, &ag->ag_auths, a_next) 1339 fprintf(stderr, "\t chap-mutual %s %s %s %s\n", 1340 auth->a_user, auth->a_secret, 1341 auth->a_mutual_user, auth->a_mutual_secret); 1342 TAILQ_FOREACH(auth_name, &ag->ag_names, an_next) 1343 fprintf(stderr, "\t initiator-name %s\n", 1344 auth_name->an_initator_name); 1345 TAILQ_FOREACH(auth_portal, &ag->ag_portals, an_next) 1346 fprintf(stderr, "\t initiator-portal %s\n", 1347 auth_portal->an_initator_portal); 1348 fprintf(stderr, "}\n"); 1349 } 1350 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1351 fprintf(stderr, "portal-group %s {\n", pg->pg_name); 1352 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) 1353 fprintf(stderr, "\t listen %s\n", portal->p_listen); 1354 fprintf(stderr, "}\n"); 1355 } 1356 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1357 fprintf(stderr, "target %s {\n", targ->t_name); 1358 if (targ->t_alias != NULL) 1359 fprintf(stderr, "\t alias %s\n", targ->t_alias); 1360 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 1361 fprintf(stderr, "\tlun %d {\n", lun->l_lun); 1362 fprintf(stderr, "\t\tpath %s\n", lun->l_path); 1363 TAILQ_FOREACH(lo, &lun->l_options, lo_next) 1364 fprintf(stderr, "\t\toption %s %s\n", 1365 lo->lo_name, lo->lo_value); 1366 fprintf(stderr, "\t}\n"); 1367 } 1368 fprintf(stderr, "}\n"); 1369 } 1370} 1371#endif 1372 1373static int 1374conf_verify_lun(struct lun *lun) 1375{ 1376 const struct lun *lun2; 1377 const struct target *targ2; 1378 1379 if (lun->l_backend == NULL) 1380 lun_set_backend(lun, "block"); 1381 if (strcmp(lun->l_backend, "block") == 0) { 1382 if (lun->l_path == NULL) { 1383 log_warnx("missing path for lun %d, target \"%s\"", 1384 lun->l_lun, lun->l_target->t_name); 1385 return (1); 1386 } 1387 } else if (strcmp(lun->l_backend, "ramdisk") == 0) { 1388 if (lun->l_size == 0) { 1389 log_warnx("missing size for ramdisk-backed lun %d, " 1390 "target \"%s\"", lun->l_lun, lun->l_target->t_name); 1391 return (1); 1392 } 1393 if (lun->l_path != NULL) { 1394 log_warnx("path must not be specified " 1395 "for ramdisk-backed lun %d, target \"%s\"", 1396 lun->l_lun, lun->l_target->t_name); 1397 return (1); 1398 } 1399 } 1400 if (lun->l_lun < 0 || lun->l_lun > 255) { 1401 log_warnx("invalid lun number for lun %d, target \"%s\"; " 1402 "must be between 0 and 255", lun->l_lun, 1403 lun->l_target->t_name); 1404 return (1); 1405 } 1406 if (lun->l_blocksize == 0) { 1407 lun_set_blocksize(lun, DEFAULT_BLOCKSIZE); 1408 } else if (lun->l_blocksize < 0) { 1409 log_warnx("invalid blocksize for lun %d, target \"%s\"; " 1410 "must be larger than 0", lun->l_lun, lun->l_target->t_name); 1411 return (1); 1412 } 1413 if (lun->l_size != 0 && lun->l_size % lun->l_blocksize != 0) { 1414 log_warnx("invalid size for lun %d, target \"%s\"; " 1415 "must be multiple of blocksize", lun->l_lun, 1416 lun->l_target->t_name); 1417 return (1); 1418 } 1419 TAILQ_FOREACH(targ2, &lun->l_target->t_conf->conf_targets, t_next) { 1420 TAILQ_FOREACH(lun2, &targ2->t_luns, l_next) { 1421 if (lun == lun2) 1422 continue; 1423 if (lun->l_path != NULL && lun2->l_path != NULL && 1424 strcmp(lun->l_path, lun2->l_path) == 0) { 1425 log_debugx("WARNING: path \"%s\" duplicated " 1426 "between lun %d, target \"%s\", and " 1427 "lun %d, target \"%s\"", lun->l_path, 1428 lun->l_lun, lun->l_target->t_name, 1429 lun2->l_lun, lun2->l_target->t_name); 1430 } 1431 } 1432 } 1433 1434 return (0); 1435} 1436 1437int 1438conf_verify(struct conf *conf) 1439{ 1440 struct auth_group *ag; 1441 struct portal_group *pg; 1442 struct target *targ; 1443 struct lun *lun; 1444 bool found; 1445 int error; 1446 1447 if (conf->conf_pidfile_path == NULL) 1448 conf->conf_pidfile_path = checked_strdup(DEFAULT_PIDFILE); 1449 1450 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1451 if (targ->t_auth_group == NULL) { 1452 targ->t_auth_group = auth_group_find(conf, 1453 "default"); 1454 assert(targ->t_auth_group != NULL); 1455 } 1456 if (targ->t_portal_group == NULL) { 1457 targ->t_portal_group = portal_group_find(conf, 1458 "default"); 1459 assert(targ->t_portal_group != NULL); 1460 } 1461 found = false; 1462 TAILQ_FOREACH(lun, &targ->t_luns, l_next) { 1463 error = conf_verify_lun(lun); 1464 if (error != 0) 1465 return (error); 1466 found = true; 1467 } 1468 if (!found) { 1469 log_warnx("no LUNs defined for target \"%s\"", 1470 targ->t_name); 1471 } 1472 } 1473 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1474 assert(pg->pg_name != NULL); 1475 if (pg->pg_discovery_auth_group == NULL) { 1476 pg->pg_discovery_auth_group = 1477 auth_group_find(conf, "default"); 1478 assert(pg->pg_discovery_auth_group != NULL); 1479 } 1480 1481 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1482 if (targ->t_portal_group == pg) 1483 break; 1484 } 1485 if (targ == NULL) { 1486 if (strcmp(pg->pg_name, "default") != 0) 1487 log_warnx("portal-group \"%s\" not assigned " 1488 "to any target", pg->pg_name); 1489 pg->pg_unassigned = true; 1490 } else 1491 pg->pg_unassigned = false; 1492 } 1493 TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) { 1494 if (ag->ag_name == NULL) 1495 assert(ag->ag_target != NULL); 1496 else 1497 assert(ag->ag_target == NULL); 1498 1499 found = false; 1500 TAILQ_FOREACH(targ, &conf->conf_targets, t_next) { 1501 if (targ->t_auth_group == ag) { 1502 found = true; 1503 break; 1504 } 1505 } 1506 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 1507 if (pg->pg_discovery_auth_group == ag) { 1508 found = true; 1509 break; 1510 } 1511 } 1512 if (!found && ag->ag_name != NULL && 1513 strcmp(ag->ag_name, "default") != 0 && 1514 strcmp(ag->ag_name, "no-authentication") != 0 && 1515 strcmp(ag->ag_name, "no-access") != 0) { 1516 log_warnx("auth-group \"%s\" not assigned " 1517 "to any target", ag->ag_name); 1518 } 1519 } 1520 1521 return (0); 1522} 1523 1524static int 1525conf_apply(struct conf *oldconf, struct conf *newconf) 1526{ 1527 struct target *oldtarg, *newtarg, *tmptarg; 1528 struct lun *oldlun, *newlun, *tmplun; 1529 struct portal_group *oldpg, *newpg; 1530 struct portal *oldp, *newp; 1531 struct isns *oldns, *newns; 1532 pid_t otherpid; 1533 int changed, cumulated_error = 0, error; 1534 int one = 1; 1535 1536 if (oldconf->conf_debug != newconf->conf_debug) { 1537 log_debugx("changing debug level to %d", newconf->conf_debug); 1538 log_init(newconf->conf_debug); 1539 } 1540 1541 if (oldconf->conf_pidfh != NULL) { 1542 assert(oldconf->conf_pidfile_path != NULL); 1543 if (newconf->conf_pidfile_path != NULL && 1544 strcmp(oldconf->conf_pidfile_path, 1545 newconf->conf_pidfile_path) == 0) { 1546 newconf->conf_pidfh = oldconf->conf_pidfh; 1547 oldconf->conf_pidfh = NULL; 1548 } else { 1549 log_debugx("removing pidfile %s", 1550 oldconf->conf_pidfile_path); 1551 pidfile_remove(oldconf->conf_pidfh); 1552 oldconf->conf_pidfh = NULL; 1553 } 1554 } 1555 1556 if (newconf->conf_pidfh == NULL && newconf->conf_pidfile_path != NULL) { 1557 log_debugx("opening pidfile %s", newconf->conf_pidfile_path); 1558 newconf->conf_pidfh = 1559 pidfile_open(newconf->conf_pidfile_path, 0600, &otherpid); 1560 if (newconf->conf_pidfh == NULL) { 1561 if (errno == EEXIST) 1562 log_errx(1, "daemon already running, pid: %jd.", 1563 (intmax_t)otherpid); 1564 log_err(1, "cannot open or create pidfile \"%s\"", 1565 newconf->conf_pidfile_path); 1566 } 1567 } 1568 1569 /* Deregister on removed iSNS servers. */ 1570 TAILQ_FOREACH(oldns, &oldconf->conf_isns, i_next) { 1571 TAILQ_FOREACH(newns, &newconf->conf_isns, i_next) { 1572 if (strcmp(oldns->i_addr, newns->i_addr) == 0) 1573 break; 1574 } 1575 if (newns == NULL) 1576 isns_deregister(oldns); 1577 } 1578 1579 /* 1580 * XXX: If target or lun removal fails, we should somehow "move" 1581 * the old lun or target into newconf, so that subsequent 1582 * conf_apply() would try to remove them again. That would 1583 * be somewhat hairy, though, and lun deletion failures don't 1584 * really happen, so leave it as it is for now. 1585 */ 1586 TAILQ_FOREACH_SAFE(oldtarg, &oldconf->conf_targets, t_next, tmptarg) { 1587 /* 1588 * First, remove any targets present in the old configuration 1589 * and missing in the new one. 1590 */ 1591 newtarg = target_find(newconf, oldtarg->t_name); 1592 if (newtarg == NULL) { 1593 TAILQ_FOREACH_SAFE(oldlun, &oldtarg->t_luns, l_next, 1594 tmplun) { 1595 log_debugx("target %s not found in new " 1596 "configuration; removing its lun %d, " 1597 "backed by CTL lun %d", 1598 oldtarg->t_name, oldlun->l_lun, 1599 oldlun->l_ctl_lun); 1600 error = kernel_lun_remove(oldlun); 1601 if (error != 0) { 1602 log_warnx("failed to remove lun %d, " 1603 "target %s, CTL lun %d", 1604 oldlun->l_lun, oldtarg->t_name, 1605 oldlun->l_ctl_lun); 1606 cumulated_error++; 1607 } 1608 } 1609 kernel_port_remove(oldtarg); 1610 continue; 1611 } 1612 1613 /* 1614 * Second, remove any LUNs present in the old target 1615 * and missing in the new one. 1616 */ 1617 TAILQ_FOREACH_SAFE(oldlun, &oldtarg->t_luns, l_next, tmplun) { 1618 newlun = lun_find(newtarg, oldlun->l_lun); 1619 if (newlun == NULL) { 1620 log_debugx("lun %d, target %s, CTL lun %d " 1621 "not found in new configuration; " 1622 "removing", oldlun->l_lun, oldtarg->t_name, 1623 oldlun->l_ctl_lun); 1624 error = kernel_lun_remove(oldlun); 1625 if (error != 0) { 1626 log_warnx("failed to remove lun %d, " 1627 "target %s, CTL lun %d", 1628 oldlun->l_lun, oldtarg->t_name, 1629 oldlun->l_ctl_lun); 1630 cumulated_error++; 1631 } 1632 continue; 1633 } 1634 1635 /* 1636 * Also remove the LUNs changed by more than size. 1637 */ 1638 changed = 0; 1639 assert(oldlun->l_backend != NULL); 1640 assert(newlun->l_backend != NULL); 1641 if (strcmp(newlun->l_backend, oldlun->l_backend) != 0) { 1642 log_debugx("backend for lun %d, target %s, " 1643 "CTL lun %d changed; removing", 1644 oldlun->l_lun, oldtarg->t_name, 1645 oldlun->l_ctl_lun); 1646 changed = 1; 1647 } 1648 if (oldlun->l_blocksize != newlun->l_blocksize) { 1649 log_debugx("blocksize for lun %d, target %s, " 1650 "CTL lun %d changed; removing", 1651 oldlun->l_lun, oldtarg->t_name, 1652 oldlun->l_ctl_lun); 1653 changed = 1; 1654 } 1655 if (newlun->l_device_id != NULL && 1656 (oldlun->l_device_id == NULL || 1657 strcmp(oldlun->l_device_id, newlun->l_device_id) != 1658 0)) { 1659 log_debugx("device-id for lun %d, target %s, " 1660 "CTL lun %d changed; removing", 1661 oldlun->l_lun, oldtarg->t_name, 1662 oldlun->l_ctl_lun); 1663 changed = 1; 1664 } 1665 if (newlun->l_path != NULL && 1666 (oldlun->l_path == NULL || 1667 strcmp(oldlun->l_path, newlun->l_path) != 0)) { 1668 log_debugx("path for lun %d, target %s, " 1669 "CTL lun %d, changed; removing", 1670 oldlun->l_lun, oldtarg->t_name, 1671 oldlun->l_ctl_lun); 1672 changed = 1; 1673 } 1674 if (newlun->l_serial != NULL && 1675 (oldlun->l_serial == NULL || 1676 strcmp(oldlun->l_serial, newlun->l_serial) != 0)) { 1677 log_debugx("serial for lun %d, target %s, " 1678 "CTL lun %d changed; removing", 1679 oldlun->l_lun, oldtarg->t_name, 1680 oldlun->l_ctl_lun); 1681 changed = 1; 1682 } 1683 if (changed) { 1684 error = kernel_lun_remove(oldlun); 1685 if (error != 0) { 1686 log_warnx("failed to remove lun %d, " 1687 "target %s, CTL lun %d", 1688 oldlun->l_lun, oldtarg->t_name, 1689 oldlun->l_ctl_lun); 1690 cumulated_error++; 1691 } 1692 lun_delete(oldlun); 1693 continue; 1694 } 1695 1696 lun_set_ctl_lun(newlun, oldlun->l_ctl_lun); 1697 } 1698 } 1699 1700 /* 1701 * Now add new targets or modify existing ones. 1702 */ 1703 TAILQ_FOREACH(newtarg, &newconf->conf_targets, t_next) { 1704 oldtarg = target_find(oldconf, newtarg->t_name); 1705 1706 TAILQ_FOREACH_SAFE(newlun, &newtarg->t_luns, l_next, tmplun) { 1707 if (oldtarg != NULL) { 1708 oldlun = lun_find(oldtarg, newlun->l_lun); 1709 if (oldlun != NULL) { 1710 if (newlun->l_size != oldlun->l_size || 1711 newlun->l_size == 0) { 1712 log_debugx("resizing lun %d, " 1713 "target %s, CTL lun %d", 1714 newlun->l_lun, 1715 newtarg->t_name, 1716 newlun->l_ctl_lun); 1717 error = 1718 kernel_lun_resize(newlun); 1719 if (error != 0) { 1720 log_warnx("failed to " 1721 "resize lun %d, " 1722 "target %s, " 1723 "CTL lun %d", 1724 newlun->l_lun, 1725 newtarg->t_name, 1726 newlun->l_lun); 1727 cumulated_error++; 1728 } 1729 } 1730 continue; 1731 } 1732 } 1733 log_debugx("adding lun %d, target %s", 1734 newlun->l_lun, newtarg->t_name); 1735 error = kernel_lun_add(newlun); 1736 if (error != 0) { 1737 log_warnx("failed to add lun %d, target %s", 1738 newlun->l_lun, newtarg->t_name); 1739 lun_delete(newlun); 1740 cumulated_error++; 1741 } 1742 } 1743 if (oldtarg == NULL) 1744 kernel_port_add(newtarg); 1745 } 1746 1747 /* 1748 * Go through the new portals, opening the sockets as neccessary. 1749 */ 1750 TAILQ_FOREACH(newpg, &newconf->conf_portal_groups, pg_next) { 1751 if (newpg->pg_unassigned) { 1752 log_debugx("not listening on portal-group \"%s\", " 1753 "not assigned to any target", 1754 newpg->pg_name); 1755 continue; 1756 } 1757 TAILQ_FOREACH(newp, &newpg->pg_portals, p_next) { 1758 /* 1759 * Try to find already open portal and reuse 1760 * the listening socket. We don't care about 1761 * what portal or portal group that was, what 1762 * matters is the listening address. 1763 */ 1764 TAILQ_FOREACH(oldpg, &oldconf->conf_portal_groups, 1765 pg_next) { 1766 TAILQ_FOREACH(oldp, &oldpg->pg_portals, 1767 p_next) { 1768 if (strcmp(newp->p_listen, 1769 oldp->p_listen) == 0 && 1770 oldp->p_socket > 0) { 1771 newp->p_socket = 1772 oldp->p_socket; 1773 oldp->p_socket = 0; 1774 break; 1775 } 1776 } 1777 } 1778 if (newp->p_socket > 0) { 1779 /* 1780 * We're done with this portal. 1781 */ 1782 continue; 1783 } 1784 1785#ifdef ICL_KERNEL_PROXY 1786 if (proxy_mode) { 1787 newpg->pg_conf->conf_portal_id++; 1788 newp->p_id = newpg->pg_conf->conf_portal_id; 1789 log_debugx("listening on %s, portal-group " 1790 "\"%s\", portal id %d, using ICL proxy", 1791 newp->p_listen, newpg->pg_name, newp->p_id); 1792 kernel_listen(newp->p_ai, newp->p_iser, 1793 newp->p_id); 1794 continue; 1795 } 1796#endif 1797 assert(proxy_mode == false); 1798 assert(newp->p_iser == false); 1799 1800 log_debugx("listening on %s, portal-group \"%s\"", 1801 newp->p_listen, newpg->pg_name); 1802 newp->p_socket = socket(newp->p_ai->ai_family, 1803 newp->p_ai->ai_socktype, 1804 newp->p_ai->ai_protocol); 1805 if (newp->p_socket < 0) { 1806 log_warn("socket(2) failed for %s", 1807 newp->p_listen); 1808 cumulated_error++; 1809 continue; 1810 } 1811 error = setsockopt(newp->p_socket, SOL_SOCKET, 1812 SO_REUSEADDR, &one, sizeof(one)); 1813 if (error != 0) { 1814 log_warn("setsockopt(SO_REUSEADDR) failed " 1815 "for %s", newp->p_listen); 1816 close(newp->p_socket); 1817 newp->p_socket = 0; 1818 cumulated_error++; 1819 continue; 1820 } 1821 error = bind(newp->p_socket, newp->p_ai->ai_addr, 1822 newp->p_ai->ai_addrlen); 1823 if (error != 0) { 1824 log_warn("bind(2) failed for %s", 1825 newp->p_listen); 1826 close(newp->p_socket); 1827 newp->p_socket = 0; 1828 cumulated_error++; 1829 continue; 1830 } 1831 error = listen(newp->p_socket, -1); 1832 if (error != 0) { 1833 log_warn("listen(2) failed for %s", 1834 newp->p_listen); 1835 close(newp->p_socket); 1836 newp->p_socket = 0; 1837 cumulated_error++; 1838 continue; 1839 } 1840 } 1841 } 1842 1843 /* 1844 * Go through the no longer used sockets, closing them. 1845 */ 1846 TAILQ_FOREACH(oldpg, &oldconf->conf_portal_groups, pg_next) { 1847 TAILQ_FOREACH(oldp, &oldpg->pg_portals, p_next) { 1848 if (oldp->p_socket <= 0) 1849 continue; 1850 log_debugx("closing socket for %s, portal-group \"%s\"", 1851 oldp->p_listen, oldpg->pg_name); 1852 close(oldp->p_socket); 1853 oldp->p_socket = 0; 1854 } 1855 } 1856 1857 /* (Re-)Register on remaining/new iSNS servers. */ 1858 TAILQ_FOREACH(newns, &newconf->conf_isns, i_next) { 1859 TAILQ_FOREACH(oldns, &oldconf->conf_isns, i_next) { 1860 if (strcmp(oldns->i_addr, newns->i_addr) == 0) 1861 break; 1862 } 1863 isns_register(newns, oldns); 1864 } 1865 1866 /* Schedule iSNS update */ 1867 if (!TAILQ_EMPTY(&newconf->conf_isns)) 1868 set_timeout((newconf->conf_isns_period + 2) / 3, false); 1869 1870 return (cumulated_error); 1871} 1872 1873bool 1874timed_out(void) 1875{ 1876 1877 return (sigalrm_received); 1878} 1879 1880static void 1881sigalrm_handler_fatal(int dummy __unused) 1882{ 1883 /* 1884 * It would be easiest to just log an error and exit. We can't 1885 * do this, though, because log_errx() is not signal safe, since 1886 * it calls syslog(3). Instead, set a flag checked by pdu_send() 1887 * and pdu_receive(), to call log_errx() there. Should they fail 1888 * to notice, we'll exit here one second later. 1889 */ 1890 if (sigalrm_received) { 1891 /* 1892 * Oh well. Just give up and quit. 1893 */ 1894 _exit(2); 1895 } 1896 1897 sigalrm_received = true; 1898} 1899 1900static void 1901sigalrm_handler(int dummy __unused) 1902{ 1903 1904 sigalrm_received = true; 1905} 1906 1907void 1908set_timeout(int timeout, int fatal) 1909{ 1910 struct sigaction sa; 1911 struct itimerval itv; 1912 int error; 1913 1914 if (timeout <= 0) { 1915 log_debugx("session timeout disabled"); 1916 bzero(&itv, sizeof(itv)); 1917 error = setitimer(ITIMER_REAL, &itv, NULL); 1918 if (error != 0) 1919 log_err(1, "setitimer"); 1920 sigalrm_received = false; 1921 return; 1922 } 1923 1924 sigalrm_received = false; 1925 bzero(&sa, sizeof(sa)); 1926 if (fatal) 1927 sa.sa_handler = sigalrm_handler_fatal; 1928 else 1929 sa.sa_handler = sigalrm_handler; 1930 sigfillset(&sa.sa_mask); 1931 error = sigaction(SIGALRM, &sa, NULL); 1932 if (error != 0) 1933 log_err(1, "sigaction"); 1934 1935 /* 1936 * First SIGALRM will arive after conf_timeout seconds. 1937 * If we do nothing, another one will arrive a second later. 1938 */ 1939 log_debugx("setting session timeout to %d seconds", timeout); 1940 bzero(&itv, sizeof(itv)); 1941 itv.it_interval.tv_sec = 1; 1942 itv.it_value.tv_sec = timeout; 1943 error = setitimer(ITIMER_REAL, &itv, NULL); 1944 if (error != 0) 1945 log_err(1, "setitimer"); 1946} 1947 1948static int 1949wait_for_children(bool block) 1950{ 1951 pid_t pid; 1952 int status; 1953 int num = 0; 1954 1955 for (;;) { 1956 /* 1957 * If "block" is true, wait for at least one process. 1958 */ 1959 if (block && num == 0) 1960 pid = wait4(-1, &status, 0, NULL); 1961 else 1962 pid = wait4(-1, &status, WNOHANG, NULL); 1963 if (pid <= 0) 1964 break; 1965 if (WIFSIGNALED(status)) { 1966 log_warnx("child process %d terminated with signal %d", 1967 pid, WTERMSIG(status)); 1968 } else if (WEXITSTATUS(status) != 0) { 1969 log_warnx("child process %d terminated with exit status %d", 1970 pid, WEXITSTATUS(status)); 1971 } else { 1972 log_debugx("child process %d terminated gracefully", pid); 1973 } 1974 num++; 1975 } 1976 1977 return (num); 1978} 1979 1980static void 1981handle_connection(struct portal *portal, int fd, 1982 const struct sockaddr *client_sa, bool dont_fork) 1983{ 1984 struct connection *conn; 1985 int error; 1986 pid_t pid; 1987 char host[NI_MAXHOST + 1]; 1988 struct conf *conf; 1989 1990 conf = portal->p_portal_group->pg_conf; 1991 1992 if (dont_fork) { 1993 log_debugx("incoming connection; not forking due to -d flag"); 1994 } else { 1995 nchildren -= wait_for_children(false); 1996 assert(nchildren >= 0); 1997 1998 while (conf->conf_maxproc > 0 && nchildren >= conf->conf_maxproc) { 1999 log_debugx("maxproc limit of %d child processes hit; " 2000 "waiting for child process to exit", conf->conf_maxproc); 2001 nchildren -= wait_for_children(true); 2002 assert(nchildren >= 0); 2003 } 2004 log_debugx("incoming connection; forking child process #%d", 2005 nchildren); 2006 nchildren++; 2007 pid = fork(); 2008 if (pid < 0) 2009 log_err(1, "fork"); 2010 if (pid > 0) { 2011 close(fd); 2012 return; 2013 } 2014 } 2015 pidfile_close(conf->conf_pidfh); 2016 2017 error = getnameinfo(client_sa, client_sa->sa_len, 2018 host, sizeof(host), NULL, 0, NI_NUMERICHOST); 2019 if (error != 0) 2020 log_errx(1, "getnameinfo: %s", gai_strerror(error)); 2021 2022 log_debugx("accepted connection from %s; portal group \"%s\"", 2023 host, portal->p_portal_group->pg_name); 2024 log_set_peer_addr(host); 2025 setproctitle("%s", host); 2026 2027 conn = connection_new(portal, fd, host, client_sa); 2028 set_timeout(conf->conf_timeout, true); 2029 kernel_capsicate(); 2030 login(conn); 2031 if (conn->conn_session_type == CONN_SESSION_TYPE_NORMAL) { 2032 kernel_handoff(conn); 2033 log_debugx("connection handed off to the kernel"); 2034 } else { 2035 assert(conn->conn_session_type == CONN_SESSION_TYPE_DISCOVERY); 2036 discovery(conn); 2037 } 2038 log_debugx("nothing more to do; exiting"); 2039 exit(0); 2040} 2041 2042static int 2043fd_add(int fd, fd_set *fdset, int nfds) 2044{ 2045 2046 /* 2047 * Skip sockets which we failed to bind. 2048 */ 2049 if (fd <= 0) 2050 return (nfds); 2051 2052 FD_SET(fd, fdset); 2053 if (fd > nfds) 2054 nfds = fd; 2055 return (nfds); 2056} 2057 2058static void 2059main_loop(struct conf *conf, bool dont_fork) 2060{ 2061 struct portal_group *pg; 2062 struct portal *portal; 2063 struct sockaddr_storage client_sa; 2064 socklen_t client_salen; 2065#ifdef ICL_KERNEL_PROXY 2066 int connection_id; 2067 int portal_id; 2068#endif 2069 fd_set fdset; 2070 int error, nfds, client_fd; 2071 2072 pidfile_write(conf->conf_pidfh); 2073 2074 for (;;) { 2075 if (sighup_received || sigterm_received || timed_out()) 2076 return; 2077 2078#ifdef ICL_KERNEL_PROXY 2079 if (proxy_mode) { 2080 client_salen = sizeof(client_sa); 2081 kernel_accept(&connection_id, &portal_id, 2082 (struct sockaddr *)&client_sa, &client_salen); 2083 assert(client_salen >= client_sa.ss_len); 2084 2085 log_debugx("incoming connection, id %d, portal id %d", 2086 connection_id, portal_id); 2087 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 2088 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 2089 if (portal->p_id == portal_id) { 2090 goto found; 2091 } 2092 } 2093 } 2094 2095 log_errx(1, "kernel returned invalid portal_id %d", 2096 portal_id); 2097 2098found: 2099 handle_connection(portal, connection_id, 2100 (struct sockaddr *)&client_sa, dont_fork); 2101 } else { 2102#endif 2103 assert(proxy_mode == false); 2104 2105 FD_ZERO(&fdset); 2106 nfds = 0; 2107 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 2108 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) 2109 nfds = fd_add(portal->p_socket, &fdset, nfds); 2110 } 2111 error = select(nfds + 1, &fdset, NULL, NULL, NULL); 2112 if (error <= 0) { 2113 if (errno == EINTR) 2114 return; 2115 log_err(1, "select"); 2116 } 2117 TAILQ_FOREACH(pg, &conf->conf_portal_groups, pg_next) { 2118 TAILQ_FOREACH(portal, &pg->pg_portals, p_next) { 2119 if (!FD_ISSET(portal->p_socket, &fdset)) 2120 continue; 2121 client_salen = sizeof(client_sa); 2122 client_fd = accept(portal->p_socket, 2123 (struct sockaddr *)&client_sa, 2124 &client_salen); 2125 if (client_fd < 0) 2126 log_err(1, "accept"); 2127 assert(client_salen >= client_sa.ss_len); 2128 2129 handle_connection(portal, client_fd, 2130 (struct sockaddr *)&client_sa, 2131 dont_fork); 2132 break; 2133 } 2134 } 2135#ifdef ICL_KERNEL_PROXY 2136 } 2137#endif 2138 } 2139} 2140 2141static void 2142sighup_handler(int dummy __unused) 2143{ 2144 2145 sighup_received = true; 2146} 2147 2148static void 2149sigterm_handler(int dummy __unused) 2150{ 2151 2152 sigterm_received = true; 2153} 2154 2155static void 2156sigchld_handler(int dummy __unused) 2157{ 2158 2159 /* 2160 * The only purpose of this handler is to make SIGCHLD 2161 * interrupt the ISCSIDWAIT ioctl(2), so we can call 2162 * wait_for_children(). 2163 */ 2164} 2165 2166static void 2167register_signals(void) 2168{ 2169 struct sigaction sa; 2170 int error; 2171 2172 bzero(&sa, sizeof(sa)); 2173 sa.sa_handler = sighup_handler; 2174 sigfillset(&sa.sa_mask); 2175 error = sigaction(SIGHUP, &sa, NULL); 2176 if (error != 0) 2177 log_err(1, "sigaction"); 2178 2179 sa.sa_handler = sigterm_handler; 2180 error = sigaction(SIGTERM, &sa, NULL); 2181 if (error != 0) 2182 log_err(1, "sigaction"); 2183 2184 sa.sa_handler = sigterm_handler; 2185 error = sigaction(SIGINT, &sa, NULL); 2186 if (error != 0) 2187 log_err(1, "sigaction"); 2188 2189 sa.sa_handler = sigchld_handler; 2190 error = sigaction(SIGCHLD, &sa, NULL); 2191 if (error != 0) 2192 log_err(1, "sigaction"); 2193} 2194 2195int 2196main(int argc, char **argv) 2197{ 2198 struct conf *oldconf, *newconf, *tmpconf; 2199 struct isns *newns; 2200 const char *config_path = DEFAULT_CONFIG_PATH; 2201 int debug = 0, ch, error; 2202 bool dont_daemonize = false; 2203 2204 while ((ch = getopt(argc, argv, "df:R")) != -1) { 2205 switch (ch) { 2206 case 'd': 2207 dont_daemonize = true; 2208 debug++; 2209 break; 2210 case 'f': 2211 config_path = optarg; 2212 break; 2213 case 'R': 2214#ifndef ICL_KERNEL_PROXY 2215 log_errx(1, "ctld(8) compiled without ICL_KERNEL_PROXY " 2216 "does not support iSER protocol"); 2217#endif 2218 proxy_mode = true; 2219 break; 2220 case '?': 2221 default: 2222 usage(); 2223 } 2224 } 2225 argc -= optind; 2226 if (argc != 0) 2227 usage(); 2228 2229 log_init(debug); 2230 kernel_init(); 2231 2232 oldconf = conf_new_from_kernel(); 2233 newconf = conf_new_from_file(config_path); 2234 if (newconf == NULL) 2235 log_errx(1, "configuration error; exiting"); 2236 if (debug > 0) { 2237 oldconf->conf_debug = debug; 2238 newconf->conf_debug = debug; 2239 } 2240 2241 error = conf_apply(oldconf, newconf); 2242 if (error != 0) 2243 log_errx(1, "failed to apply configuration; exiting"); 2244 2245 conf_delete(oldconf); 2246 oldconf = NULL; 2247 2248 register_signals(); 2249 2250 if (dont_daemonize == false) { 2251 log_debugx("daemonizing"); 2252 if (daemon(0, 0) == -1) { 2253 log_warn("cannot daemonize"); 2254 pidfile_remove(newconf->conf_pidfh); 2255 exit(1); 2256 } 2257 } 2258 2259 /* Schedule iSNS update */ 2260 if (!TAILQ_EMPTY(&newconf->conf_isns)) 2261 set_timeout((newconf->conf_isns_period + 2) / 3, false); 2262 2263 for (;;) { 2264 main_loop(newconf, dont_daemonize); 2265 if (sighup_received) { 2266 sighup_received = false; 2267 log_debugx("received SIGHUP, reloading configuration"); 2268 tmpconf = conf_new_from_file(config_path); 2269 if (tmpconf == NULL) { 2270 log_warnx("configuration error, " 2271 "continuing with old configuration"); 2272 } else { 2273 if (debug > 0) 2274 tmpconf->conf_debug = debug; 2275 oldconf = newconf; 2276 newconf = tmpconf; 2277 error = conf_apply(oldconf, newconf); 2278 if (error != 0) 2279 log_warnx("failed to reload " 2280 "configuration"); 2281 conf_delete(oldconf); 2282 oldconf = NULL; 2283 } 2284 } else if (sigterm_received) { 2285 log_debugx("exiting on signal; " 2286 "reloading empty configuration"); 2287 2288 log_debugx("disabling CTL iSCSI port " 2289 "and terminating all connections"); 2290 2291 oldconf = newconf; 2292 newconf = conf_new(); 2293 if (debug > 0) 2294 newconf->conf_debug = debug; 2295 error = conf_apply(oldconf, newconf); 2296 if (error != 0) 2297 log_warnx("failed to apply configuration"); 2298 conf_delete(oldconf); 2299 oldconf = NULL; 2300 2301 log_warnx("exiting on signal"); 2302 exit(0); 2303 } else { 2304 nchildren -= wait_for_children(false); 2305 assert(nchildren >= 0); 2306 if (timed_out()) { 2307 set_timeout(0, false); 2308 TAILQ_FOREACH(newns, &newconf->conf_isns, i_next) 2309 isns_check(newns); 2310 /* Schedule iSNS update */ 2311 if (!TAILQ_EMPTY(&newconf->conf_isns)) { 2312 set_timeout((newconf->conf_isns_period 2313 + 2) / 3, 2314 false); 2315 } 2316 } 2317 } 2318 } 2319 /* NOTREACHED */ 2320} 2321