From nobody Fri Apr 11 14:03:56 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZYz1m6pvtz5s4Bh;
	Fri, 11 Apr 2025 14:03:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ZYz1m3TYFz43B1;
	Fri, 11 Apr 2025 14:03:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1744380236;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=dDyJ6gs+jz96c99SdpfHmMuYKW0zFDg3tluJPyNJ4a8=;
	b=Mt4da7I5lSefuhTdOscSPY6dbrKlos1l1wm2Y02v/ANfkZLT/+C7YMHGN7oBoOKnDWpcwA
	TYveQwyASsGpofrFrDbjCilJEJcG+Pe+Dk9/6GU9WclRcvPNVISzENfL6ce0eFoteO+fyA
	NbR2cnHHXHfkxSdWaVigkXXI9leYJ2gub99VqnwDyIFiJmWpCSUOjr99V+zlBE5id4n0o2
	XeeSWRbJGcC34JQc1RQjcHdedIPE07GrtiZIClMkzILwlfqB2/bBBz4CEoT8S91xmthXZl
	O/7OFYrZ98H181zU+O2E+wr2+ZTsBcFVcu3geK/WOaradUsEQEHc7dSXrfFNIg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1744380236; a=rsa-sha256; cv=none;
	b=L9G+vXqNybSaezh5wYJABXez/FcJhpv2YNGCzqEoehuW82Bzrzd8xXPBwqpnqhONoIEqYl
	EokKP6Qj6YN5FLGnFAHvhAO1MlWm6VEjys8/+ZXybN+lWCx4NgQTr7v2EV74kAC/b+F67/
	zTBZsbLLWn4m0Ra3vPeBN7zx7o36b/q5DSIcJ7iPTPtVdnYzA52TVallAtCEpma67jFPsT
	YrvpKDvja87J4/CInyd5rLfraofAaT8n9tBoNNQYxzSs3wB0UZ9SWvVhqv8QjgMYz/PNM2
	/51Be7W/gQL/hL+eDDAzUFXA5k0UeYaB4SVHQkkwce7VPczqElkOdqUqBHcS5w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1744380236;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=dDyJ6gs+jz96c99SdpfHmMuYKW0zFDg3tluJPyNJ4a8=;
	b=x6HD34+5pBMkq9UqHKeK8q9TOU889uJt7rAO2Q+A7uBNx6pcPcLQcmYOsmswvsnPiIP1iS
	UfFFYDrqgmkKh0st4zCnoU+m+/iKv7kr753NOzBBp9j9h+Gc0iclQNJcVDvsxcoUthFFB0
	2eGxryJ4mWAdDSUG6fNDbJHDcwWbM+bj4q7szhPMYJYki6eIvOXFioO355K9amk/PUA7qG
	4nXigKvO3ju0+oOO68JQjzCUSV+RWAvWYshopuACqD9ehAFnkRvAtq3JB/czICvhZ7sdLl
	VCAjxqZx/mUcc/dHqoZwaNc77pxTuhWltoL0l6DDsjSBeNTUWgFwdCboiRSUiA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZYz1m2qK5zcMl;
	Fri, 11 Apr 2025 14:03:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 53BE3uE3053573;
	Fri, 11 Apr 2025 14:03:56 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 53BE3u3f053570;
	Fri, 11 Apr 2025 14:03:56 GMT
	(envelope-from git)
Date: Fri, 11 Apr 2025 14:03:56 GMT
Message-Id: <202504111403.53BE3u3f053570@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 2736dc8c28a3 - main - ctld: Add a label string to
  auth_groups
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 2736dc8c28a33ba911fd59f87b587a3d9722e975
Auto-Submitted: auto-generated

The branch main has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=2736dc8c28a33ba911fd59f87b587a3d9722e975

commit 2736dc8c28a33ba911fd59f87b587a3d9722e975
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2025-04-11 14:00:14 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2025-04-11 14:00:14 +0000

    ctld: Add a label string to auth_groups
    
    This holds the abstract name of an auth-group for use in warning
    messages.  For anonymous groups associated with a target, the label
    includes the target name.
    
    Abstracting this out removes a lot of code duplication of
    nearly-identical warning messages.
    
    Sponsored by:   Chelsio Communications
    Differential Revision:  https://reviews.freebsd.org/D49643
---
 usr.sbin/ctld/conf.cc | 33 +++++---------------
 usr.sbin/ctld/ctld.cc | 85 +++++++++++++++++++++++----------------------------
 usr.sbin/ctld/ctld.h  |  4 ++-
 3 files changed, 50 insertions(+), 72 deletions(-)

diff --git a/usr.sbin/ctld/conf.cc b/usr.sbin/ctld/conf.cc
index ac82d06ad8fa..e86b44ee5004 100644
--- a/usr.sbin/ctld/conf.cc
+++ b/usr.sbin/ctld/conf.cc
@@ -126,25 +126,13 @@ _auth_group_set_type(struct auth_group *ag, const char *str)
 	} else if (strcmp(str, "chap-mutual") == 0) {
 		type = AG_TYPE_CHAP_MUTUAL;
 	} else {
-		if (ag->ag_name != NULL)
-			log_warnx("invalid auth-type \"%s\" for auth-group "
-			    "\"%s\"", str, ag->ag_name);
-		else
-			log_warnx("invalid auth-type \"%s\" for target "
-			    "\"%s\"", str, ag->ag_target->t_name);
+		log_warnx("invalid auth-type \"%s\" for %s", str, ag->ag_label);
 		return (false);
 	}
 
 	if (ag->ag_type != AG_TYPE_UNKNOWN && ag->ag_type != type) {
-		if (ag->ag_name != NULL) {
-			log_warnx("cannot set auth-type to \"%s\" for "
-			    "auth-group \"%s\"; already has a different "
-			    "type", str, ag->ag_name);
-		} else {
-			log_warnx("cannot set auth-type to \"%s\" for target "
-			    "\"%s\"; already has a different type",
-			    str, ag->ag_target->t_name);
-		}
+		log_warnx("cannot set auth-type to \"%s\" for %s; "
+		    "already has a different type", str, ag->ag_label);
 		return (false);
 	}
 
@@ -531,10 +519,9 @@ target_add_chap(const char *user, const char *secret)
 			return (false);
 		}
 	} else {
-		target->t_auth_group = auth_group_new(conf, NULL);
+		target->t_auth_group = auth_group_new(conf, target);
 		if (target->t_auth_group == NULL)
 			return (false);
-		target->t_auth_group->ag_target = target;
 	}
 	return (auth_new_chap(target->t_auth_group, user, secret));
 }
@@ -550,10 +537,9 @@ target_add_chap_mutual(const char *user, const char *secret,
 			return (false);
 		}
 	} else {
-		target->t_auth_group = auth_group_new(conf, NULL);
+		target->t_auth_group = auth_group_new(conf, target);
 		if (target->t_auth_group == NULL)
 			return (false);
-		target->t_auth_group->ag_target = target;
 	}
 	return (auth_new_chap_mutual(target->t_auth_group, user, secret, user2,
 	    secret2));
@@ -569,10 +555,9 @@ target_add_initiator_name(const char *name)
 			return (false);
 		}
 	} else {
-		target->t_auth_group = auth_group_new(conf, NULL);
+		target->t_auth_group = auth_group_new(conf, target);
 		if (target->t_auth_group == NULL)
 			return (false);
-		target->t_auth_group->ag_target = target;
 	}
 	return (auth_name_new(target->t_auth_group, name));
 }
@@ -588,10 +573,9 @@ target_add_initiator_portal(const char *addr)
 			return (false);
 		}
 	} else {
-		target->t_auth_group = auth_group_new(conf, NULL);
+		target->t_auth_group = auth_group_new(conf, target);
 		if (target->t_auth_group == NULL)
 			return (false);
-		target->t_auth_group->ag_target = target;
 	}
 	return (auth_portal_new(target->t_auth_group, addr));
 }
@@ -701,10 +685,9 @@ target_set_auth_type(const char *type)
 			return (false);
 		}
 	} else {
-		target->t_auth_group = auth_group_new(conf, NULL);
+		target->t_auth_group = auth_group_new(conf, target);
 		if (target->t_auth_group == NULL)
 			return (false);
-		target->t_auth_group->ag_target = target;
 	}
 	return (_auth_group_set_type(target->t_auth_group, type));
 }
diff --git a/usr.sbin/ctld/ctld.cc b/usr.sbin/ctld/ctld.cc
index 6cb15283503a..6360a88e5c97 100644
--- a/usr.sbin/ctld/ctld.cc
+++ b/usr.sbin/ctld/ctld.cc
@@ -189,24 +189,14 @@ auth_check_secret_length(const struct auth_group *ag, const char *user,
 
 	len = strlen(secret);
 	if (len > 16) {
-		if (ag->ag_name != NULL)
-			log_warnx("%s for user \"%s\", auth-group \"%s\", "
-			    "is too long; it should be at most 16 characters "
-			    "long", secret_type, user, ag->ag_name);
-		else
-			log_warnx("%s for user \"%s\", target \"%s\", "
-			    "is too long; it should be at most 16 characters "
-			    "long", secret_type, user, ag->ag_target->t_name);
+		log_warnx("%s for user \"%s\", %s, is too long; it should be "
+		    "at most 16 characters long", secret_type, user,
+		    ag->ag_label);
 	}
 	if (len < 12) {
-		if (ag->ag_name != NULL)
-			log_warnx("%s for user \"%s\", auth-group \"%s\", "
-			    "is too short; it should be at least 12 characters "
-			    "long", secret_type, user, ag->ag_name);
-		else
-			log_warnx("%s for user \"%s\", target \"%s\", "
-			    "is too short; it should be at least 12 characters "
-			    "long", secret_type, user, ag->ag_target->t_name);
+		log_warnx("%s for user \"%s\", %s, is too short; it should be "
+		    "at least 12 characters long", secret_type, user,
+		    ag->ag_label);
 	}
 }
 
@@ -219,13 +209,8 @@ auth_new_chap(struct auth_group *ag, const char *user,
 	if (ag->ag_type == AG_TYPE_UNKNOWN)
 		ag->ag_type = AG_TYPE_CHAP;
 	if (ag->ag_type != AG_TYPE_CHAP) {
-		if (ag->ag_name != NULL)
-			log_warnx("cannot mix \"chap\" authentication with "
-			    "other types for auth-group \"%s\"", ag->ag_name);
-		else
-			log_warnx("cannot mix \"chap\" authentication with "
-			    "other types for target \"%s\"",
-			    ag->ag_target->t_name);
+		log_warnx("cannot mix \"chap\" authentication with "
+		    "other types for %s", ag->ag_label);
 		return (false);
 	}
 
@@ -247,14 +232,8 @@ auth_new_chap_mutual(struct auth_group *ag, const char *user,
 	if (ag->ag_type == AG_TYPE_UNKNOWN)
 		ag->ag_type = AG_TYPE_CHAP_MUTUAL;
 	if (ag->ag_type != AG_TYPE_CHAP_MUTUAL) {
-		if (ag->ag_name != NULL)
-			log_warnx("cannot mix \"chap-mutual\" authentication "
-			    "with other types for auth-group \"%s\"",
-			    ag->ag_name);
-		else
-			log_warnx("cannot mix \"chap-mutual\" authentication "
-			    "with other types for target \"%s\"",
-			    ag->ag_target->t_name);
+		log_warnx("cannot mix \"chap-mutual\" authentication "
+		    "with other types for %s", ag->ag_label);
 		return (false);
 	}
 
@@ -453,24 +432,17 @@ auth_portal_check(const struct auth_group *ag, const struct sockaddr_storage *sa
 	return (true);
 }
 
-struct auth_group *
-auth_group_new(struct conf *conf, const char *name)
+static struct auth_group *
+auth_group_create(struct conf *conf, const char *name, char *label)
 {
 	struct auth_group *ag;
 
-	if (name != NULL) {
-		ag = auth_group_find(conf, name);
-		if (ag != NULL) {
-			log_warnx("duplicated auth-group \"%s\"", name);
-			return (NULL);
-		}
-	}
-
 	ag = reinterpret_cast<struct auth_group *>(calloc(1, sizeof(*ag)));
 	if (ag == NULL)
 		log_err(1, "calloc");
 	if (name != NULL)
 		ag->ag_name = checked_strdup(name);
+	ag->ag_label = label;
 	TAILQ_INIT(&ag->ag_auths);
 	TAILQ_INIT(&ag->ag_names);
 	TAILQ_INIT(&ag->ag_portals);
@@ -480,6 +452,31 @@ auth_group_new(struct conf *conf, const char *name)
 	return (ag);
 }
 
+struct auth_group *
+auth_group_new(struct conf *conf, const char *name)
+{
+	struct auth_group *ag;
+	char *label;
+
+	ag = auth_group_find(conf, name);
+	if (ag != NULL) {
+		log_warnx("duplicated auth-group \"%s\"", name);
+		return (NULL);
+	}
+
+	asprintf(&label, "auth-group \"%s\"", name);
+	return (auth_group_create(conf, name, label));
+}
+
+struct auth_group *
+auth_group_new(struct conf *conf, struct target *target)
+{
+	char *label;
+
+	asprintf(&label, "target \"%s\"", target->t_name);
+	return (auth_group_create(conf, NULL, label));
+}
+
 void
 auth_group_delete(struct auth_group *ag)
 {
@@ -496,6 +493,7 @@ auth_group_delete(struct auth_group *ag)
 	TAILQ_FOREACH_SAFE(auth_portal, &ag->ag_portals, ap_next,
 	    auth_portal_tmp)
 		auth_portal_delete(auth_portal);
+	free(ag->ag_label);
 	free(ag->ag_name);
 	free(ag);
 }
@@ -1540,11 +1538,6 @@ conf_verify(struct conf *conf)
 		}
 	}
 	TAILQ_FOREACH(ag, &conf->conf_auth_groups, ag_next) {
-		if (ag->ag_name == NULL)
-			assert(ag->ag_target != NULL);
-		else
-			assert(ag->ag_target == NULL);
-
 		found = false;
 		TAILQ_FOREACH(targ, &conf->conf_targets, t_next) {
 			if (targ->t_auth_group == ag) {
diff --git a/usr.sbin/ctld/ctld.h b/usr.sbin/ctld/ctld.h
index c76708daafe5..2cc9139fed1d 100644
--- a/usr.sbin/ctld/ctld.h
+++ b/usr.sbin/ctld/ctld.h
@@ -82,7 +82,7 @@ struct auth_group {
 	TAILQ_ENTRY(auth_group)		ag_next;
 	struct conf			*ag_conf;
 	char				*ag_name;
-	struct target			*ag_target;
+	char				*ag_label;
 	int				ag_type;
 	TAILQ_HEAD(, auth)		ag_auths;
 	TAILQ_HEAD(, auth_name)		ag_names;
@@ -257,6 +257,8 @@ void			conf_start(struct conf *new_conf);
 bool			conf_verify(struct conf *conf);
 
 struct auth_group	*auth_group_new(struct conf *conf, const char *name);
+struct auth_group	*auth_group_new(struct conf *conf,
+			    struct target *target);
 void			auth_group_delete(struct auth_group *ag);
 struct auth_group	*auth_group_find(const struct conf *conf,
 			    const char *name);