utils/open-isns/client.c

   1 /*
   2  * Client functions
   3  *
   4  * Copyright (C) 2007 Olaf Kirch <olaf.kirch@oracle.com>
   5  */
   6
   7 #include <getopt.h>
   8 #include <stdlib.h>
   9 #include <stdio.h>
  10 #include <string.h>
  11 #include <signal.h>
  12 #include <unistd.h>
  13
  14 #include <isns.h>
  15 #include "security.h"
  16 #include "util.h"
  17 #include "internal.h"
  18 #include "config.h"
  19
  20 static isns_client_t *
  21 __isns_create_default_client(isns_socket_t *sock, isns_security_t *ctx,
  22                 const char *source_name)
  23 {
  24         isns_client_t   *clnt;
  25
  26         clnt = isns_calloc(1, sizeof(*clnt));
  27
  28         if (!source_name)
  29                 source_name = isns_config.ic_source_name;
  30
  31         clnt->ic_source = isns_source_create_iscsi(source_name);
  32         clnt->ic_socket = sock;
  33
  34         isns_socket_set_security_ctx(clnt->ic_socket, ctx);
  35
  36         return clnt;
  37 }
  38
  39 isns_client_t *
  40 isns_create_client(isns_security_t *ctx, const char *source_name)
  41 {
  42         isns_socket_t   *sock;
  43         const char      *server_name;
  44
  45         server_name = isns_config.ic_server_name;
  46         if (!strcasecmp(server_name, "SLP:")
  47          && !(server_name = isns_slp_find())) {
  48                 isns_error("Unable to locate iSNS server through SLP\n");
  49                 return NULL;
  50         }
  51
  52         sock = isns_create_bound_client_socket(
  53                         isns_config.ic_bind_address,
  54                         server_name,
  55                         "isns", 0, SOCK_STREAM);
  56         if (sock == NULL) {
  57                 isns_error("Unable to create socket for host \"%s\"\n",
  58                         isns_config.ic_server_name);
  59                 return NULL;
  60         }
  61
  62         return __isns_create_default_client(sock,
  63                         ctx? : isns_default_security_context(0),
  64                         source_name);
  65 }
  66
  67 isns_client_t *
  68 isns_create_default_client(isns_security_t *ctx)
  69 {
  70         return isns_create_client(ctx, isns_config.ic_source_name);
  71 }
  72
  73 isns_client_t *
  74 isns_create_local_client(isns_security_t *ctx, const char *source_name)
  75 {
  76         isns_socket_t   *sock;
  77
  78         if (isns_config.ic_control_socket == NULL)
  79                 isns_fatal("Cannot use local mode: no local control socket\n");
  80
  81         sock = isns_create_client_socket(isns_config.ic_control_socket,
  82                         NULL, 0, SOCK_STREAM);
  83         if (sock == NULL) {
  84                 isns_error("Unable to create control socket (%s)\n",
  85                         isns_config.ic_control_socket);
  86                 return NULL;
  87         }
  88
  89         return __isns_create_default_client(sock, ctx, source_name);
  90 }
  91
  92 int
  93 isns_client_call(isns_client_t *clnt,
  94                 isns_simple_t **inout)
  95 {
  96         return isns_simple_call(clnt->ic_socket, inout);
  97 }
  98
  99 void
 100 isns_client_destroy(isns_client_t *clnt)
 101 {
 102         if (clnt->ic_socket)
 103                 isns_socket_free(clnt->ic_socket);
 104         if (clnt->ic_source)
 105                 isns_source_release(clnt->ic_source);
 106         isns_free(clnt);
 107 }
 108
 109 /*
 110  * Get the local address
 111  */
 112 int
 113 isns_client_get_local_address(const isns_client_t *clnt,
 114                                 isns_portal_info_t *portal_info)
 115 {
 116         return isns_socket_get_portal_info(clnt->ic_socket, portal_info);
 117 }
 118
 119 /*
 120  * Create a security context
 121  */
 122 static isns_security_t *
 123 __create_security_context(const char *name, const char *auth_key,
 124                 const char *server_key)
 125 {
 126 #ifdef WITH_SECURITY
 127         isns_security_t         *ctx;
 128         isns_principal_t        *princ;
 129 #endif /* WITH_SECURITY */
 130
 131         if (!isns_config.ic_security)
 132                 return NULL;
 133
 134 #ifndef WITH_SECURITY
 135         isns_error("Cannot create security context: security disabled at build time\n");
 136         return NULL;
 137 #else /* WITH_SECURITY */
 138         ctx = isns_create_dsa_context();
 139         if (ctx == NULL)
 140                 isns_fatal("Unable to create security context\n");
 141
 142         /* Load my own key */
 143         princ = isns_security_load_privkey(ctx, auth_key);
 144         if (!princ)
 145                 isns_fatal("Unable to load private key from %s\n",
 146                                 auth_key);
 147
 148         isns_principal_set_name(princ, name);
 149         isns_security_set_identity(ctx, princ);
 150
 151         if (server_key) {
 152                 /* We're a client, and we want to load the
 153                  * server's public key in order to authenticate
 154                  * the server's responses.
 155                  */
 156                 princ = isns_security_load_pubkey(ctx, server_key);
 157                 if (!princ)
 158                         isns_fatal("Unable to load public key from %s\n",
 159                                         server_key);
 160
 161                 /* Do *not* set a name for this principal -
 162                  * this will be the default principal used when
 163                  * verifying the server's reply, which is a good thing
 164                  * because we don't know what SPI the server will
 165                  * be using. */
 166                 isns_add_principal(ctx, princ);
 167
 168                 /* But set a policy for the server which allows it
 169                    to send ESI and SCN messages */
 170                 isns_principal_set_policy(princ, isns_policy_server());
 171         }
 172
 173         return ctx;
 174 #endif /* WITH_SECURITY */
 175 }
 176
 177 /*
 178  * Create the default security context
 179  */
 180 isns_security_t *
 181 isns_default_security_context(int server_only)
 182 {
 183         static isns_security_t  *ctx;
 184
 185         if (ctx == NULL)
 186                 ctx = __create_security_context(isns_config.ic_auth_name,
 187                                 isns_config.ic_auth_key_file,
 188                                 server_only? NULL : isns_config.ic_server_key_file);
 189         return ctx;
 190 }
 191
 192 /*
 193  * Create the control security context
 194  */
 195 isns_security_t *
 196 isns_control_security_context(int server_only)
 197 {
 198         static isns_security_t  *ctx;
 199
 200         if (ctx == NULL)
 201                 ctx = __create_security_context(isns_config.ic_control_name,
 202                                 isns_config.ic_control_key_file,
 203                                 server_only? NULL : isns_config.ic_server_key_file);
 204         return ctx;
 205 }