git: e28b758b35d0 - main - ctld: Be more consistent for auth parameters in the UCL config
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 26 Feb 2025 15:15:50 UTC
The branch main has been updated by jhb:
URL: https://cgit.FreeBSD.org/src/commit/?id=e28b758b35d0f80b38c295587271ec9588040077
commit e28b758b35d0f80b38c295587271ec9588040077
Author: John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2025-02-26 15:11:30 +0000
Commit: John Baldwin <jhb@FreeBSD.org>
CommitDate: 2025-02-26 15:11:30 +0000
ctld: Be more consistent for auth parameters in the UCL config
The auth-group context required an array of entries for "chap",
"chap-mutual", "initiator-name", and "initiator-portal" whereas the
target context required exactly one entry (and only permitted a single
entry).
Allow either a single entry or an array of entries for these keywords
in both the auth-group and target contexts.
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D48935
---
usr.sbin/ctld/uclparse.c | 163 +++++++++++++++++++++++++++++++++++------------
1 file changed, 121 insertions(+), 42 deletions(-)
diff --git a/usr.sbin/ctld/uclparse.c b/usr.sbin/ctld/uclparse.c
index 2dc4872bee84..e8e026247b71 100644
--- a/usr.sbin/ctld/uclparse.c
+++ b/usr.sbin/ctld/uclparse.c
@@ -420,66 +420,90 @@ uclparse_auth_group(const char *name, const ucl_object_t *top)
}
if (strcmp(key, "chap") == 0) {
- if (obj->type != UCL_ARRAY) {
- log_warnx("\"chap\" property of "
- "auth-group \"%s\" is not an array",
+ if (obj->type == UCL_OBJECT) {
+ if (!uclparse_chap(name, obj))
+ goto fail;
+ } else if (obj->type == UCL_ARRAY) {
+ it2 = NULL;
+ while ((tmp = ucl_iterate_object(obj, &it2,
+ true))) {
+ if (!uclparse_chap(name, tmp))
+ goto fail;
+ }
+ } else {
+ log_warnx("\"chap\" property of auth-group "
+ "\"%s\" is not an array or object",
name);
goto fail;
}
-
- it2 = NULL;
- while ((tmp = ucl_iterate_object(obj, &it2, true))) {
- if (!uclparse_chap(name, tmp))
- goto fail;
- }
}
if (strcmp(key, "chap-mutual") == 0) {
- if (obj->type != UCL_ARRAY) {
+ if (obj->type == UCL_OBJECT) {
+ if (!uclparse_chap_mutual(name, obj))
+ goto fail;
+ } else if (obj->type == UCL_ARRAY) {
+ it2 = NULL;
+ while ((tmp = ucl_iterate_object(obj, &it2,
+ true))) {
+ if (!uclparse_chap_mutual(name, tmp))
+ goto fail;
+ }
+ } else {
log_warnx("\"chap-mutual\" property of "
- "auth-group \"%s\" is not an array",
+ "auth-group \"%s\" is not an array or object",
name);
goto fail;
}
-
- it2 = NULL;
- while ((tmp = ucl_iterate_object(obj, &it2, true))) {
- if (!uclparse_chap_mutual(name, tmp))
- goto fail;
- }
}
if (strcmp(key, "initiator-name") == 0) {
- if (obj->type != UCL_ARRAY) {
- log_warnx("\"initiator-name\" property of "
- "auth-group \"%s\" is not an array",
- name);
- goto fail;
- }
-
- it2 = NULL;
- while ((tmp = ucl_iterate_object(obj, &it2, true))) {
- const char *value = ucl_object_tostring(tmp);
+ if (obj->type == UCL_STRING) {
+ const char *value = ucl_object_tostring(obj);
if (!auth_group_add_initiator_name(value))
goto fail;
- }
- }
+ } else if (obj->type == UCL_ARRAY) {
+ it2 = NULL;
+ while ((tmp = ucl_iterate_object(obj, &it2,
+ true))) {
+ const char *value =
+ ucl_object_tostring(tmp);
- if (strcmp(key, "initiator-portal") == 0) {
- if (obj->type != UCL_ARRAY) {
- log_warnx("\"initiator-portal\" property of "
- "auth-group \"%s\" is not an array",
+ if (!auth_group_add_initiator_name(
+ value))
+ goto fail;
+ }
+ } else {
+ log_warnx("\"initiator-name\" property of "
+ "auth-group \"%s\" is not an array or string",
name);
goto fail;
}
+ }
- it2 = NULL;
- while ((tmp = ucl_iterate_object(obj, &it2, true))) {
- const char *value = ucl_object_tostring(tmp);
+ if (strcmp(key, "initiator-portal") == 0) {
+ if (obj->type == UCL_STRING) {
+ const char *value = ucl_object_tostring(obj);
if (!auth_group_add_initiator_portal(value))
goto fail;
+ } else if (obj->type == UCL_ARRAY) {
+ it2 = NULL;
+ while ((tmp = ucl_iterate_object(obj, &it2,
+ true))) {
+ const char *value =
+ ucl_object_tostring(tmp);
+
+ if (!auth_group_add_initiator_portal(
+ value))
+ goto fail;
+ }
+ } else {
+ log_warnx("\"initiator-portal\" property of "
+ "auth-group \"%s\" is not an array or string",
+ name);
+ goto fail;
}
}
}
@@ -746,25 +770,80 @@ uclparse_target(const char *name, const ucl_object_t *top)
}
if (strcmp(key, "chap") == 0) {
- if (!uclparse_target_chap(name, obj))
+ if (obj->type == UCL_OBJECT) {
+ if (!uclparse_target_chap(name, obj))
+ goto fail;
+ } else if (obj->type == UCL_ARRAY) {
+ while ((tmp = ucl_iterate_object(obj, &it2,
+ true))) {
+ if (!uclparse_target_chap(name, tmp))
+ goto fail;
+ }
+ } else {
+ log_warnx("\"chap\" property of target "
+ "\"%s\" is not an array or object",
+ name);
goto fail;
+ }
}
if (strcmp(key, "chap-mutual") == 0) {
- if (!uclparse_target_chap_mutual(name, obj))
+ if (obj->type == UCL_OBJECT) {
+ if (!uclparse_target_chap_mutual(name, obj))
+ goto fail;
+ } else if (obj->type == UCL_ARRAY) {
+ while ((tmp = ucl_iterate_object(obj, &it2,
+ true))) {
+ if (!uclparse_target_chap_mutual(name,
+ tmp))
+ goto fail;
+ }
+ } else {
+ log_warnx("\"chap-mutual\" property of target "
+ "\"%s\" is not an array or object",
+ name);
goto fail;
+ }
}
if (strcmp(key, "initiator-name") == 0) {
- if (!target_add_initiator_name(
- ucl_object_tostring(obj)))
+ if (obj->type == UCL_STRING) {
+ if (!target_add_initiator_name(
+ ucl_object_tostring(obj)))
+ goto fail;
+ } else if (obj->type == UCL_ARRAY) {
+ while ((tmp = ucl_iterate_object(obj, &it2,
+ true))) {
+ if (!target_add_initiator_name(
+ ucl_object_tostring(tmp)))
+ goto fail;
+ }
+ } else {
+ log_warnx("\"initiator-name\" property of "
+ "target \"%s\" is not an array or string",
+ name);
goto fail;
+ }
}
if (strcmp(key, "initiator-portal") == 0) {
- if (!target_add_initiator_portal(
- ucl_object_tostring(obj)))
+ if (obj->type == UCL_STRING) {
+ if (!target_add_initiator_portal(
+ ucl_object_tostring(obj)))
+ goto fail;
+ } else if (obj->type == UCL_ARRAY) {
+ while ((tmp = ucl_iterate_object(obj, &it2,
+ true))) {
+ if (!target_add_initiator_portal(
+ ucl_object_tostring(tmp)))
+ goto fail;
+ }
+ } else {
+ log_warnx("\"initiator-portal\" property of "
+ "target \"%s\" is not an array or string",
+ name);
goto fail;
+ }
}
if (strcmp(key, "portal-group") == 0) {