1*99ebb4caSwyllys /* 2*99ebb4caSwyllys * CDDL HEADER START 3*99ebb4caSwyllys * 4*99ebb4caSwyllys * The contents of this file are subject to the terms of the 5*99ebb4caSwyllys * Common Development and Distribution License (the "License"). 6*99ebb4caSwyllys * You may not use this file except in compliance with the License. 7*99ebb4caSwyllys * 8*99ebb4caSwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*99ebb4caSwyllys * or http://www.opensolaris.org/os/licensing. 10*99ebb4caSwyllys * See the License for the specific language governing permissions 11*99ebb4caSwyllys * and limitations under the License. 12*99ebb4caSwyllys * 13*99ebb4caSwyllys * When distributing Covered Code, include this CDDL HEADER in each 14*99ebb4caSwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*99ebb4caSwyllys * If applicable, add the following below this CDDL HEADER, with the 16*99ebb4caSwyllys * fields enclosed by brackets "[]" replaced with your own identifying 17*99ebb4caSwyllys * information: Portions Copyright [yyyy] [name of copyright owner] 18*99ebb4caSwyllys * 19*99ebb4caSwyllys * CDDL HEADER END 20*99ebb4caSwyllys * 21*99ebb4caSwyllys * 22*99ebb4caSwyllys * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23*99ebb4caSwyllys * Use is subject to license terms. 24*99ebb4caSwyllys */ 25*99ebb4caSwyllys 26*99ebb4caSwyllys #pragma ident "%Z%%M% %I% %E% SMI" 27*99ebb4caSwyllys 28*99ebb4caSwyllys #include <stdio.h> 29*99ebb4caSwyllys #include <strings.h> 30*99ebb4caSwyllys #include <ctype.h> 31*99ebb4caSwyllys #include <libgen.h> 32*99ebb4caSwyllys #include <libintl.h> 33*99ebb4caSwyllys #include <locale.h> 34*99ebb4caSwyllys #include <errno.h> 35*99ebb4caSwyllys 36*99ebb4caSwyllys #include <kmfapiP.h> 37*99ebb4caSwyllys 38*99ebb4caSwyllys #include "util.h" 39*99ebb4caSwyllys 40*99ebb4caSwyllys int 41*99ebb4caSwyllys kc_import(int argc, char *argv[]) 42*99ebb4caSwyllys { 43*99ebb4caSwyllys int rv = KC_OK; 44*99ebb4caSwyllys char *filename = NULL; 45*99ebb4caSwyllys char *infile = NULL; 46*99ebb4caSwyllys char *policyname = NULL; 47*99ebb4caSwyllys POLICY_LIST *plclist = NULL, *pnode; 48*99ebb4caSwyllys int opt, found = 0; 49*99ebb4caSwyllys extern int optind_av; 50*99ebb4caSwyllys extern char *optarg_av; 51*99ebb4caSwyllys 52*99ebb4caSwyllys while ((opt = getopt_av(argc, argv, 53*99ebb4caSwyllys "d:(dbfile)p:(policy)i:(infile)")) != EOF) { 54*99ebb4caSwyllys switch (opt) { 55*99ebb4caSwyllys case 'd': 56*99ebb4caSwyllys filename = get_string(optarg_av, &rv); 57*99ebb4caSwyllys if (filename == NULL) { 58*99ebb4caSwyllys (void) fprintf(stderr, 59*99ebb4caSwyllys gettext("Error dbfile input.\n")); 60*99ebb4caSwyllys } 61*99ebb4caSwyllys break; 62*99ebb4caSwyllys case 'p': 63*99ebb4caSwyllys policyname = get_string(optarg_av, &rv); 64*99ebb4caSwyllys if (policyname == NULL) { 65*99ebb4caSwyllys (void) fprintf(stderr, 66*99ebb4caSwyllys gettext("Error policy name.\n")); 67*99ebb4caSwyllys } 68*99ebb4caSwyllys break; 69*99ebb4caSwyllys case 'i': 70*99ebb4caSwyllys infile = get_string(optarg_av, &rv); 71*99ebb4caSwyllys if (infile == NULL) { 72*99ebb4caSwyllys (void) fprintf(stderr, 73*99ebb4caSwyllys gettext("Error infile input.\n")); 74*99ebb4caSwyllys } 75*99ebb4caSwyllys break; 76*99ebb4caSwyllys default: 77*99ebb4caSwyllys (void) fprintf(stderr, 78*99ebb4caSwyllys gettext("Error input option.\n")); 79*99ebb4caSwyllys rv = KC_ERR_USAGE; 80*99ebb4caSwyllys break; 81*99ebb4caSwyllys } 82*99ebb4caSwyllys 83*99ebb4caSwyllys if (rv != KC_OK) 84*99ebb4caSwyllys goto out; 85*99ebb4caSwyllys 86*99ebb4caSwyllys } 87*99ebb4caSwyllys 88*99ebb4caSwyllys /* No additional args allowed. */ 89*99ebb4caSwyllys argc -= optind_av; 90*99ebb4caSwyllys if (argc) { 91*99ebb4caSwyllys (void) fprintf(stderr, 92*99ebb4caSwyllys gettext("Error input option\n")); 93*99ebb4caSwyllys rv = KC_ERR_USAGE; 94*99ebb4caSwyllys goto out; 95*99ebb4caSwyllys } 96*99ebb4caSwyllys 97*99ebb4caSwyllys if (filename == NULL) { 98*99ebb4caSwyllys filename = strdup(KMF_DEFAULT_POLICY_FILE); 99*99ebb4caSwyllys if (filename == NULL) { 100*99ebb4caSwyllys rv = KC_ERR_MEMORY; 101*99ebb4caSwyllys goto out; 102*99ebb4caSwyllys } 103*99ebb4caSwyllys } 104*99ebb4caSwyllys 105*99ebb4caSwyllys if (policyname == NULL) { 106*99ebb4caSwyllys (void) fprintf(stderr, 107*99ebb4caSwyllys gettext("You must specify a policy name\n")); 108*99ebb4caSwyllys rv = KC_ERR_USAGE; 109*99ebb4caSwyllys goto out; 110*99ebb4caSwyllys } 111*99ebb4caSwyllys 112*99ebb4caSwyllys if (infile == NULL) { 113*99ebb4caSwyllys (void) fprintf(stderr, 114*99ebb4caSwyllys gettext("You must specify a input DB file\n")); 115*99ebb4caSwyllys rv = KC_ERR_USAGE; 116*99ebb4caSwyllys goto out; 117*99ebb4caSwyllys } 118*99ebb4caSwyllys 119*99ebb4caSwyllys if (strcmp(filename, KMF_DEFAULT_POLICY_FILE) == 0 && 120*99ebb4caSwyllys strcmp(policyname, KMF_DEFAULT_POLICY_NAME) == 0) { 121*99ebb4caSwyllys (void) fprintf(stderr, 122*99ebb4caSwyllys gettext("Can not import the default policy record to " 123*99ebb4caSwyllys "the system default policy database\n")); 124*99ebb4caSwyllys rv = KC_ERR_USAGE; 125*99ebb4caSwyllys goto out; 126*99ebb4caSwyllys } 127*99ebb4caSwyllys 128*99ebb4caSwyllys rv = load_policies(infile, &plclist); 129*99ebb4caSwyllys if (rv != KMF_OK) 130*99ebb4caSwyllys goto out; 131*99ebb4caSwyllys 132*99ebb4caSwyllys pnode = plclist; 133*99ebb4caSwyllys while (pnode != NULL && !found) { 134*99ebb4caSwyllys if (strcmp(policyname, pnode->plc.name) == 0) { 135*99ebb4caSwyllys KMF_RETURN ret; 136*99ebb4caSwyllys 137*99ebb4caSwyllys found++; 138*99ebb4caSwyllys ret = KMF_VerifyPolicy(&pnode->plc); 139*99ebb4caSwyllys if (ret != KMF_OK) { 140*99ebb4caSwyllys print_sanity_error(ret); 141*99ebb4caSwyllys rv = KC_ERR_VERIFY_POLICY; 142*99ebb4caSwyllys break; 143*99ebb4caSwyllys } 144*99ebb4caSwyllys rv = KMF_AddPolicyToDB(&pnode->plc, filename, B_FALSE); 145*99ebb4caSwyllys } 146*99ebb4caSwyllys pnode = pnode->next; 147*99ebb4caSwyllys } 148*99ebb4caSwyllys 149*99ebb4caSwyllys if (!found) { 150*99ebb4caSwyllys (void) fprintf(stderr, 151*99ebb4caSwyllys gettext("Could not find policy \"%s\" in %s\n"), 152*99ebb4caSwyllys policyname, infile); 153*99ebb4caSwyllys rv = KC_ERR_FIND_POLICY; 154*99ebb4caSwyllys } 155*99ebb4caSwyllys 156*99ebb4caSwyllys out: 157*99ebb4caSwyllys if (filename != NULL) 158*99ebb4caSwyllys free(filename); 159*99ebb4caSwyllys 160*99ebb4caSwyllys if (policyname != NULL) 161*99ebb4caSwyllys free(policyname); 162*99ebb4caSwyllys 163*99ebb4caSwyllys if (infile != NULL) 164*99ebb4caSwyllys free(infile); 165*99ebb4caSwyllys 166*99ebb4caSwyllys free_policy_list(plclist); 167*99ebb4caSwyllys 168*99ebb4caSwyllys return (rv); 169*99ebb4caSwyllys } 170