1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 *
21 *
22 * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#pragma ident	"%Z%%M%	%I%	%E% SMI"
27
28#include <stdio.h>
29#include <strings.h>
30#include <ctype.h>
31#include <libgen.h>
32#include <libintl.h>
33#include <locale.h>
34#include <errno.h>
35
36#include <kmfapiP.h>
37
38#include "util.h"
39
40int
41kc_import(int argc, char *argv[])
42{
43	int rv = KC_OK;
44	char *filename = NULL;
45	char *infile = NULL;
46	char *policyname = NULL;
47	POLICY_LIST *plclist = NULL, *pnode;
48	int	opt, found = 0;
49	extern int	optind_av;
50	extern char	*optarg_av;
51
52	while ((opt = getopt_av(argc, argv,
53	    "d:(dbfile)p:(policy)i:(infile)")) != EOF) {
54		switch (opt) {
55			case 'd':
56				filename = get_string(optarg_av, &rv);
57				if (filename == NULL) {
58					(void) fprintf(stderr,
59					    gettext("Error dbfile input.\n"));
60				}
61				break;
62			case 'p':
63				policyname = get_string(optarg_av, &rv);
64				if (policyname == NULL) {
65					(void) fprintf(stderr,
66					    gettext("Error policy name.\n"));
67				}
68				break;
69			case 'i':
70				infile = get_string(optarg_av, &rv);
71				if (infile == NULL) {
72					(void) fprintf(stderr,
73					    gettext("Error infile input.\n"));
74				}
75				break;
76			default:
77				(void) fprintf(stderr,
78				    gettext("Error input option.\n"));
79				rv = KC_ERR_USAGE;
80				break;
81		}
82
83		if (rv != KC_OK)
84			goto out;
85
86	}
87
88	/* No additional args allowed. */
89	argc -= optind_av;
90	if (argc) {
91		(void) fprintf(stderr,
92		    gettext("Error input option\n"));
93		rv = KC_ERR_USAGE;
94		goto out;
95	}
96
97	if (filename == NULL) {
98		filename = strdup(KMF_DEFAULT_POLICY_FILE);
99		if (filename == NULL) {
100			rv = KC_ERR_MEMORY;
101			goto out;
102		}
103	}
104
105	if (policyname == NULL) {
106		(void) fprintf(stderr,
107		    gettext("You must specify a policy name\n"));
108		rv = KC_ERR_USAGE;
109		goto out;
110	}
111
112	if (infile == NULL) {
113		(void) fprintf(stderr,
114		    gettext("You must specify a input DB file\n"));
115		rv = KC_ERR_USAGE;
116		goto out;
117	}
118
119	if (strcmp(filename, KMF_DEFAULT_POLICY_FILE) == 0 &&
120	    strcmp(policyname, KMF_DEFAULT_POLICY_NAME) == 0) {
121		(void) fprintf(stderr,
122		    gettext("Can not import the default policy record to "
123		    "the system default policy database\n"));
124		rv = KC_ERR_USAGE;
125		goto out;
126	}
127
128	rv = load_policies(infile, &plclist);
129	if (rv != KMF_OK)
130		goto out;
131
132	pnode = plclist;
133	while (pnode != NULL && !found) {
134		if (strcmp(policyname, pnode->plc.name) == 0) {
135			KMF_RETURN ret;
136
137			found++;
138			ret = kmf_verify_policy(&pnode->plc);
139			if (ret != KMF_OK) {
140				print_sanity_error(ret);
141				rv = KC_ERR_VERIFY_POLICY;
142				break;
143			}
144			rv = kmf_add_policy_to_db(&pnode->plc, filename,
145			    B_FALSE);
146		}
147		pnode = pnode->next;
148	}
149
150	if (!found) {
151		(void) fprintf(stderr,
152		    gettext("Could not find policy \"%s\" in %s\n"),
153		    policyname, infile);
154		rv = KC_ERR_FIND_POLICY;
155	}
156
157out:
158	if (filename != NULL)
159		free(filename);
160
161	if (policyname != NULL)
162		free(policyname);
163
164	if (infile != NULL)
165		free(infile);
166
167	free_policy_list(plclist);
168
169	return (rv);
170}
171