1*99ebb4caSwyllys /* 2*99ebb4caSwyllys * CDDL HEADER START 3*99ebb4caSwyllys * 4*99ebb4caSwyllys * The contents of this file are subject to the terms of the 5*99ebb4caSwyllys * Common Development and Distribution License (the "License"). 6*99ebb4caSwyllys * You may not use this file except in compliance with the License. 7*99ebb4caSwyllys * 8*99ebb4caSwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*99ebb4caSwyllys * or http://www.opensolaris.org/os/licensing. 10*99ebb4caSwyllys * See the License for the specific language governing permissions 11*99ebb4caSwyllys * and limitations under the License. 12*99ebb4caSwyllys * 13*99ebb4caSwyllys * When distributing Covered Code, include this CDDL HEADER in each 14*99ebb4caSwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*99ebb4caSwyllys * If applicable, add the following below this CDDL HEADER, with the 16*99ebb4caSwyllys * fields enclosed by brackets "[]" replaced with your own identifying 17*99ebb4caSwyllys * information: Portions Copyright [yyyy] [name of copyright owner] 18*99ebb4caSwyllys * 19*99ebb4caSwyllys * CDDL HEADER END 20*99ebb4caSwyllys * 21*99ebb4caSwyllys * 22*99ebb4caSwyllys * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23*99ebb4caSwyllys * Use is subject to license terms. 24*99ebb4caSwyllys */ 25*99ebb4caSwyllys 26*99ebb4caSwyllys #pragma ident "%Z%%M% %I% %E% SMI" 27*99ebb4caSwyllys 28*99ebb4caSwyllys #include <stdio.h> 29*99ebb4caSwyllys #include <strings.h> 30*99ebb4caSwyllys #include <ctype.h> 31*99ebb4caSwyllys #include <libgen.h> 32*99ebb4caSwyllys #include <libintl.h> 33*99ebb4caSwyllys #include <locale.h> 34*99ebb4caSwyllys #include <errno.h> 35*99ebb4caSwyllys #include <kmfapiP.h> 36*99ebb4caSwyllys 37*99ebb4caSwyllys #include "util.h" 38*99ebb4caSwyllys 39*99ebb4caSwyllys int 40*99ebb4caSwyllys kc_export(int argc, char *argv[]) 41*99ebb4caSwyllys { 42*99ebb4caSwyllys int rv = KC_OK; 43*99ebb4caSwyllys char *filename = NULL; 44*99ebb4caSwyllys char *outfile = NULL; 45*99ebb4caSwyllys char *policyname = NULL; 46*99ebb4caSwyllys POLICY_LIST *plclist = NULL, *pnode; 47*99ebb4caSwyllys int opt, found = 0; 48*99ebb4caSwyllys extern int optind_av; 49*99ebb4caSwyllys extern char *optarg_av; 50*99ebb4caSwyllys 51*99ebb4caSwyllys while ((opt = getopt_av(argc, argv, 52*99ebb4caSwyllys "d:(dbfile)p:(policy)o:(outfile)")) != EOF) { 53*99ebb4caSwyllys switch (opt) { 54*99ebb4caSwyllys case 'd': 55*99ebb4caSwyllys filename = get_string(optarg_av, &rv); 56*99ebb4caSwyllys if (filename == NULL) { 57*99ebb4caSwyllys (void) fprintf(stderr, 58*99ebb4caSwyllys gettext("Error dbfile input.\n")); 59*99ebb4caSwyllys } 60*99ebb4caSwyllys break; 61*99ebb4caSwyllys case 'p': 62*99ebb4caSwyllys policyname = get_string(optarg_av, &rv); 63*99ebb4caSwyllys if (policyname == NULL) { 64*99ebb4caSwyllys (void) fprintf(stderr, 65*99ebb4caSwyllys gettext("Error policy name.\n")); 66*99ebb4caSwyllys } 67*99ebb4caSwyllys break; 68*99ebb4caSwyllys case 'o': 69*99ebb4caSwyllys outfile = get_string(optarg_av, &rv); 70*99ebb4caSwyllys if (outfile == NULL) { 71*99ebb4caSwyllys (void) fprintf(stderr, 72*99ebb4caSwyllys gettext("Error outfile input.\n")); 73*99ebb4caSwyllys } 74*99ebb4caSwyllys break; 75*99ebb4caSwyllys default: 76*99ebb4caSwyllys (void) fprintf(stderr, 77*99ebb4caSwyllys gettext("Error input option.\n")); 78*99ebb4caSwyllys rv = KC_ERR_USAGE; 79*99ebb4caSwyllys break; 80*99ebb4caSwyllys } 81*99ebb4caSwyllys 82*99ebb4caSwyllys if (rv != KC_OK) 83*99ebb4caSwyllys goto out; 84*99ebb4caSwyllys } 85*99ebb4caSwyllys 86*99ebb4caSwyllys /* No additional args allowed. */ 87*99ebb4caSwyllys argc -= optind_av; 88*99ebb4caSwyllys if (argc) { 89*99ebb4caSwyllys (void) fprintf(stderr, 90*99ebb4caSwyllys gettext("Error input option\n")); 91*99ebb4caSwyllys rv = KC_ERR_USAGE; 92*99ebb4caSwyllys goto out; 93*99ebb4caSwyllys } 94*99ebb4caSwyllys 95*99ebb4caSwyllys if (filename == NULL) { 96*99ebb4caSwyllys filename = strdup(KMF_DEFAULT_POLICY_FILE); 97*99ebb4caSwyllys if (filename == NULL) { 98*99ebb4caSwyllys rv = KC_ERR_MEMORY; 99*99ebb4caSwyllys goto out; 100*99ebb4caSwyllys } 101*99ebb4caSwyllys } 102*99ebb4caSwyllys 103*99ebb4caSwyllys if (policyname == NULL) { 104*99ebb4caSwyllys (void) fprintf(stderr, 105*99ebb4caSwyllys gettext("You must specify a policy name\n")); 106*99ebb4caSwyllys rv = KC_ERR_USAGE; 107*99ebb4caSwyllys goto out; 108*99ebb4caSwyllys } 109*99ebb4caSwyllys 110*99ebb4caSwyllys if (outfile == NULL) { 111*99ebb4caSwyllys (void) fprintf(stderr, 112*99ebb4caSwyllys gettext("You must specify a output DB file\n")); 113*99ebb4caSwyllys rv = KC_ERR_USAGE; 114*99ebb4caSwyllys goto out; 115*99ebb4caSwyllys } 116*99ebb4caSwyllys 117*99ebb4caSwyllys if (strcmp(outfile, KMF_DEFAULT_POLICY_FILE) == 0 && 118*99ebb4caSwyllys strcmp(policyname, KMF_DEFAULT_POLICY_NAME) == 0) { 119*99ebb4caSwyllys (void) fprintf(stderr, 120*99ebb4caSwyllys gettext("Can not export the default policy record to " 121*99ebb4caSwyllys "the system default policy database\n")); 122*99ebb4caSwyllys rv = KC_ERR_USAGE; 123*99ebb4caSwyllys goto out; 124*99ebb4caSwyllys } 125*99ebb4caSwyllys 126*99ebb4caSwyllys rv = load_policies(filename, &plclist); 127*99ebb4caSwyllys if (rv != KMF_OK) 128*99ebb4caSwyllys goto out; 129*99ebb4caSwyllys 130*99ebb4caSwyllys pnode = plclist; 131*99ebb4caSwyllys while (pnode != NULL && !found) { 132*99ebb4caSwyllys if (strcmp(policyname, pnode->plc.name) == 0) { 133*99ebb4caSwyllys KMF_RETURN ret; 134*99ebb4caSwyllys 135*99ebb4caSwyllys found++; 136*99ebb4caSwyllys ret = KMF_VerifyPolicy(&pnode->plc); 137*99ebb4caSwyllys if (ret != KMF_OK) { 138*99ebb4caSwyllys print_sanity_error(ret); 139*99ebb4caSwyllys rv = KC_ERR_VERIFY_POLICY; 140*99ebb4caSwyllys break; 141*99ebb4caSwyllys } 142*99ebb4caSwyllys rv = KMF_AddPolicyToDB(&pnode->plc, outfile, B_FALSE); 143*99ebb4caSwyllys } 144*99ebb4caSwyllys pnode = pnode->next; 145*99ebb4caSwyllys } 146*99ebb4caSwyllys 147*99ebb4caSwyllys if (!found) { 148*99ebb4caSwyllys (void) fprintf(stderr, 149*99ebb4caSwyllys gettext("Could not find policy \"%s\" in %s\n"), 150*99ebb4caSwyllys policyname, filename); 151*99ebb4caSwyllys rv = KC_ERR_FIND_POLICY; 152*99ebb4caSwyllys } 153*99ebb4caSwyllys 154*99ebb4caSwyllys out: 155*99ebb4caSwyllys if (filename != NULL) 156*99ebb4caSwyllys free(filename); 157*99ebb4caSwyllys 158*99ebb4caSwyllys if (policyname != NULL) 159*99ebb4caSwyllys free(policyname); 160*99ebb4caSwyllys 161*99ebb4caSwyllys if (outfile != NULL) 162*99ebb4caSwyllys free(outfile); 163*99ebb4caSwyllys 164*99ebb4caSwyllys free_policy_list(plclist); 165*99ebb4caSwyllys 166*99ebb4caSwyllys return (rv); 167*99ebb4caSwyllys } 168