4 * Copyright (C) 2007 Olaf Kirch <olaf.kirch@oracle.com>
20 static isns_client_t
*
21 __isns_create_default_client(isns_socket_t
*sock
, isns_security_t
*ctx
,
22 const char *source_name
)
26 clnt
= isns_calloc(1, sizeof(*clnt
));
29 source_name
= isns_config
.ic_source_name
;
31 clnt
->ic_source
= isns_source_create_iscsi(source_name
);
32 clnt
->ic_socket
= sock
;
34 isns_socket_set_security_ctx(clnt
->ic_socket
, ctx
);
40 isns_create_client(isns_security_t
*ctx
, const char *source_name
)
43 const char *server_name
;
45 server_name
= isns_config
.ic_server_name
;
46 if (!strcasecmp(server_name
, "SLP:")
47 && !(server_name
= isns_slp_find())) {
48 isns_error("Unable to locate iSNS server through SLP\n");
52 sock
= isns_create_bound_client_socket(
53 isns_config
.ic_bind_address
,
55 "isns", 0, SOCK_STREAM
);
57 isns_error("Unable to create socket for host \"%s\"\n",
58 isns_config
.ic_server_name
);
62 return __isns_create_default_client(sock
,
63 ctx
? : isns_default_security_context(0),
68 isns_create_default_client(isns_security_t
*ctx
)
70 return isns_create_client(ctx
, isns_config
.ic_source_name
);
74 isns_create_local_client(isns_security_t
*ctx
, const char *source_name
)
78 if (isns_config
.ic_control_socket
== NULL
)
79 isns_fatal("Cannot use local mode: no local control socket\n");
81 sock
= isns_create_client_socket(isns_config
.ic_control_socket
,
82 NULL
, 0, SOCK_STREAM
);
84 isns_error("Unable to create control socket (%s)\n",
85 isns_config
.ic_control_socket
);
89 return __isns_create_default_client(sock
, ctx
, source_name
);
93 isns_client_call(isns_client_t
*clnt
,
94 isns_simple_t
**inout
)
96 return isns_simple_call(clnt
->ic_socket
, inout
);
100 isns_client_destroy(isns_client_t
*clnt
)
103 isns_socket_free(clnt
->ic_socket
);
105 isns_source_release(clnt
->ic_source
);
110 * Get the local address
113 isns_client_get_local_address(const isns_client_t
*clnt
,
114 isns_portal_info_t
*portal_info
)
116 return isns_socket_get_portal_info(clnt
->ic_socket
, portal_info
);
120 * Create a security context
122 static isns_security_t
*
123 __create_security_context(const char *name
, const char *auth_key
,
124 const char *server_key
)
127 isns_security_t
*ctx
;
128 isns_principal_t
*princ
;
129 #endif /* WITH_SECURITY */
131 if (!isns_config
.ic_security
)
134 #ifndef WITH_SECURITY
135 isns_error("Cannot create security context: security disabled at build time\n");
137 #else /* WITH_SECURITY */
138 ctx
= isns_create_dsa_context();
140 isns_fatal("Unable to create security context\n");
142 /* Load my own key */
143 princ
= isns_security_load_privkey(ctx
, auth_key
);
145 isns_fatal("Unable to load private key from %s\n",
148 isns_principal_set_name(princ
, name
);
149 isns_security_set_identity(ctx
, princ
);
152 /* We're a client, and we want to load the
153 * server's public key in order to authenticate
154 * the server's responses.
156 princ
= isns_security_load_pubkey(ctx
, server_key
);
158 isns_fatal("Unable to load public key from %s\n",
161 /* Do *not* set a name for this principal -
162 * this will be the default principal used when
163 * verifying the server's reply, which is a good thing
164 * because we don't know what SPI the server will
166 isns_add_principal(ctx
, princ
);
168 /* But set a policy for the server which allows it
169 to send ESI and SCN messages */
170 isns_principal_set_policy(princ
, isns_policy_server());
174 #endif /* WITH_SECURITY */
178 * Create the default security context
181 isns_default_security_context(int server_only
)
183 static isns_security_t
*ctx
;
186 ctx
= __create_security_context(isns_config
.ic_auth_name
,
187 isns_config
.ic_auth_key_file
,
188 server_only
? NULL
: isns_config
.ic_server_key_file
);
193 * Create the control security context
196 isns_control_security_context(int server_only
)
198 static isns_security_t
*ctx
;
201 ctx
= __create_security_context(isns_config
.ic_control_name
,
202 isns_config
.ic_control_key_file
,
203 server_only
? NULL
: isns_config
.ic_server_key_file
);