Parse dhchap_host_key on controller level

author Hannes Reinecke <hare@suse.de>

Thu, 25 Aug 2022 08:27:02 +0000 (10:27 +0200)

committer Hannes Reinecke <hare@suse.de>

Thu, 25 Aug 2022 09:33:09 +0000 (11:33 +0200)
author Hannes Reinecke <hare@suse.de>
Thu, 25 Aug 2022 08:27:02 +0000 (10:27 +0200)
committer Hannes Reinecke <hare@suse.de>
Thu, 25 Aug 2022 09:33:09 +0000 (11:33 +0200)
diff --git a/libnvme/nvme.i b/libnvme/nvme.i

index e61fff55922634840ab04b86565b781d0b2309c8..c74a7e80f0d56b902262fa9a34ec9cab95182433 100644 (file)
--- a/libnvme/nvme.i
+++ b/libnvme/nvme.i
@@ -316,6 +316,7 @@ struct nvme_ctrl {
    %immutable subsysnqn;
    %immutable traddr;
    %immutable trsvcid;
+  %immutable dhchap_host_key;
    %immutable dhchap_key;
    %immutable cntrltype;
    %immutable dctype;
@@ -335,6 +336,7 @@ struct nvme_ctrl {
    char *traddr;
    char *trsvcid;
    %extend {
+    char *dhchap_host_key:
      char *dhchap_key;
    }
    char *cntrltype;
@@ -672,6 +674,9 @@ struct nvme_ns {
    const char *nvme_ctrl_dhchap_key_get(struct nvme_ctrl *c) {
      return nvme_ctrl_get_dhchap_key(c);
    }
+  const char *nvme_ctrl_dhchap_host_key_get(struct nvme_ctrl *c) {
+    return nvme_ctrl_get_dhchap_host_key(c);
+  }
  %};
  
  %extend nvme_ns {
diff --git a/src/libnvme.map b/src/libnvme.map

index 50a688d6fda55253670881618d71a5b5f0b172dc..79b8f88ecd3acb7689b7d8a16ddc0f71c3ed39a0 100644 (file)
--- a/src/libnvme.map
+++ b/src/libnvme.map
@@ -1,5 +1,11 @@
  # SPDX-License-Identifier: LGPL-2.1-or-later
  
+LIBNVME_1_2 {
+       global:
+               nvme_ctrl_get_dhchap_host_key;
+               nvme_ctrl_set_dhchap_host_key;
+};
+
  LIBNVME_1_1 {
         global:
                 nvme_get_version;
diff --git a/src/nvme/fabrics.c b/src/nvme/fabrics.c

index a2729bd212074615bb2af2403e6f0bae4dc4aa6f..d5db5090e30b5304ef790a5dece0e938bb657238 100644 (file)
--- a/src/nvme/fabrics.c
+++ b/src/nvme/fabrics.c
@@ -465,6 +465,8 @@ static int build_options(nvme_host_t h, nvme_ctrl_t c, char **argstr)
         hostnqn = nvme_host_get_hostnqn(h);
         hostid = nvme_host_get_hostid(h);
         hostkey = nvme_host_get_dhchap_key(h);
+       if (!hostkey)
+               hostkey = nvme_ctrl_get_dhchap_host_key(c);
         ctrlkey = nvme_ctrl_get_dhchap_key(c);
         if (add_argument(argstr, "transport", transport) ||
             add_argument(argstr, "traddr",
@@ -613,14 +615,20 @@ int nvmf_add_ctrl(nvme_host_t h, nvme_ctrl_t c,
                                         nvme_ctrl_get_trsvcid(c),
                                         NULL);
                 if (fc) {
+                       const char *key;
+
                         cfg = merge_config(c, nvme_ctrl_get_config(fc));
                         /*
                          * An authentication key might already been set
                          * in @cfg, so ensure to update @c with the correct
                          * controller key.
                          */
-                       if (fc->dhchap_ctrl_key)
-                               nvme_ctrl_set_dhchap_key(c, fc->dhchap_ctrl_key);
+                       key = nvme_ctrl_get_dhchap_host_key(fc);
+                       if (key)
+                               nvme_ctrl_set_dhchap_host_key(c, key);
+                       key = nvme_ctrl_get_dhchap_key(fc);
+                       if (key)
+                               nvme_ctrl_set_dhchap_key(c, key);
                 }
  
         }
diff --git a/src/nvme/json.c b/src/nvme/json.c

index b42cd516f4bde584a789e3da0ea6f49235c12fb2..36dab6a45847e96370140228815df7c77f34ebaf 100644 (file)
--- a/src/nvme/json.c
+++ b/src/nvme/json.c
@@ -95,6 +95,9 @@ static void json_parse_port(nvme_subsystem_t s, struct json_object *port_obj)
         if (!c)
                 return;
         json_update_attributes(c, port_obj);
+       attr_obj = json_object_object_get(port_obj, "dhchap_key");
+       if (attr_obj)
+               nvme_ctrl_set_dhchap_host_key(c, json_object_get_string(attr_obj));
         attr_obj = json_object_object_get(port_obj, "dhchap_ctrl_key");
         if (attr_obj)
                 nvme_ctrl_set_dhchap_key(c, json_object_get_string(attr_obj));
@@ -222,6 +225,10 @@ static void json_update_port(struct json_object *ctrl_array, nvme_ctrl_t c)
         if (value)
                 json_object_object_add(port_obj, "trsvcid",
                                        json_object_new_string(value));
+       value = nvme_ctrl_get_dhchap_host_key(c);
+       if (value)
+               json_object_object_add(port_obj, "dhchap_key",
+                                      json_object_new_string(value));
         value = nvme_ctrl_get_dhchap_key(c);
         if (value)
                 json_object_object_add(port_obj, "dhchap_ctrl_key",
@@ -365,6 +372,10 @@ static void json_dump_ctrl(struct json_object *ctrl_array, nvme_ctrl_t c)
         if (value)
                 json_object_object_add(ctrl_obj, "trsvcid",
                                        json_object_new_string(value));
+       value = nvme_ctrl_get_dhchap_host_key(c);
+       if (value)
+               json_object_object_add(ctrl_obj, "dhchap_key",
+                                      json_object_new_string(value));
         value = nvme_ctrl_get_dhchap_key(c);
         if (value)
                 json_object_object_add(ctrl_obj, "dhchap_ctrl_key",
diff --git a/src/nvme/private.h b/src/nvme/private.h

index 8a21afc0e0695c80285f810aab6523dd9c0697fe..0aac4300978f85c5f4e78e1d73c5aba1f3016466 100644 (file)
--- a/src/nvme/private.h
+++ b/src/nvme/private.h
@@ -82,6 +82,7 @@ struct nvme_ctrl {
         char *subsysnqn;
         char *traddr;
         char *trsvcid;
+       char *dhchap_key;
         char *dhchap_ctrl_key;
         char *cntrltype;
         char *dctype;
diff --git a/src/nvme/tree.c b/src/nvme/tree.c

index 989b7b3fae9427b67419a8891a678ba56c70f4fe..09e3c59764d1650106d8df4f4df568a07d4d75b3 100644 (file)
--- a/src/nvme/tree.c
+++ b/src/nvme/tree.c
@@ -810,6 +810,21 @@ struct nvme_fabrics_config *nvme_ctrl_get_config(nvme_ctrl_t c)
         return &c->cfg;
  }
  
+const char *nvme_ctrl_get_dhchap_host_key(nvme_ctrl_t c)
+{
+       return c->dhchap_key;
+}
+
+void nvme_ctrl_set_dhchap_host_key(nvme_ctrl_t c, const char *key)
+{
+       if (c->dhchap_key) {
+               free(c->dhchap_key);
+               c->dhchap_key = NULL;
+       }
+       if (key)
+               c->dhchap_key = strdup(key);
+}
+
  const char *nvme_ctrl_get_dhchap_key(nvme_ctrl_t c)
  {
         return c->dhchap_ctrl_key;
@@ -897,6 +912,7 @@ void nvme_deconfigure_ctrl(nvme_ctrl_t c)
         FREE_CTRL_ATTR(c->queue_count);
         FREE_CTRL_ATTR(c->serial);
         FREE_CTRL_ATTR(c->sqsize);
+       FREE_CTRL_ATTR(c->dhchap_key);
         FREE_CTRL_ATTR(c->dhchap_ctrl_key);
         FREE_CTRL_ATTR(c->address);
         FREE_CTRL_ATTR(c->dctype);
@@ -1146,6 +1162,7 @@ static int nvme_configure_ctrl(nvme_root_t r, nvme_ctrl_t c, const char *path,
                                const char *name)
  {
         DIR *d;
+       char *host_key;
  
         d = opendir(path);
         if (!d) {
@@ -1166,6 +1183,14 @@ static int nvme_configure_ctrl(nvme_root_t r, nvme_ctrl_t c, const char *path,
         c->queue_count = nvme_get_ctrl_attr(c, "queue_count");
         c->serial = nvme_get_ctrl_attr(c, "serial");
         c->sqsize = nvme_get_ctrl_attr(c, "sqsize");
+       host_key = nvme_get_ctrl_attr(c, "dhchap_secret");
+       if (host_key && (!strcmp(c->s->h->dhchap_key, host_key) ||
+                        !strcmp("none", host_key))) {
+               free(host_key);
+               host_key = NULL;
+       }
+       if (host_key)
+               c->dhchap_key = host_key;
         c->dhchap_ctrl_key = nvme_get_ctrl_attr(c, "dhchap_ctrl_secret");
         if (c->dhchap_ctrl_key && !strcmp(c->dhchap_ctrl_key, "none")) {
                 free(c->dhchap_ctrl_key);
diff --git a/src/nvme/tree.h b/src/nvme/tree.h

index 3a103c0dd5f3f389ffc40aa214e8734afa841bae..379dcb1d78d2569bada265bf3a9cdd922ac82a24 100644 (file)
--- a/src/nvme/tree.h
+++ b/src/nvme/tree.h
@@ -875,6 +875,21 @@ const char *nvme_ctrl_get_host_traddr(nvme_ctrl_t c);
   */
  const char *nvme_ctrl_get_host_iface(nvme_ctrl_t c);
  
+/**
+ * nvme_ctrl_get_dhchap_host_key() - Return host key
+ * @c: Controller to be checked
+ *
+ * Return: DH-HMAC-CHAP host key or NULL if not set
+ */
+const char *nvme_ctrl_get_dhchap_host_key(nvme_ctrl_t c);
+
+/**
+ * nvme_ctrl_set_dhchap_host_key() - Set host key
+ * @c:         Host for which the key should be set
+ * @key:       DH-HMAC-CHAP Key to set or NULL to clear existing key
+ */
+void nvme_ctrl_set_dhchap_host_key(nvme_ctrl_t c, const char *key);
+
  /**
   * nvme_ctrl_get_dhchap_key() - Return controller key
   * @c: Controller for which the key should be set
author	Hannes Reinecke <hare@suse.de>
	Thu, 25 Aug 2022 08:27:02 +0000 (10:27 +0200)
committer	Hannes Reinecke <hare@suse.de>
	Thu, 25 Aug 2022 09:33:09 +0000 (11:33 +0200)
libnvme/nvme.i		patch \| blob \| history
src/libnvme.map		patch \| blob \| history
src/nvme/fabrics.c		patch \| blob \| history
src/nvme/json.c		patch \| blob \| history
src/nvme/private.h		patch \| blob \| history
src/nvme/tree.c		patch \| blob \| history
src/nvme/tree.h		patch \| blob \| history