iscsi&scripts/rpc: Add add/delete_secret_to/from_iscsi_auth_group RPCs (750e5d25) · Commits · Public Repositories / spdk

doc/jsonrpc.md

+80 −0

Original line number	Diff line number	Diff line
		@@ -2006,6 +2006,86 @@ Example response:
		}
		~~~

		## add_secret_to_iscsi_auth_group {#rpc_add_secret_to_iscsi_auth_group}

		Add a secret to an existing authentication group for CHAP authentication.

		### Parameters

		Name \| Optional \| Type \| Description
		--------------------------- \| -------- \| --------\| -----------
		tag \| Required \| number \| Authentication group tag (unique, integer > 0)
		user \| Required \| string \| Unidirectional CHAP name
		secret \| Required \| string \| Unidirectional CHAP secret
		muser \| Optional \| string \| Bidirectional CHAP name
		msecret \| Optional \| string \| Bidirectional CHAP secret

		### Example

		Example request:

		~~~
		{
		"params": {
		"muser": "mu3",
		"secret": "s3",
		"tag": 2,
		"user": "u3",
		"msecret": "ms3"
		},
		"jsonrpc": "2.0",
		"method": "add_secret_to_iscsi_auth_group",
		"id": 1
		}
		~~~

		Example response:

		~~~
		{
		"jsonrpc": "2.0",
		"id": 1,
		"result": true
		}
		~~~

		## delete_secret_from_iscsi_auth_group {#rpc_delete_secret_from_iscsi_auth_group}

		Delete a secret from an existing authentication group for CHAP authentication.

		### Parameters

		Name \| Optional \| Type \| Description
		--------------------------- \| -------- \| --------\| -----------
		tag \| Required \| number \| Authentication group tag (unique, integer > 0)
		user \| Required \| string \| Unidirectional CHAP name

		### Example

		Example request:

		~~~
		{
		"params": {
		"tag": 2,
		"user": "u3"
		},
		"jsonrpc": "2.0",
		"method": "delete_secret_from_iscsi_auth_group",
		"id": 1
		}
		~~~

		Example response:

		~~~
		{
		"jsonrpc": "2.0",
		"id": 1,
		"result": true
		}
		~~~

		## get_initiator_groups method {#rpc_get_initiator_groups}

		Show information about all available initiator groups.

lib/iscsi/iscsi.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -407,6 +407,8 @@ void spdk_iscsi_delete_auth_group(struct spdk_iscsi_auth_group *group);
		int spdk_iscsi_auth_group_add_secret(struct spdk_iscsi_auth_group *group,
		const char user, const char secret,
		const char muser, const char msecret);
		int spdk_iscsi_auth_group_delete_secret(struct spdk_iscsi_auth_group *group,
		const char *user);

		void spdk_iscsi_send_nopin(struct spdk_iscsi_conn *conn);
		void spdk_iscsi_task_response(struct spdk_iscsi_conn *conn,

lib/iscsi/iscsi_rpc.c

+153 −0

Original line number	Diff line number	Diff line
		@@ -1362,3 +1362,156 @@ spdk_rpc_delete_iscsi_auth_group(struct spdk_jsonrpc_request *request,
		spdk_jsonrpc_end_result(request, w);
		}
		SPDK_RPC_REGISTER("delete_iscsi_auth_group", spdk_rpc_delete_iscsi_auth_group, SPDK_RPC_RUNTIME)

		struct rpc_add_auth_secret {
		int32_t tag;
		char *user;
		char *secret;
		char *muser;
		char *msecret;
		};

		static void
		free_rpc_add_auth_secret(struct rpc_add_auth_secret *_secret)
		{
		free(_secret->user);
		free(_secret->secret);
		free(_secret->muser);
		free(_secret->msecret);
		}

		static const struct spdk_json_object_decoder rpc_add_auth_secret_decoders[] = {
		{"tag", offsetof(struct rpc_add_auth_secret, tag), spdk_json_decode_int32},
		{"user", offsetof(struct rpc_add_auth_secret, user), spdk_json_decode_string},
		{"secret", offsetof(struct rpc_add_auth_secret, secret), spdk_json_decode_string},
		{"muser", offsetof(struct rpc_add_auth_secret, muser), spdk_json_decode_string, true},
		{"msecret", offsetof(struct rpc_add_auth_secret, msecret), spdk_json_decode_string, true},
		};

		static void
		spdk_rpc_add_secret_to_iscsi_auth_group(struct spdk_jsonrpc_request *request,
		const struct spdk_json_val *params)
		{
		struct rpc_add_auth_secret req = {};
		struct spdk_json_write_ctx *w;
		struct spdk_iscsi_auth_group *group;
		int rc;

		if (spdk_json_decode_object(params, rpc_add_auth_secret_decoders,
		SPDK_COUNTOF(rpc_add_auth_secret_decoders), &req)) {
		SPDK_ERRLOG("spdk_json_decode_object failed\n");
		spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
		"Invalid parameters");
		free_rpc_add_auth_secret(&req);
		return;
		}

		pthread_mutex_lock(&g_spdk_iscsi.mutex);

		group = spdk_iscsi_find_auth_group_by_tag(req.tag);
		if (group == NULL) {
		pthread_mutex_unlock(&g_spdk_iscsi.mutex);

		spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
		"Could not find auth group (%d)", req.tag);
		free_rpc_add_auth_secret(&req);
		return;
		}

		rc = spdk_iscsi_auth_group_add_secret(group, req.user, req.secret, req.muser, req.msecret);
		if (rc != 0) {
		pthread_mutex_unlock(&g_spdk_iscsi.mutex);

		spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
		"Could not add secret to auth group (%d), %s",
		req.tag, spdk_strerror(-rc));
		free_rpc_add_auth_secret(&req);
		return;
		}

		pthread_mutex_unlock(&g_spdk_iscsi.mutex);

		free_rpc_add_auth_secret(&req);

		w = spdk_jsonrpc_begin_result(request);
		if (w == NULL) {
		return;
		}

		spdk_json_write_bool(w, true);
		spdk_jsonrpc_end_result(request, w);
		}
		SPDK_RPC_REGISTER("add_secret_to_iscsi_auth_group", spdk_rpc_add_secret_to_iscsi_auth_group,
		SPDK_RPC_RUNTIME)

		struct rpc_delete_auth_secret {
		int32_t tag;
		char *user;
		};

		static void
		free_rpc_delete_auth_secret(struct rpc_delete_auth_secret *_secret)
		{
		free(_secret->user);
		}

		static const struct spdk_json_object_decoder rpc_delete_auth_secret_decoders[] = {
		{"tag", offsetof(struct rpc_delete_auth_secret, tag), spdk_json_decode_int32},
		{"user", offsetof(struct rpc_delete_auth_secret, user), spdk_json_decode_string},
		};

		static void
		spdk_rpc_delete_secret_from_iscsi_auth_group(struct spdk_jsonrpc_request *request,
		const struct spdk_json_val *params)
		{
		struct rpc_delete_auth_secret req = {};
		struct spdk_json_write_ctx *w;
		struct spdk_iscsi_auth_group *group;
		int rc;

		if (spdk_json_decode_object(params, rpc_delete_auth_secret_decoders,
		SPDK_COUNTOF(rpc_delete_auth_secret_decoders), &req)) {
		SPDK_ERRLOG("spdk_json_decode_object failed\n");
		spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
		"Invalid parameters");
		free_rpc_delete_auth_secret(&req);
		return;
		}

		pthread_mutex_lock(&g_spdk_iscsi.mutex);

		group = spdk_iscsi_find_auth_group_by_tag(req.tag);
		if (group == NULL) {
		pthread_mutex_unlock(&g_spdk_iscsi.mutex);

		spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
		"Could not find auth group (%d)", req.tag);
		free_rpc_delete_auth_secret(&req);
		return;
		}

		rc = spdk_iscsi_auth_group_delete_secret(group, req.user);
		if (rc != 0) {
		pthread_mutex_unlock(&g_spdk_iscsi.mutex);

		spdk_jsonrpc_send_error_response_fmt(request, SPDK_JSONRPC_ERROR_INVALID_PARAMS,
		"Could not delete secret from CHAP group (%d), %s",
		req.tag, spdk_strerror(-rc));
		free_rpc_delete_auth_secret(&req);
		return;
		}

		pthread_mutex_unlock(&g_spdk_iscsi.mutex);

		free_rpc_delete_auth_secret(&req);

		w = spdk_jsonrpc_begin_result(request);
		if (w == NULL) {
		return;
		}

		spdk_json_write_bool(w, true);
		spdk_jsonrpc_end_result(request, w);
		}
		SPDK_RPC_REGISTER("delete_secret_from_iscsi_auth_group",
		spdk_rpc_delete_secret_from_iscsi_auth_group, SPDK_RPC_RUNTIME)

lib/iscsi/iscsi_subsystem.c

+28 −0

Original line number	Diff line number	Diff line
		@@ -874,6 +874,34 @@ spdk_iscsi_auth_group_add_secret(struct spdk_iscsi_auth_group *group,
		return 0;
		}

		int
		spdk_iscsi_auth_group_delete_secret(struct spdk_iscsi_auth_group *group,
		const char *user)
		{
		struct spdk_iscsi_auth_secret *_secret;

		if (user == NULL) {
		SPDK_ERRLOG("user must be specified\n");
		return -EINVAL;
		}

		TAILQ_FOREACH(_secret, &group->secret_head, tailq) {
		if (strcmp(_secret->user, user) == 0) {
		break;
		}
		}

		if (_secret == NULL) {
		SPDK_ERRLOG("secret is not found\n");
		return -ENODEV;
		}

		TAILQ_REMOVE(&group->secret_head, _secret, tailq);
		free(_secret);

		return 0;
		}

		int
		spdk_iscsi_add_auth_group(int32_t tag, struct spdk_iscsi_auth_group **_group)
		{

scripts/rpc.py

+27 −0

Original line number	Diff line number	Diff line
		@@ -573,6 +573,33 @@ Format: 'user:u1 secret:s1 muser:mu1 msecret:ms1,user:u2 secret:s2 muser:mu2 mse
		p.add_argument('tag', help='Authentication group tag', type=int)
		p.set_defaults(func=delete_iscsi_auth_group)

		@call_cmd
		def add_secret_to_iscsi_auth_group(args):
		rpc.iscsi.add_secret_to_iscsi_auth_group(
		args.client,
		tag=args.tag,
		user=args.user,
		secret=args.secret,
		muser=args.muser,
		msecret=args.msecret)

		p = subparsers.add_parser('add_secret_to_iscsi_auth_group', help='Add a secret to an authentication group.')
		p.add_argument('tag', help='Authentication group tag', type=int)
		p.add_argument('-u', '--user', help='User name for one-way CHAP authentication', required=True)
		p.add_argument('-s', '--secret', help='Secret for one-way CHAP authentication', required=True)
		p.add_argument('-m', '--muser', help='User name for mutual CHAP authentication')
		p.add_argument('-r', '--msecret', help='Secret for mutual CHAP authentication')
		p.set_defaults(func=add_secret_to_iscsi_auth_group)

		@call_cmd
		def delete_secret_from_iscsi_auth_group(args):
		rpc.iscsi.delete_secret_from_iscsi_auth_group(args.client, tag=args.tag, user=args.user)

		p = subparsers.add_parser('delete_secret_from_iscsi_auth_group', help='Delete a secret from an authentication group.')
		p.add_argument('tag', help='Authentication group tag', type=int)
		p.add_argument('-u', '--user', help='User name for one-way CHAP authentication', required=True)
		p.set_defaults(func=delete_secret_from_iscsi_auth_group)

		@call_cmd
		def get_portal_groups(args):
		print_dict(rpc.iscsi.get_portal_groups(args.client))