199ebb4cwyllys/*
299ebb4cwyllys * CDDL HEADER START
399ebb4cwyllys *
499ebb4cwyllys * The contents of this file are subject to the terms of the
599ebb4cwyllys * Common Development and Distribution License (the "License").
699ebb4cwyllys * You may not use this file except in compliance with the License.
799ebb4cwyllys *
899ebb4cwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
999ebb4cwyllys * or http://www.opensolaris.org/os/licensing.
1099ebb4cwyllys * See the License for the specific language governing permissions
1199ebb4cwyllys * and limitations under the License.
1299ebb4cwyllys *
1399ebb4cwyllys * When distributing Covered Code, include this CDDL HEADER in each
1499ebb4cwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
1599ebb4cwyllys * If applicable, add the following below this CDDL HEADER, with the
1699ebb4cwyllys * fields enclosed by brackets "[]" replaced with your own identifying
1799ebb4cwyllys * information: Portions Copyright [yyyy] [name of copyright owner]
1899ebb4cwyllys *
1999ebb4cwyllys * CDDL HEADER END
2099ebb4cwyllys *
2199ebb4cwyllys *
2230a5e8fwyllys * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
2399ebb4cwyllys * Use is subject to license terms.
2499ebb4cwyllys */
2599ebb4cwyllys
2699ebb4cwyllys#pragma ident	"%Z%%M%	%I%	%E% SMI"
2799ebb4cwyllys
2899ebb4cwyllys#include <stdio.h>
2999ebb4cwyllys#include <strings.h>
3099ebb4cwyllys#include <ctype.h>
3199ebb4cwyllys#include <libgen.h>
3299ebb4cwyllys#include <libintl.h>
3399ebb4cwyllys#include <locale.h>
3499ebb4cwyllys#include <errno.h>
3599ebb4cwyllys
3699ebb4cwyllys#include <kmfapiP.h>
3799ebb4cwyllys
3899ebb4cwyllys#include "util.h"
3999ebb4cwyllys
4099ebb4cwyllysint
4199ebb4cwyllyskc_import(int argc, char *argv[])
4299ebb4cwyllys{
4399ebb4cwyllys	int rv = KC_OK;
4499ebb4cwyllys	char *filename = NULL;
4599ebb4cwyllys	char *infile = NULL;
4699ebb4cwyllys	char *policyname = NULL;
4799ebb4cwyllys	POLICY_LIST *plclist = NULL, *pnode;
4899ebb4cwyllys	int	opt, found = 0;
4999ebb4cwyllys	extern int	optind_av;
5099ebb4cwyllys	extern char	*optarg_av;
5199ebb4cwyllys
5299ebb4cwyllys	while ((opt = getopt_av(argc, argv,
5330a5e8fwyllys	    "d:(dbfile)p:(policy)i:(infile)")) != EOF) {
5499ebb4cwyllys		switch (opt) {
5599ebb4cwyllys			case 'd':
5699ebb4cwyllys				filename = get_string(optarg_av, &rv);
5799ebb4cwyllys				if (filename == NULL) {
5899ebb4cwyllys					(void) fprintf(stderr,
5999ebb4cwyllys					    gettext("Error dbfile input.\n"));
6099ebb4cwyllys				}
6199ebb4cwyllys				break;
6299ebb4cwyllys			case 'p':
6399ebb4cwyllys				policyname = get_string(optarg_av, &rv);
6499ebb4cwyllys				if (policyname == NULL) {
6599ebb4cwyllys					(void) fprintf(stderr,
6699ebb4cwyllys					    gettext("Error policy name.\n"));
6799ebb4cwyllys				}
6899ebb4cwyllys				break;
6999ebb4cwyllys			case 'i':
7099ebb4cwyllys				infile = get_string(optarg_av, &rv);
7199ebb4cwyllys				if (infile == NULL) {
7299ebb4cwyllys					(void) fprintf(stderr,
7399ebb4cwyllys					    gettext("Error infile input.\n"));
7499ebb4cwyllys				}
7599ebb4cwyllys				break;
7699ebb4cwyllys			default:
7799ebb4cwyllys				(void) fprintf(stderr,
7899ebb4cwyllys				    gettext("Error input option.\n"));
7999ebb4cwyllys				rv = KC_ERR_USAGE;
8099ebb4cwyllys				break;
8199ebb4cwyllys		}
8299ebb4cwyllys
8399ebb4cwyllys		if (rv != KC_OK)
8499ebb4cwyllys			goto out;
8599ebb4cwyllys
8699ebb4cwyllys	}
8799ebb4cwyllys
8899ebb4cwyllys	/* No additional args allowed. */
8999ebb4cwyllys	argc -= optind_av;
9099ebb4cwyllys	if (argc) {
9199ebb4cwyllys		(void) fprintf(stderr,
9299ebb4cwyllys		    gettext("Error input option\n"));
9399ebb4cwyllys		rv = KC_ERR_USAGE;
9499ebb4cwyllys		goto out;
9599ebb4cwyllys	}
9699ebb4cwyllys
9799ebb4cwyllys	if (filename == NULL) {
9899ebb4cwyllys		filename = strdup(KMF_DEFAULT_POLICY_FILE);
9999ebb4cwyllys		if (filename == NULL) {
10099ebb4cwyllys			rv = KC_ERR_MEMORY;
10199ebb4cwyllys			goto out;
10299ebb4cwyllys		}
10399ebb4cwyllys	}
10499ebb4cwyllys
10599ebb4cwyllys	if (policyname == NULL) {
10699ebb4cwyllys		(void) fprintf(stderr,
10799ebb4cwyllys		    gettext("You must specify a policy name\n"));
10899ebb4cwyllys		rv = KC_ERR_USAGE;
10999ebb4cwyllys		goto out;
11099ebb4cwyllys	}
11199ebb4cwyllys
11299ebb4cwyllys	if (infile == NULL) {
11399ebb4cwyllys		(void) fprintf(stderr,
11499ebb4cwyllys		    gettext("You must specify a input DB file\n"));
11599ebb4cwyllys		rv = KC_ERR_USAGE;
11699ebb4cwyllys		goto out;
11799ebb4cwyllys	}
11899ebb4cwyllys
11999ebb4cwyllys	if (strcmp(filename, KMF_DEFAULT_POLICY_FILE) == 0 &&
12099ebb4cwyllys	    strcmp(policyname, KMF_DEFAULT_POLICY_NAME) == 0) {
12199ebb4cwyllys		(void) fprintf(stderr,
12299ebb4cwyllys		    gettext("Can not import the default policy record to "
12399ebb4cwyllys		    "the system default policy database\n"));
12499ebb4cwyllys		rv = KC_ERR_USAGE;
12599ebb4cwyllys		goto out;
12699ebb4cwyllys	}
12799ebb4cwyllys
12899ebb4cwyllys	rv = load_policies(infile, &plclist);
12999ebb4cwyllys	if (rv != KMF_OK)
13099ebb4cwyllys		goto out;
13199ebb4cwyllys
13299ebb4cwyllys	pnode = plclist;
13399ebb4cwyllys	while (pnode != NULL && !found) {
13499ebb4cwyllys		if (strcmp(policyname, pnode->plc.name) == 0) {
13599ebb4cwyllys			KMF_RETURN ret;
13699ebb4cwyllys
13799ebb4cwyllys			found++;
13830a5e8fwyllys			ret = kmf_verify_policy(&pnode->plc);
13999ebb4cwyllys			if (ret != KMF_OK) {
14099ebb4cwyllys				print_sanity_error(ret);
14199ebb4cwyllys				rv = KC_ERR_VERIFY_POLICY;
14299ebb4cwyllys				break;
14399ebb4cwyllys			}
14430a5e8fwyllys			rv = kmf_add_policy_to_db(&pnode->plc, filename,
14530a5e8fwyllys			    B_FALSE);
14699ebb4cwyllys		}
14799ebb4cwyllys		pnode = pnode->next;
14899ebb4cwyllys	}
14999ebb4cwyllys
15099ebb4cwyllys	if (!found) {
15199ebb4cwyllys		(void) fprintf(stderr,
15230a5e8fwyllys		    gettext("Could not find policy \"%s\" in %s\n"),
15330a5e8fwyllys		    policyname, infile);
15499ebb4cwyllys		rv = KC_ERR_FIND_POLICY;
15599ebb4cwyllys	}
15699ebb4cwyllys
15799ebb4cwyllysout:
15899ebb4cwyllys	if (filename != NULL)
15999ebb4cwyllys		free(filename);
16099ebb4cwyllys
16199ebb4cwyllys	if (policyname != NULL)
16299ebb4cwyllys		free(policyname);
16399ebb4cwyllys
16499ebb4cwyllys	if (infile != NULL)
16599ebb4cwyllys		free(infile);
16699ebb4cwyllys
16799ebb4cwyllys	free_policy_list(plclist);
16899ebb4cwyllys
16999ebb4cwyllys	return (rv);
17099ebb4cwyllys}
171