nvmf: Save `secure_channel` parameter to JSON configuration.

				      spdk_nvmf_tgt_subsystem_listen_done_fn cb_fn,

				      void *cb_arg);

/* Additional options for listener creation. */

struct spdk_nvmf_listener_opts {

	/**

	 * The size of spdk_nvmf_listener_opts according to the caller of this library is used for

	 * ABI compatibility. The library uses this field to know how many fields in this structure

	 * are valid. And the library will populate any remaining fields with default values.

	 * New added fields should be put at the end of the struct.

	 */

	size_t opts_size;

	/* Secure channel parameter used in TCP TLS. */

	bool secure_channel;

} __attribute__((packed));

SPDK_STATIC_ASSERT(sizeof(struct spdk_nvmf_listener_opts) == 9, "Incorrect size");

/**

 * Initialize options structure for listener creation.

 *

 * \param opts Options structure to initialize.

 * \param size Size of the structure.

 */

void spdk_nvmf_subsystem_listener_opts_init(struct spdk_nvmf_listener_opts *opts, size_t size);

/**

 * Accept new connections on the address provided.

 *

 * This does not start the listener. Use spdk_nvmf_tgt_listen_ext() for that.

 *

 * May only be performed on subsystems in the PAUSED or INACTIVE states.

 * No namespaces are required to be paused.

 *

 * \param subsystem Subsystem to add listener to.

 * \param trid The address to accept connections from.

 * \param cb_fn A callback that will be called once the association is complete.

 * \param cb_arg Argument passed to cb_fn.

 * \param opts NULL or options requested for listener creation.

 */

void spdk_nvmf_subsystem_add_listener_ext(struct spdk_nvmf_subsystem *subsystem,

		struct spdk_nvme_transport_id *trid,

		spdk_nvmf_tgt_subsystem_listen_done_fn cb_fn,

		void *cb_arg, struct spdk_nvmf_listener_opts *opts);

/**

 * Remove the listener from subsystem.

 *

		spdk_json_write_named_string(w, "nqn", spdk_nvmf_subsystem_get_nqn(subsystem));

		nvmf_transport_listen_dump_opts(listener->transport, trid, w);

		spdk_json_write_named_bool(w, "secure_channel", listener->opts.secure_channel);

		/*     } "params" */

		spdk_json_write_object_end(w);

	enum spdk_nvme_ana_state			*ana_state;

	uint64_t					ana_state_change_count;

	uint16_t					id;

	struct spdk_nvmf_listener_opts			opts;

	TAILQ_ENTRY(spdk_nvmf_subsystem_listener)	link;

};

#include "nvmf_internal.h"

static bool g_tls_log = false;

static int

json_write_hex_str(struct spdk_json_write_ctx *w, const void *data, size_t size)

{

struct nvmf_rpc_listener_ctx {

	char				*nqn;

	char				*tgt_name;

	bool				secure_channel;

	struct spdk_nvmf_tgt		*tgt;

	struct spdk_nvmf_transport	*transport;

	struct spdk_nvmf_subsystem	*subsystem;

	enum nvmf_rpc_listen_op		op;

	bool				response_sent;

	struct spdk_nvmf_listen_opts	opts;

	/* Additional options for listener creation. */

	struct spdk_nvmf_listener_opts	listener_opts;

};

static const struct spdk_json_object_decoder nvmf_rpc_listener_decoder[] = {

	{"nqn", offsetof(struct nvmf_rpc_listener_ctx, nqn), spdk_json_decode_string},

	{"listen_address", offsetof(struct nvmf_rpc_listener_ctx, address), decode_rpc_listen_address},

	{"tgt_name", offsetof(struct nvmf_rpc_listener_ctx, tgt_name), spdk_json_decode_string, true},

	{"secure_channel", offsetof(struct nvmf_rpc_listener_ctx, secure_channel), spdk_json_decode_bool, true},

	{"secure_channel", offsetof(struct nvmf_rpc_listener_ctx, listener_opts.secure_channel), spdk_json_decode_bool, true},

};

static void

		if (!nvmf_subsystem_find_listener(subsystem, &ctx->trid)) {

			rc = spdk_nvmf_tgt_listen_ext(ctx->tgt, &ctx->trid, &ctx->opts);

			if (rc == 0) {

				spdk_nvmf_subsystem_add_listener(ctx->subsystem, &ctx->trid, nvmf_rpc_subsystem_listen, ctx);

				spdk_nvmf_subsystem_add_listener_ext(ctx->subsystem, &ctx->trid, nvmf_rpc_subsystem_listen, ctx,

								     &ctx->listener_opts);

				return;

			}

	ctx->request = request;

	spdk_nvmf_subsystem_listener_opts_init(&ctx->listener_opts, sizeof(ctx->listener_opts));

	if (spdk_json_decode_object_relaxed(params, nvmf_rpc_listener_decoder,

					    SPDK_COUNTOF(nvmf_rpc_listener_decoder),

					    ctx)) {

	ctx->op = NVMF_RPC_LISTEN_ADD;

	spdk_nvmf_listen_opts_init(&ctx->opts, sizeof(ctx->opts));

	ctx->opts.transport_specific = params;

	if (subsystem->flags.allow_any_host == 1 && ctx->secure_channel == true) {

	if (subsystem->flags.allow_any_host == 1 && ctx->listener_opts.secure_channel == true) {

		spdk_jsonrpc_send_error_response(request, SPDK_JSONRPC_ERROR_INTERNAL_ERROR,

						 "Cannot establish secure channel, when 'allow_any_host' is set");

		nvmf_rpc_listener_ctx_free(ctx);

		return;

	}

	ctx->opts.secure_channel = ctx->secure_channel;

	if (ctx->opts.secure_channel && !g_tls_log) {

		SPDK_NOTICELOG("TLS support is considered experimental\n");

		g_tls_log = true;

	}

	ctx->opts.secure_channel = ctx->listener_opts.secure_channel;

	rc = spdk_nvmf_subsystem_pause(subsystem, 0, nvmf_rpc_listen_paused, ctx);

	if (rc != 0) {

	spdk_nvmf_subsystem_get_next_host;

	spdk_nvmf_host_get_nqn;

	spdk_nvmf_subsystem_add_listener;

	spdk_nvmf_subsystem_add_listener_ext;

	spdk_nvmf_subsystem_remove_listener;

	spdk_nvmf_subsystem_listener_allowed;

	spdk_nvmf_subsystem_get_first_listener;

	spdk_nvmf_subsystem_listener_get_trid;

	spdk_nvmf_subsystem_allow_any_listener;

	spdk_nvmf_subsytem_any_listener_allowed;

	spdk_nvmf_subsystem_listener_opts_init;

	spdk_nvmf_ns_opts_get_defaults;

	spdk_nvmf_subsystem_add_ns_ext;

	spdk_nvmf_subsystem_remove_ns;